/
Vagrantfile
263 lines (211 loc) · 9.07 KB
/
Vagrantfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
# -*- mode: ruby -*-
# vi: set ft=ruby :
# Networking
private_ip = ENV['PRIVATE_IP'] || "192.168.50.160"
# Base box selection
base_box = ENV['BASE_BOX'] || "bento/ubuntu-16.04"
# Consul variables
consul_host_port = ENV['CONSUL_HOST_PORT'] || 8500
consul_version = ENV['CONSUL_VERSION'] || "1.2.0"
consul_ent_url = ENV['CONSUL_ENT_URL']
consul_group = "consul"
consul_user = "consul"
consul_comment = "Consul"
consul_home = "/srv/consul"
# Vault variables
vault_host_port = ENV['VAULT_HOST_PORT'] || 8200
vault_version = ENV['VAULT_VERSION'] || "0.10.3"
vault_ent_url = ENV['VAULT_ENT_URL']
vault_group = "vault"
vault_user = "vault"
vault_comment = "Vault"
vault_home = "/srv/vault"
# Nomad variables
nomad_host_port = ENV['NOMAD_HOST_PORT'] || 4646
nomad_version = ENV['NOMAD_VERSION'] || "0.8.4"
nomad_ent_url = ENV['NOMAD_ENT_URL']
nomad_group = "root"
nomad_user = "root"
docker_install = ["true", "1"].include?((ENV['DOCKER_INSTALL'] || true).to_s.downcase)
java_install = ["true", "1"].include?((ENV['JAVA_INSTALL'] || true).to_s.downcase)
# Wetty variables
wetty_host_port = ENV['WETTY_HOST_PORT'] || 3030
wetty_install = ["true", "1"].include?((ENV['WETTY_INSTALL'] || true).to_s.downcase)
wetty_group = ENV['WETTY_GROUP'] || "wetty"
wetty_user = ENV['WETTY_USER'] || "wetty"
wetty_password = ENV['WETTY_PASSWORD'] || "wetty"
wetty_comment = "Wetty Web Terminal SSH user"
# Tests & cleanup
run_tests = ["true", "1"].include?((ENV['RUN_TESTS'] || false).to_s.downcase)
cleanup = ["true", "1"].include?((ENV['CLEANUP'] || true).to_s.downcase)
$nomad_setup = <<SCRIPT
echo "Minimal configuration for Nomad UI"
sudo tee /etc/nomad.d/default.hcl > /dev/null <<CONFIG
bind_addr = "0.0.0.0"
advertise {
http = "#{private_ip}:4646"
rpc = "#{private_ip}:4647"
serf = "#{private_ip}:4648"
}
CONFIG
sudo systemctl restart nomad
SCRIPT
Vagrant.configure("2") do |config|
# Use vagrant insecure public key, comment this out to restrict access
config.ssh.insert_key = false
# Setup networking
config.vm.network :private_network, ip: private_ip
config.vm.network "private_network", type: "dhcp"
# Use base_box set at the top of this file
config.vm.box = base_box
config.vm.hostname = "hashistack"
# Copy the Consul, Vault, Nomad, and shared directories to the vm
config.vm.provision "file", source: "../../guides-configuration", destination: "/tmp"
# Bootstrap the vm
config.vm.provision "shell", inline: "bash /tmp/shared/scripts/base.sh"
# Forward Consul port
config.vm.network :forwarded_port, guest: 8500, host: consul_host_port, auto_correct: true
# Setup Consul user
config.vm.provision "shell", inline: "bash /tmp/shared/scripts/setup-user.sh",
env: {
"GROUP" => consul_group,
"USER" => consul_user,
"COMMENT" => consul_comment,
"HOME" => consul_home
}
# Install Consul
config.vm.provision "shell", inline: "bash /tmp/consul/scripts/install-consul.sh",
env: {
"VERSION" => consul_version,
"URL" => consul_ent_url,
"USER" => consul_user,
"GROUP" => consul_group,
}
config.vm.provision "shell", inline: "bash /tmp/consul/scripts/install-consul-systemd.sh"
# Forward Vault port
config.vm.network :forwarded_port, guest: 8200, host: vault_host_port, auto_correct: true
# Setup Vault user
config.vm.provision "shell", inline: "bash /tmp/shared/scripts/setup-user.sh",
env: {
"GROUP" => vault_group,
"USER" => vault_user,
"COMMENT" => vault_comment,
"HOME" => vault_home,
}
# Install Vault
config.vm.provision "shell", inline: "bash /tmp/vault/scripts/install-vault.sh",
env: {
"VERSION" => vault_version,
"URL" => vault_ent_url,
"USER" => vault_user,
"GROUP" => vault_group,
}
config.vm.provision "shell", inline: "bash /tmp/vault/scripts/install-vault-systemd.sh"
# Forward Nomad port
config.vm.network :forwarded_port, guest: 4646, host: nomad_host_port, auto_correct: true
# Install Nomad
config.vm.provision "shell", inline: "bash /tmp/nomad/scripts/install-nomad.sh",
env: {
"VERSION" => nomad_version,
"URL" => nomad_ent_url,
"USER" => nomad_user,
"GROUP" => nomad_group,
}
config.vm.provision "shell", inline: "bash /tmp/nomad/scripts/install-nomad-systemd.sh"
config.vm.provision "shell", inline: $nomad_setup, privileged: false
if (docker_install)
config.vm.provision "shell", inline: "bash /tmp/nomad/scripts/install-docker.sh"
end
if (java_install)
config.vm.provision "shell", inline: "bash /tmp/nomad/scripts/install-java.sh"
