-
Notifications
You must be signed in to change notification settings - Fork 2
/
util.sh
executable file
·376 lines (341 loc) · 12.3 KB
/
util.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
#!/bin/bash
function print_varlist() {
varlist=$(echo "$@" | tr ' ' '\n' | sort)
for varname in $varlist
do
if [ ! -z "${!varname}" ]
then
printf -- "- %-25s %s\n" "${varname}:" "${!varname}"
fi
shift
done
}
function do_help() {
echo "Subcommands:"
for subcommand in $(set | grep "^do_.* \(\)" | sed 's/^do_\(.*\) ()/\1/g')
do
echo "- ${subcommand/_/-}"
done
echo
echo "Notes:"
echo "* This script will detect if it is sourced in and setup an alias."
echo " (^^ does not work from IDE such as VS Code)"
echo "* Creds are placed into the 'creds/' folder."
echo
echo "Useful environment variables to export..."
echo "- BOSH_LOG_LEVEL (set to 'debug' to capture all bosh activity including request/response)"
echo "- BOSH_JUMPBOX_ENABLE (set to any value enable jumpbox user)"
echo "- BOSH_SNAPSHOTS_ENABLE (set to any value to enable snapshots)"
echo "- SERVER_URL (set to HTTPS url of server - not localhost)"
echo "- SERVER_INSECURE (default: false)"
echo "- SERVER_CLIENT_CERT (set to path of TLS client certificate)"
echo "- SERVER_CLIENT_KEY (set to path of TLS client key)"
echo "- SERVER_TYPE ('lxd' or 'incus', default is 'lxd')"
echo "- SERVER_ENABLE_AGENT (set to any value to enable the appropriate agent)"
echo "- BOSH_DEPLOYMENT_DIR (default: \${HOME}/Documents/Source/bosh-deployment)"
echo "- BOSH_PACKAGE_GOLANG_DIR (default ../bosh-package-golang-release)"
echo "- CONCOURSE_DIR when deploying Concourse"
echo "- POSTGRES_DIR when deploying Postgres"
echo "- CPI_DIR (location of bosh-lxd-cpi-release, default '.')"
echo "- CPI_CONFIG_DIR (location of vars files, default to 'CPI_DIR/manifests')"
echo
echo "Configuration values..."
print_varlist server_project_name server_profile_name server_network_name server_storage_pool_name internal_ip \
cpi_dir cpi_config_dir
echo
echo "Currently set environment variables..."
print_varlist BOSH_LOG_LEVEL BOSH_JUMPBOX_ENABLE BOSH_SNAPSHOTS_ENABLE \
SERVER_URL SERVER_INSECURE SERVER_CLIENT_CERT SERVER_CLIENT_KEY \
SERVER_TYPE SERVER_ENABLE_AGENT BOSH_DEPLOYMENT_DIR BOSH_PACKAGE_GOLANG_DIR \
CONCOURSE_DIR POSTGRES_DIR CPI_DIR CPI_CONFIG_DIR
}
function do_stress_test() {
set -eu
delay="${1:-}"
for cmd in destroy deploy_bosh cloud_config runtime_config upload_releases upload_stemcells deploy_postgres deploy_concourse deploy_cf
do
if [ ! -z "${delay}" ]
then
echo "... pausing for ${delay} seconds ..."
sleep ${delay}
fi
do_${cmd}
done
}
function do_final_release() {
set -eu
if [ $# -ne 1 ]
then
echo "Please include version number in command line."
