Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

Add demo VM build tool

  • Loading branch information...
commit 1f5da4b1e7bb7541f321b87edbfa3fdc6a6e302c 1 parent a7bcb28
Christian Hofstaedtler authored April 10, 2012
1  .gitignore
... ...
@@ -1 +1,2 @@
1 1
 src
  2
+tmp
3  .mrconfig
@@ -40,3 +40,6 @@ checkout = checkout_hs hs-sshgateway
40 40
 
41 41
 [src/hs-usercontrolpanel]
42 42
 checkout = checkout_hs hs-usercontrolpanel
  43
+
  44
+[src/app-templates]
  45
+checkout = checkout_hs app-templates
49  README.md
Source Rendered
... ...
@@ -1,8 +1,8 @@
1 1
 HostingStack build scripts
2 2
 ==========================
3 3
 
4  
-Base requirement: Debian wheezy, amd64
5  
-Preferably as a physical machine. At least 10G+ FREE disk space.
  4
+Base requirement: Debian wheezy, x86-64.
  5
+Preferably as a fast machine, VM is okay. At least 10G+ FREE disk space.
6 6
 
7 7
 WARNING: At this time most of the repositories are not yet public.
8 8
 
@@ -26,6 +26,51 @@ Building packages
26 26
 Run `mr run build`.
27 27
 
28 28
 
  29
+Building a demo VM
  30
+------------------
  31
+
  32
+  * Preparations above done.
  33
+  * Ran `mr run build` once, successfully.
  34
+  * Run ./build-vm demo.raw
  35
+    * or, for a VMware VM, run ./build-vm --format vmdk demo.vmdk
  36
+  * Load demo.img or demo.vmdk in a Hypervisor of your choice, and give
  37
+    it some time to boot. 3GB RAM minimum.
  38
+  * After bootup it will create templates, this will take some minutes.
  39
+
  40
+If you have a Debian mirror near you, also set --mirror http://url.to.mirror/debian .
  41
+
  42
+
  43
+
  44
+Demo VM Info
  45
+------------
  46
+
  47
+The default passwords are `CHANGEME`. This applies to user root (for
  48
+SSH), and to the admin account (demo1@hostingstack.org) and the
  49
+normal user (demo2@hostingstack.org).
  50
+
  51
+SSL for applications is currently disabled.
  52
+
  53
+In a production setup, the various services would be split over multiple
  54
+machines.
  55
+
  56
+Important ports:
  57
+
  58
+  * Port 9100, HTTP: Enduser control panel
  59
+  * Port 9000, HTTP: Admin dashboard
  60
+  * Port 80, HTTP: application port
  61
+  * Port 443: HTTP/SSL: application port
  62
+  * Port 2200: Enduser SSH
  63
+  * Port 22: SSH for management (PAM auth)
  64
+
  65
+Not-so-important ports:
  66
+
  67
+  * Port 9200: internal storage
  68
+  * Port 3142: APT cache
  69
+  * Redis, PostgreSQL, MySQL run on their default ports
  70
+  * Port 9090: HSAgent Thrift server
  71
+
  72
+
  73
+
29 74
 Legalese
30 75
 --------
31 76
 