end
if (wetty_install)
# Forward Wetty port
config.vm.network :forwarded_port, guest: 3030, host: wetty_host_port, auto_correct: true
# Install Wetty
config.vm.provision "shell", inline: "bash /tmp/shared/scripts/web-terminal.sh"
config.vm.provision "shell", inline: "bash /tmp/shared/scripts/setup-ssh-user.sh",
env: {
"GROUP" => wetty_group,
"USER" => wetty_user,
"PASSWORD" => wetty_password,
"COMMENT" => wetty_comment,
}
end
# Run tests if `RUN_TESTS` env var is provided
if (run_tests)
config.vm.provision "shell", inline: "cd /tmp && bash /tmp/shared/scripts/setup-testing.sh"
config.vm.provision "shell", inline: "cd /tmp && rake hashistack:spec"
end
# Cleanup if `CLEANUP` env var is provided
if (cleanup)
config.vm.provision "shell", inline: "bash /tmp/shared/scripts/cleanup.sh"
end
# Increase memory for Parallels Desktop
config.vm.provider "parallels" do |p, o|
p.memory = "1024"
end
# Increase memory for Virtualbox
config.vm.provider "virtualbox" do |vb|
vb.memory = "1024"
end
# Increase memory for VMware
["vmware_fusion", "vmware_workstation"].each do |p|
config.vm.provider p do |v|
v.vmx["memsize"] = "1024"
end
end
config.vm.post_up_message = "
Your HashiStack dev cluster has been successfully provisioned!
To SSH into the Consul host, run the below command.
$ vagrant ssh
You can now interact with Consul using any of the CLI (https://www.consul.io/docs/commands/index.html)
or API (https://www.consul.io/api/index.html) commands.
# Use the CLI to retrieve the Consul members, write a key/value, and read that key/value
$ consul members
$ consul kv put cli bar=baz
$ consul kv get cli
# Use the API to retrieve the Consul members, write a key/value, and read that key/value
$ curl http://127.0.0.1:8500/v1/agent/members | jq '.'
$ curl -X PUT -d 'bar=baz' http://127.0.0.1:8500/v1/kv/api | jq '.'
$ curl http://127.0.0.1:8500/v1/kv/api | jq '.'
You can interact with Vault using any of the CLI (https://www.vaultproject.io/docs/commands/index.html)
or API (https://www.vaultproject.io/api/index.html) commands.
# The Root token for your Vault -dev instance is set to `root` and placed in /srv/vault/.vault-token,
# the `VAULT_TOKEN` environment variable has already been set for you
$ echo $VAULT_TOKEN
$ sudo cat /srv/vault/.vault-token
# Use the CLI to write and read a generic secret
$ vault kv put secret/cli foo=bar
$ vault kv get secret/cli
# Use the API to write and read a generic secret
$ curl -H \"X-Vault-Token: $VAULT_TOKEN\" -X POST -d '{\"data\": {\"bar\":\"baz\"}}' http://127.0.0.1:8200/v1/secret/data/api | jq '.'
$ curl -H \"X-Vault-Token: $VAULT_TOKEN\" http://127.0.0.1:8200/v1/secret/data/api | jq '.'
You can interact with Nomad using any of the CLI (https://www.nomadproject.io/docs/commands/index.html)
or API (https://www.nomadproject.io/api/index.html) commands.
$ nomad server-members # Check Nomad's server members
$ nomad node-status # Check Nomad's client nodes
$ nomad init # Create a skeletion job file to deploy a Redis Docker container
# Use the CLI to deploy a Redis Docker container
$ nomad plan example.nomad # Run a nomad plan on the example job
$ nomad run example.nomad # Run the example job
$ nomad status # Check that the job is running
$ nomad status example # Check job details
$ nomad stop example # Stop the example job
$ nomad status # Check that the job is stopped
# Use the API to deploy a Redis Docker container
$ nomad run -output example.nomad > example.json # Convert the example Nomad HCL job file to JSON
$ curl -X POST -d @example.json http://127.0.0.1:4646/v1/job/example/plan | jq '.' # Run a nomad plan on the example job
$ curl -X POST -d @example.json http://127.0.0.1:4646/v1/job/example | jq '.' # Run the example job
$ curl -X GET http://127.0.0.1:4646/v1/jobs | jq '.' # Check that the job is running
$ curl -X GET http://127.0.0.1:4646/v1/job/example | jq '.' # Check job details
$ curl -X DELETE http://127.0.0.1:4646/v1/job/example | jq '.' # Stop the example job
$ curl -X GET http://127.0.0.1:4646/v1/jobs | jq '.' # Check that the job is stopped
Visit the Consul UI: http://#{private_ip}:#{consul_host_port}/
Visit the Vault UI: http://#{private_ip}:#{vault_host_port}/
Visit the Nomad UI: http://#{private_ip}:#{nomad_host_port}/
#{wetty_install ? 'Visit the Web Terminal (u: ' + wetty_user + '/p: ' + wetty_password + '): http://' + private_ip + ':' + wetty_host_port.to_s : ''}
Don't forget to tear your VM down after.
$ vagrant destroy
"
end