exit 1
fi
version="$1"
bosh create-release --final --version=${version} --tarball=bosh-lxd-cpi-release.tgz
}
function do_fix_blobs() {
golang_releases=${BOSH_PACKAGE_GOLANG_DIR:-"../bosh-package-golang-release"}
if [ -d ./blobs ]
then
rm -rf ./blobs
fi
mkdir ./blobs
for path in $(find ./packages/ -name "golang*")
do
package_name=$(basename $path)
bosh vendor-package ${package_name} ${golang_releases}
done
}
function do_deploy_cf() {
if [ -z "$CF_DEPLOYMENT_DIR" ]
then
echo "Please set CF_DEPLOYMENT_DIR to root of cf-deployment"
exit 1
fi
set -eu
source scripts/bosh-env.sh
export BOSH_DEPLOYMENT=cf
bosh deploy $CF_DEPLOYMENT_DIR/cf-deployment.yml \
-o $CF_DEPLOYMENT_DIR/operations/use-compiled-releases.yml \
-o $CF_DEPLOYMENT_DIR/operations/use-latest-stemcell.yml \
-o $CF_DEPLOYMENT_DIR/operations/override-app-domains.yml \
-o $CF_DEPLOYMENT_DIR/operations/scale-to-one-az.yml \
-o $CF_DEPLOYMENT_DIR/operations/use-haproxy.yml \
-l $cpi_config_dir/cloudfoundry-vars.yml
# -o $CF_DEPLOYMENT_DIR/operations/set-router-static-ips.yml \
}
function do_destroy() {
echo "Destroying all state..."
rm -rf .dev_builds/
rm -rf dev_releases/
rm -rf creds/
rm -f cpi
rm -f state.json
lxc --project ${server_project_name} list --format json |
jq -r '.[] | .name | select(test("vm-[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}"))' |
xargs --verbose --no-run-if-empty --max-args=1 lxc delete -f
lxc --project ${server_project_name} image list --format json |
jq -r '.[] | select(.aliases[0].name // "not present" | test("img-[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}")) | .fingerprint' |
xargs --verbose --no-run-if-empty --max-args=1 lxc image delete
lxc --project ${server_project_name} storage volume list --format json |
jq -r --arg poolname "${server_storage_pool_name}" '.[] | select(.pool == $poolname) | .name' |
xargs --verbose --no-run-if-empty --max-args=1 lxc storage volume delete ${server_storage_pool_name}
echo "Visual confirmation:"
lxc --project ${server_project_name} list
lxc --project ${server_project_name} image list
lxc --project ${server_project_name} storage list
lxc --project ${server_project_name} storage volume list ${server_storage_pool_name}
}
function do_generate_certs() {
cat > creds/bosh-cert-manifest.yml <<EOF
variables:
- name: bosh_ca
type: certificate
options:
is_ca: true
common_name: bosh_ca
duration: 1095
- name: director_ssl
type: certificate
options:
ca: bosh_ca
common_name: ${internal_ip}
alternative_names: [${internal_ip}]
EOF
bosh interpolate creds/bosh-cert-manifest.yml --vars-store creds/bosh-cert.yml
bosh interpolate creds/bosh-cert.yml --path /director_ssl/certificate > bosh-client.crt
bosh interpolate creds/bosh-cert.yml --path /director_ssl/private_key > bosh-client.key
}
function do_deploy_bosh() {
set -eu
bosh_deployment="${BOSH_DEPLOYMENT_DIR:-${HOME}/Documents/Source/bosh-deployment}"
if [ -z "${SERVER_URL:-}" ]
then
echo "SERVER_URL must be set."