118  build-vm
... ...
@@ -0,0 +1,118 @@
  1
+#!/usr/bin/env ruby
  2
+require 'fileutils'
  3
+require 'getoptlong'
  4
+
  5
+class Builder
  6
+  def initialize
  7
+    @basepath = File.expand_path('../', __FILE__)
  8
+    @vmformat = 'raw'
  9
+    @mirror = 'http://cdn.debian.net/debian'
  10
+    @vzver = "042stab053.5"
  11
+    @outfile = nil
  12
+  end
  13
+
  14
+  def usage
  15
+    puts <<-EOF
  16
+build-vm [OPTION] ... FILE
  17
+
  18
+-h, --help             Show this help
  19
+--format [format]      Select VM disk format (raw [def], qcow2, vmdk)
  20
+--mirror [url]         Debian mirror to use
  21
+                         (def: #{@mirror})
  22
+
  23
+FILE: output filename
  24
+EOF
  25
+  end
  26
+
  27
+  def run
  28
+    opts = GetoptLong.new(
  29
+                          [ '--help', '-h',   GetoptLong::NO_ARGUMENT       ],
  30
+                          [ '--format',       GetoptLong::REQUIRED_ARGUMENT ],
  31
+                          [ '--mirror',       GetoptLong::REQUIRED_ARGUMENT ],
  32
+                          )
  33
+
  34
+    opts.each do |opt, arg|
  35
+      case opt
  36
+      when '--help'
  37
+        usage
  38
+        exit 0
  39
+      when '--format'
  40
+        @vmformat = arg
  41
+      when '--mirror'
  42
+        @mirror = arg
  43
+      end
  44
+    end
  45
+
  46
+    outfile = ARGV.shift
  47
+    if outfile.nil? || outfile.empty?
  48
+      usage
  49
+      exit 1
  50
+    end
  51
+    @outfile = File.expand_path(outfile)
  52
+
  53
+    puts "HostingStack/hs-build build-vm"
  54
+    puts " * Using basepath \"#{@basepath}\""
  55
+    puts " * Writing VM image to \"#{@outfile}\""
  56
+
  57
+    prepare_kernels
  58
+    build_vm
  59
+
  60
+    puts " * Done."
  61
+  end
  62
+
  63
+  def system(cmdline)
  64
+    Kernel.system(cmdline)
  65
+    raise "Command \"#{cmdline}\" failed with error code #{$?.exitstatus}" unless $?.exitstatus == 0
  66
+  end
  67
+
  68
+  def prepare_kernels
  69
+    kernels = File.join(@basepath, 'tmp/kernels')
  70
+    puts " * Preparing OpenVZ Kernels ..."
  71
+    FileUtils.mkdir_p kernels
  72
+    def download_vzkernel(path, rpm)
  73
+      return if File.exist?(File.join(path, rpm))
  74
+      system "cd \"#{path}\" && wget http://download.openvz.org/kernel/branches/rhel6-2.6.32/#{@vzver}/#{rpm}"
  75
+    end
  76
+    def make_vzkernel(path, rpm, deb)
  77
+      return if File.exist?(File.join(path, deb))
  78
+      download_vzkernel path, rpm
  79
+      system "cd \"#{path}\" && fakeroot alien -k -d #{rpm}"
  80
+    end
  81
+    make_vzkernel kernels, "vzkernel-2.6.32-#{@vzver}.x86_64.rpm", "vzkernel_2.6.32-#{@vzver}_amd64.deb"
  82
+    make_vzkernel kernels, "vzkernel-devel-2.6.32-#{@vzver}.x86_64.rpm", "vzkernel-devel_2.6.32-#{@vzver}_amd64.deb"
  83
+  end
  84
+
  85
+  def build_vm
  86
+    post_scripts = File.join(@basepath, 'util/build/post-scripts')
  87
+    packages = File.join(@basepath, 'util/build/packages')
  88
+    puts " * Building VM image ..."
  89
+    vmfile = @outfile
  90
+    if @vmformat != 'raw'
  91
+      vmfile = vmfile + '.tmp'
  92
+    end
  93
+
  94
+    cmdline = "sudo HS_BASEPATH=\"#{@basepath}\" grml-debootstrap --vmfile "
  95
+    cmdline << " -r wheezy --arch amd64 --filesystem ext3 --force"
  96
+    cmdline << " --vmsize 4G --hostname demo --password CHANGEME"
  97
+    cmdline << " -t #{vmfile}"
  98
+    cmdline << " --mirror #{@mirror}"
  99
+    cmdline << " --scripts #{post_scripts}"
  100
+    cmdline << " --packages #{packages}"
  101
+    puts "   * Running \"#{cmdline}\" ..."
  102
+    system(cmdline)
  103
+
  104
+    if @vmformat != 'raw'
  105
+      puts "   * Converting to format #{@vmformat} ..."
  106
+      system("qemu-img convert -p -f raw -O #{@vmformat} #{vmfile} #{@outfile}")
  107
+      File.unlink vmfile
  108
+    end
  109
+  end
  110
+end
  111
+
  112
+begin
  113
+  Builder.new.run
  114
+rescue => e
  115
+  puts e
  116
+  exit 1
  117
+end
  118
+exit 0
2  setup.sh
@@ -5,7 +5,7 @@ set -e
5 5
 BASEDIR=$(readlink -f .)
6 6
 