exit 1
fi
local_release="${SERVER_LOCAL_RELEASE:-}"
server_url="${SERVER_URL}"
server_insecure="${SERVER_INSECURE:-false}"
server_client_cert="${SERVER_CLIENT_CERT:-}"
server_client_key="${SERVER_CLIENT_KEY:-}"
server_type="${SERVER_TYPE:-lxd}"
server_enable_agent="${SERVER_ENABLE_AGENT:-}"
jumpbox_enable="${BOSH_JUMPBOX_ENABLE:-}"
snapshots_enable="${BOSH_SNAPSHOTS_ENABLE:-}"
resize_disk_enable="${BOSH_RESIZE_DISK_ENABLE:-}"
internal_dns_enable="$(bosh int ${cpi_config_dir}/bosh-vars.yml --path /internal_dns 2>/dev/null || true)"
bosh_args=(--ops-file=${cpi_dir}/ops/enable-${server_type}.yml)
[ ! -z "${jumpbox_enable}" ] && bosh_args+=(--ops-file=${bosh_deployment}/jumpbox-user.yml)
[ ! -z "${snapshots_enable}" ] && bosh_args+=(--ops-file=${cpi_dir}/ops/enable-snapshots.yml)
[ ! -z "${resize_disk_enable}" ] && bosh_args+=(--ops-file=${bosh_deployment}/misc/cpi-resize-disk.yml)
[ ! -z "${internal_dns_enable}" ] && bosh_args+=(--ops-file=${bosh_deployment}/misc/dns.yml)
[ ! -z "${server_enable_agent}" ] && bosh_args+=(--ops-file=${cpi_dir}/ops/enable-${server_type}-agent.yml)
if [ ! -z "${local_release}" ]
then
cpi_path=$PWD/cpi
if [ -d src ]
then
echo "-----> `date`: Create dev release"
bosh create-release --force --tarball $cpi_path
elif [ ! -f ${cpi_path} ]
then
echo "cpi must be at ${cpi_path}"
exit 1
fi
bosh_args+=(--ops-file=${cpi_dir}/ops/local-release.yml --var=cpi_path=${cpi_path})
fi
echo "-----> `date`: Create env"
bosh create-env ${bosh_deployment}/bosh.yml \
--ops-file=${cpi_dir}/cpi.yml \
--ops-file=${bosh_deployment}/bbr.yml \
--ops-file=${bosh_deployment}/uaa.yml \
--ops-file=${bosh_deployment}/credhub.yml \
--state=state.json \
--vars-store=creds/bosh.yml \
--vars-file=${cpi_config_dir}/bosh-vars.yml \
--var=server_url=$server_url \
--var=server_insecure=$server_insecure \
--var-file=server_client_cert=$server_client_cert \
--var-file=server_client_key=$server_client_key "${bosh_args[@]}"
bosh interpolate creds/bosh.yml --path /jumpbox_ssh/private_key > creds/jumpbox.pk
chmod 600 creds/jumpbox.pk
ssh-keygen -f ~/.ssh/known_hosts -R ${internal_ip}
}
function do_capture_requests() {
if [ ! -f log ]
then
echo "Expecting to find 'log' file."
exit 1
fi
if [ -e requests ]
then
rm -rf requests
fi
mkdir -p requests
num=0
grep "STDIN: " log | while read LINE
do
(( num=num+1 ))
echo $LINE | sed -nr "s/STDIN: '(.*)'/\1/p" | json_pp > requests/request-$num.json
done
num=0
grep "STDOUT: " log | while read LINE
do
(( num=num+1 ))
echo $LINE | sed -nr "s/STDOUT: '(.*)'/\1/p" | json_pp > requests/response-$num.json
done
}
function do_cloud_config() {
source scripts/bosh-env.sh
bosh update-cloud-config ${cpi_config_dir}/cloud-config.yml
}
function do_runtime_config() {
source scripts/bosh-env.sh
if [ -z "${BOSH_DEPLOYMENT_DIR}" ]
then
echo "Warning: BOSH_DEPLOYMENT_DIR is not set, not loading the bosh-dns runtime config! (Needed for CF)"
else
bosh update-runtime-config --name bosh-dns ${BOSH_DEPLOYMENT_DIR}/runtime-configs/dns.yml
fi
if [ ! -z "${SERVER_ENABLE_AGENT:-}" ]
then
server_type="${SERVER_ENABLE_AGENT:-lxd}"