7 7
 echo " * Installing packages..."
8  
-sudo apt-get install -y pbuilder mr bundler ruby1.9.1-full
  8
+sudo apt-get install -y pbuilder mr bundler ruby1.9.1-full grml-debootstrap build-essential alien fakeroot wget
9 9
 
10 10
 echo " * Setting up pbuilder..."
11 11
 cat <<EOF | sudo tee /etc/pbuilder/hsrc
109  util/build/hspostinst
... ...
@@ -0,0 +1,109 @@
  1
+#!/bin/bash
  2
+echo HostingStack postinst starting
  3
+echo Installing postgresql
  4
+apt-get install -y postgresql postgresql-9.1
  5
+echo Installing HostingStack packages
  6
+PACKAGES=$(cat /root/packages/list)
  7
+DEBIAN_FRONTEND=noninteractive apt-get install --allow-unauthenticated -y $PACKAGES
  8
+rm -f /etc/apt/sources.list.d/hslocal.list
  9
+
  10
+echo Services configuration ...
  11
+echo PG
  12
+echo 'host  all   all   0.0.0.0/0   md5' >> /etc/postgresql/9.1/main/pg_hba.conf
  13
+echo "listen_addresses = '*'" >> /etc/postgresql/9.1/main/postgresql.conf
  14
+invoke-rc.d postgresql restart
  15
+
  16
+echo MySQL
  17
+grep -v 'bind-address' /etc/mysql/my.cnf > /tmp/my.cnf
  18
+cp /tmp/my.cnf /etc/mysql/my.cnf; rm /tmp/my.cnf
  19
+invoke-rc.d mysql restart
  20
+
  21
+echo Monit
  22
+cat <<EOCONF >/etc/monit/monitrc
  23
+set daemon 10
  24
+set logfile syslog facility log_daemon
  25
+set httpd port 2812
  26
+        allow admin:monit
  27
+
  28
+include /var/lib/hs/monit
  29
+EOCONF
  30
+invoke-rc.d monit restart
  31
+
  32
+echo Memcached
  33
+invoke-rc.d memcached stop
  34
+sed -i 's/ENABLE_MEMCACHED=yes/ENABLE_MEMCACHED=no/' /etc/default/memcached
  35
+
  36
+echo HostingStack shared
  37
+cat <<EOCONF >/etc/hs/shared/hs.yml
  38
+production:
  39
+  cc_api_host: http://localhost:9000
  40
+  codemanager_host : http://localhost:9200
  41
+  cc_api_user: CCUSER
  42
+  cc_api_password: CCCHANGEME
  43
+  billing_api_user: BILLINGUSER
  44
+  billing_api_password: BILLINGCHANGEME
  45
+  agent_api_user: AGENTUSER
  46
+  agent_api_password: AGENTCHANGEME
  47
+  redis: 127.0.0.1:6379
  48
+EOCONF
  49
+
  50
+echo HostingStack ERF
  51
+cat <<EOCONF >>/etc/hs/envroot-factory/production.rb
  52
+host_ip = %x{ip route get 4.4.4.4}.chomp.split[6]
  53
+\$config[:apt_sources] = <<EOSOURCES
  54
+deb http://#{host_ip}:3142/cdn.debian.net/debian squeeze main non-free contrib
  55
+deb http://#{host_ip}:3142/cdn.debian.net/debian squeeze-updates main non-free contrib
  56
+deb http://#{host_ip}:3142/security.debian.org/ squeeze/updates main non-free contrib
  57
+EOSOURCES
  58
+EOCONF
  59
+
  60
+echo Debian nginx
  61
+export RAILS_ENV=production
  62
+find /srv/hs-archive -type d -print0 | xargs -0 chown www-data:adm