bosh update-runtime-config --name ${server_type}-agent ${cpi_dir}/manifests/enable-${server_type}-agent-config.yml
fi
}
function do_upload_stemcells() {
source scripts/bosh-env.sh
NEW_STEMCELLS=""
if [ "new" == "${1-}" ]
then
NEW_STEMCELLS=yes
fi
JAMMY=$(bosh stemcells --json | jq -r '[ .Tables[] | .Rows[] | select(.os == "ubuntu-jammy")] | length')
if [ 0 -ne ${JAMMY} -a -z "${NEW_STEMCELLS}" ]
then
echo "ubuntu-jammy stemcell exists"
else
if [ -f stemcell/ubuntu-jammy-image -a ! -z "${NEW_STEMCELLS}" ]
then
rm stemcell/ubuntu-jammy-image
fi
if [ ! -f stemcell/ubuntu-jammy-image ]
then
echo "Downloading ubuntu-jammy-image"
curl --location --output stemcell/ubuntu-jammy-image \
https://bosh.io/d/stemcells/bosh-openstack-kvm-ubuntu-jammy-go_agent
fi
bosh upload-stemcell stemcell/ubuntu-jammy-image
fi
}
function do_upload_releases() {
source scripts/bosh-env.sh
POSTGRES=$(bosh --json releases | jq -r '[ .Tables[] | .Rows[] | select(.name == "postgres-release") ] | length')
if [ 0 -ne $POSTGRES ]
then
echo "postgres release exists"
else
if [ ! -f release/postgres-release ]
then
echo "Downloading postgres-release"
curl --location --output release/postgres-release \
https://bosh.io/d/github.com/cloudfoundry/postgres-release
fi
bosh upload-release release/postgres-release
fi
}
function do_deploy_concourse() {
if [ -z "$CONCOURSE_DIR" ]
then
echo "Please set CONCOURSE_DIR to root of concourse-bosh-deployment"
exit 1
fi
set -eu
source scripts/bosh-env.sh
export BOSH_DEPLOYMENT=concourse
bosh deploy $CONCOURSE_DIR/cluster/concourse.yml \
-o $CONCOURSE_DIR/cluster/operations/backup-atc.yml \
-o $CONCOURSE_DIR/cluster/operations/basic-auth.yml \
-o $CONCOURSE_DIR/cluster/operations/static-web.yml \
-o $CONCOURSE_DIR/cluster/operations/privileged-http.yml \
-l $CONCOURSE_DIR/versions.yml \
--vars-store=creds/concourse.yml \
-l ${cpi_config_dir}/concourse-vars.yml
}
function do_deploy_postgres() {
if [ -z "$POSTGRES_DIR" ]
then
echo "Please set POSTGRES_DIR to root of postgres-release"
exit 1
fi
set -eu
rm -f creds/postgres.yml
source scripts/bosh-env.sh
export BOSH_DEPLOYMENT=postgres
bosh deploy manifests/postgres.yml \
--vars-store=creds/postgres.yml \
-l manifests/postgres-vars.yml
}
function read_config_file() {
server_project_name=$(bosh interpolate ${cpi_config_dir}/bosh-vars.yml --path /server_project_name)
server_profile_name=$(bosh interpolate ${cpi_config_dir}/bosh-vars.yml --path /server_profile_name)
server_network_name=$(bosh interpolate ${cpi_config_dir}/bosh-vars.yml --path /server_network_name)
server_storage_pool_name=$(bosh interpolate ${cpi_config_dir}/bosh-vars.yml --path /server_storage_pool_name)
internal_ip=$(bosh interpolate ${cpi_config_dir}/bosh-vars.yml --path /internal_ip)
}
if [[ "$0" == "bash" ]]
then
alias util="${BASH_SOURCE}"
echo "'util' now available."
else
mkdir -p creds
mkdir -p stemcell
mkdir -p release
export BOSH_NON_INTERACTIVE=true
cpi_dir=${CPI_DIR:-.}
cpi_config_dir=${CPI_CONFIG_DIR:-$cpi_dir/manifests}
read_config_file
cmd=${1:-help}
shift
do_${cmd/-/_} "$@"
fi