  63
+rm -f /etc/nginx/sites-enabled/default
  64
+/etc/init.d/nginx restart
  65
+
  66
+echo Enable envroot-factory workers
  67
+update-service -a /usr/lib/hs/envroot-factory/services/hs-envroot-factory-1
  68
+update-service -a /usr/lib/hs/envroot-factory/services/hs-envroot-factory-2
  69
+update-service -a /usr/lib/hs/envroot-factory/services/hs-envroot-factory-3
  70
+update-service -a /usr/lib/hs/envroot-factory/services/hs-envroot-factory-4
  71
+update-service -a /usr/lib/hs/envroot-factory/services/hs-envroot-factory-5
  72
+
  73
+echo HostingStack CloudController DB Setup
  74
+HOST_IP=$(ip route get 4.4.4.4 | awk '/src/{print $7}')
  75
+su - postgres -c "echo UPDATE servers SET name=\'$(hostname -s)\', internal_ip=\'$HOST_IP\', external_ip=\'$HOST_IP\' WHERE name=\'host\' | psql hscloudcontroller"
  76
+echo enable CC workers
  77
+update-service -a /usr/lib/hs/cloudcontroller/services/hs-cloudcontroller-ruote-worker
  78
+update-service -a /usr/lib/hs/cloudcontroller/services/hs-cloudcontroller-rrs-worker
  79
+update-service -a /usr/lib/hs/cloudcontroller/services/hs-cloudcontroller-task-worker
  80
+update-service -a /usr/lib/hs/cloudcontroller/services/hs-cloudcontroller-http
  81
+
  82
+echo HostingStack UCP
  83
+update-service -a /usr/lib/hs/usercontrolpanel/services/hs-usercontrolpanel-http
  84
+
  85
+echo Create user for postgres service agent
  86
+su postgres -c "echo CREATE USER hs_service_pg ENCRYPTED PASSWORD \'CHANGEME\' SUPERUSER | psql"
  87
+echo Create user for mysql service agent
  88
+echo "CREATE USER 'hs_svc'@'localhost' IDENTIFIED BY 'CHANGEME'; GRANT ALL PRIVILEGES ON *.* TO 'hs_svc'@'localhost' WITH GRANT OPTION;" | mysql --defaults-file=/etc/mysql/debian.cnf
  89
+echo HostingStack Agent
  90
+update-service -a /usr/lib/hs/agent/services/hs-agent-main
  91
+update-service -a /usr/lib/hs/agent/services/hs-agent-worker
  92
+
  93
+echo HostingStack ssh-gateway
  94
+update-service -a /usr/lib/hs/sshgateway/services/hs-sshgateway
  95
+
  96
+echo HostingStack http-gateway
  97
+#echo Configure correct ssl certificates
  98
+#sed -i -e 's/ssl_certificate .*/ssl_certificate \/etc\/ssl\/private\/wildcard.solidrails.net.pem;/' /etc/hs/httpgateway/hs-httpgateway.conf
  99
+#sed -i -e 's/ssl_certificate_key .*/ssl_certificate_key \/etc\/ssl\/private\/wildcard.solidrails.net.key;/' /etc/hs/httpgateway/hs-httpgateway.conf
  100
+# remove comments from https block (quick'n'dirty'n'goingtofail)
  101
+#sed -i -e 's/^#//g' /etc/hs/httpgateway/hs-httpgateway.conf
  102
+echo Create empty key-material tcb
  103
+tcbmgr create /var/lib/hs/cloud.tcb
  104
+tcbmgr create /var/lib/hs/key_material.tcb
  105
+/etc/init.d/hs-httpgateway restart
  106
+
  107
+echo hspostinst done
  108
+mv /var/hspostinst /var/hspostinst.done
  109
+
62  util/build/packages
... ...
@@ -0,0 +1,62 @@
  1
+grub2
  2
+bootlogd
  3
+aptitude
  4
+cron
  5
+file
  6
+less
  7
+ntp
  8
+rsync
  9
+openssh-server
  10
+strace
  11
+time
  12
+procinfo
  13
+locales
  14
+pciutils usbutils
  15
+lvm2
  16
+dhcp3-client
  17
+vzctl
  18
+
  19
+rake
  20
+ruby1.9.1-full
  21
+ruby-switch
  22
+redis-server
  23
+sysstat
  24
+nginx-extras
  25
+memcached
  26
+postgresql-client-9.1
  27
+monit
  28
+daemontools-run
  29
+sqlite3
  30
+squid3
  31
+apt-cacher-ng
  32
+mysql-server
  33
+
  34
+apt-utils
  35
+tokyocabinet-bin
  36
+wget
  37
+vim
  38
+telnet
  39
+iptables
  40
+curl
  41
+perl
  42
+
  43
+wget
  44
+dnsutils
  45
+psmisc
  46
+kexec-tools
  47
+
  48
+alien
  49
+
  50
+libsqlite3-ruby1.8
  51
+
  52
+sudo
  53
+debootstrap
  54
+python2.7
  55
+python2.6
  56
+bundler
  57
+unzip
  58
+pigz
  59
+wamerican-huge
  60
+python-minimal python python-support openssl ca-certificates dbconfig-common liberror-perl git-man git ssl-cert postgresql-common
  61
+python-crypto python-openssl python-pam python-paramiko python-pkg-resources python-serial python-twisted-bin python-zope.interface
  62
+python-twisted-core zip
91  util/build/post-scripts/10-install-stuff
... ...
@@ -0,0 +1,91 @@
  1
+#!/bin/bash
  2
+set -e
  3
+if [ -z "$MNTPOINT" ] ; then
  4
+  echo "Please run $0 inside grml-debootstrap or export MNTPOINT" >&2
  5
+  exit 1
  6
+fi
  7
+if [ -z "$HS_BASEPATH" ]; then
  8
+  echo "Please run $0 inside build-vm or export HS_BASEPATH" >&2
  9
+  exit 1
  10
+fi
  11
+
  12
+echo " * Copying Application Templates ..."
  13
+mkdir -p "$MNTPOINT"/srv/hs-archive/storage/template/
  14
+cp -v "$HS_BASEPATH"/src/app-templates/*.zip "$MNTPOINT"/srv/hs-archive/storage/template/
  15
+mkdir -p "$MNTPOINT"/mnt/shared-data/
  16
+
  17
+mkdir -p "$MNTPOINT"/root/packages
  18
+pushd "$MNTPOINT"/root/packages
  19
+
  20
+echo " * Copying HostingStack packages ..."
  21
+cp -v "$HS_BASEPATH"/src/*.deb "$MNTPOINT"/root/packages/
  22
+echo " * Copying Kernels ..."
  23
+cp -v "$HS_BASEPATH"/tmp/kernels/*.deb "$MNTPOINT"/root/packages/
  24
+
  25
+chroot "$MNTPOINT" bash -c "cd /root/packages/ && apt-ftparchive packages ." > "$MNTPOINT"/root/packages/Packages
  26
+echo "deb file:///root/packages/ ./" >> "$MNTPOINT"/etc/apt/sources.list.d/hslocal.list
  27
+chroot "$MNTPOINT" apt-get update
  28
+
  29
+echo " * Installing OpenVZ Kernels ..."
  30
+chroot "$MNTPOINT" apt-get install --allow-unauthenticated vzkernel vzkernel-devel
  31
+KVERS=$(basename "$MNTPOINT"/boot/symvers-* .gz | sed -e 's/symvers-//')
  32
+chroot "$MNTPOINT" update-initramfs -c -k ${KVERS}
  33
+
  34
+# sigh
  35
+rm -f "$MNTPOINT"/var/lib/dpkg/info/linux-image-*.prerm
  36
+chmod -x "$MNTPOINT"/etc/kernel/postrm.d/zz-update-grub
  37
+chroot "$MNTPOINT" apt-get remove --purge -y linux-image\*
  38
+chmod +x "$MNTPOINT"/etc/kernel/postrm.d/zz-update-grub
  39
+
  40
+echo " * Caching HostingStack packages for install after reboot ..."
  41
+PACKAGES=$(grep 'Package: hs-' "$MNTPOINT"/root/packages/Packages | awk '{print $2}' | tr '\n' ' ')
  42
+PACKAGES="postgresql $PACKAGES"
  43
+chroot "$MNTPOINT" apt-get install -y -d --allow-unauthenticated $PACKAGES
  44
+
  45
+echo " * Installing hs-agent ..."
  46
+chroot "$MNTPOINT" apt-get install -y --allow-unauthenticated hs-agent
  47
+cat <<EOF > "$MNTPOINT"/etc/hs/agent/iptables-local.erb
  48
+# Written by build-vm
  49
+*filter
  50
+-A net2fw-LOCAL -p tcp -m tcp --dport 22 -j ACCEPT -m comment --comment "SSH management"
  51
+-A net2fw-LOCAL -p tcp -m tcp --dport 9000 -j ACCEPT -m comment --comment "Admin dashboard"
  52
+-A net2fw-LOCAL -p tcp -m tcp --dport 9100 -j ACCEPT -m comment --comment "UCP"
  53
+-A net2fw-HS -p tcp -m tcp --dport 2200 -j ACCEPT -m comment --comment "gateway: Allow SSH traffic to SSH gateway"
  54
+COMMIT
  55
+EOF
  56
+
  57
+popd
  58
+
  59
+sed -i 's/RAMTMP=yes/RAMTMP=no/' "$MNTPOINT"/etc/default/rcS
  60
+sed -i '/\/sys/d' "$MNTPOINT"/etc/fstab
  61
+
  62
+cat <<EOF >> "$MNTPOINT"/etc/network/interfaces
  63
+auto eth0
  64
+iface eth0 inet dhcp
  65
+EOF
  66
+
  67
+cat <<EOF > "$MNTPOINT"/etc/rc.local
  68
+#!/bin/sh
  69
+if [ -f /var/hspostinst ]; then
  70
+  /var/hspostinst 2>&1 | tee -a /var/log/hspostinst.log
  71
+fi
  72
+
  73
+HOST_IP=\$(ip route get 4.4.4.4 | awk '/src/{print \$7}')
  74
+cat <<EOI > /etc/issue
  75
+HostingStack Platform on \n -- Terminal \l
  76
+Management: http://\$HOST_IP:9100/
  77
+UCP:        http://\$HOST_IP:9000/
  78
+EOI
  79
+
  80
+exit 0
  81
+EOF
  82
+
  83
+echo "${PACKAGES}" > "$MNTPOINT"/root/packages/list
  84
+cp "$HS_BASEPATH"/util/build/hspostinst "$MNTPOINT"/var/hspostinst
  85
+chmod a+x "$MNTPOINT"/var/hspostinst
  86
+
  87
+echo "The new VM has these SSH Keys:"
  88
+for key in "$MNTPOINT"/etc/ssh/ssh_host_*_key.pub ; do
  89
+  chroot "$MNTPOINT" ssh-keygen -l -f ${key##$MNTPOINT}
  90
+done
  91
+echo "-----------------------------------------------------------------"

0 notes on commit 1f5da4b

Please sign in to comment.
Something went wrong with that request. Please try again.