[CORD-3083]v2 Fix scripts to pass shellcheck
This also paramterizes the username on remote systems
Made invoking copy-ssh-keys.sh optional, as it isn't
required if the user has already distributed keys.
Change-Id: I8d35af47281b77ab0b36bb4cd31a136e850ab0e2
diff --git a/developer/tag_and_push.sh b/developer/tag_and_push.sh
index a76670c..add3272 100644
--- a/developer/tag_and_push.sh
+++ b/developer/tag_and_push.sh
@@ -45,21 +45,14 @@
echo " "
# reading docker images
- DOCKER_IMAGES_STR=$(docker images --format="{{.Repository}} {{.Tag}}" --filter "dangling=false" | grep -v none | grep "^xosproject")
- DOCKER_IMAGES=($DOCKER_IMAGES_STR)
+ DOCKER_IMAGES=$(docker images --format="{{.Repository}}:{{.Tag}}" --filter "dangling=false" | grep -v none | grep "^xosproject")
- # looping over docker images
- IMAGELIST_LENGTH=${#DOCKER_IMAGES[@]}
- while [ $IMAGELIST_LENGTH -gt 0 ]
+ # split string to list only on newlines
+ IFS=$'\n'
+ for image in $DOCKER_IMAGES;
do
- IMAGE=${DOCKER_IMAGES[0]}:${DOCKER_IMAGES[1]}
-
- docker tag $IMAGE $DOCKER_REGISTRY/$IMAGE
- docker push $DOCKER_REGISTRY/$IMAGE
-
- # removing the already tagged and pushed image
- DOCKER_IMAGES=("${DOCKER_IMAGES[@]:2}")
- IMAGELIST_LENGTH=${#DOCKER_IMAGES[@]}
+ docker tag "$image $DOCKER_REGISTRY/$image"
+ docker push "$DOCKER_REGISTRY/$image"
done
}
@@ -86,10 +79,10 @@
break
;;
*)
- echo Error: Unknown option: $CLI_OPT >&2
+ echo Error: Unknown option: "$CLI_OPT" >&2
echo " "
display_help
exit -1
;;
esac
-done
\ No newline at end of file
+done
diff --git a/kubespray-installer/copy-ssh-keys.sh b/kubespray-installer/copy-ssh-keys.sh
index 4683779..34833b4 100755
--- a/kubespray-installer/copy-ssh-keys.sh
+++ b/kubespray-installer/copy-ssh-keys.sh
@@ -1,25 +1,39 @@
#!/usr/bin/env bash
+
+# Copyright 2018-present Open Networking Foundation
#
-# Copyright 2017-present Open Networking Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
+# Licensed under the Apache License, Version 2.0 (the "License"); you may not
+# use this file except in compliance with the License. You may obtain a copy
+# of the License at:
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations under
+# the License.
-NODES=($@)
+# copy-ssh-keys.sh - Adds ssh keys to nodes given as parameters to the script,
+# after removing them from the ~/.ssh/known_hosts file on the local system.
+#
+# This script should be run interactively as it will prompt for input, and only
+# invoked once, so as not to add multiple copies of the SSH key to the remote
+# system.
-for NODE in "${NODES[@]}";
+set -e -u -o pipefail
+
+REMOTE_SSH_USER="${REMOTE_SSH_USER:-cord}"
+SSH_PUBKEY_PATH="${SSH_PUBKEY_PATH:-${HOME}/.ssh/id_rsa.pub}"
+
+SSH_PUBKEY=$(cat "${SSH_PUBKEY_PATH}")
+
+for NODE in "$@";
do
+ # remove key for this node from local ~/.ssh/known_hosts file
ssh-keygen -R "${NODE}"
- ssh "cord@${NODE}" 'mkdir -p .ssh'
- ssh "cord@${NODE}" 'cat >> .ssh/authorized_keys' < ~/.ssh/id_rsa.pub
-done
+ # copy the ssh key to the remote system ~/.ssh/authorized_keys file
+ # shellcheck disable=SC2029
+ ssh "${REMOTE_SSH_USER}@${NODE}" "umask 0077 && mkdir -p ~/.ssh && echo \"${SSH_PUBKEY}\" >> ~/.ssh/authorized_keys"
+done
diff --git a/kubespray-installer/k8s-configs.yaml b/kubespray-installer/k8s-configs.yaml
index cb8ae78..b998a06 100644
--- a/kubespray-installer/k8s-configs.yaml
+++ b/kubespray-installer/k8s-configs.yaml
@@ -15,12 +15,8 @@
#
- hosts: localhost
-
vars:
- tryluca:
- - one
- - two
- - three
+ kubespray_remote_ssh_user: "cord"
tasks:
# Edit all.yml variable file
@@ -33,7 +29,7 @@
- name: Add default Ansible user
lineinfile:
path: inventories/{{ deployment_name }}/group_vars/all.yml
- line: 'ansible_user: cord'
+ line: 'ansible_user: {{ kubespray_remote_ssh_user }}'
- name: Give sudoer permissions
lineinfile:
diff --git a/kubespray-installer/setup.sh b/kubespray-installer/setup.sh
index 6c89bfc..380eabf 100755
--- a/kubespray-installer/setup.sh
+++ b/kubespray-installer/setup.sh
@@ -18,41 +18,36 @@
# Installs Kubespray on remote target machines.
#
-set +e -u -o pipefail
+set -e -u -o pipefail
install_kubespray () {
# Cleanup Old Kubespray Installations
- echo -e "\nCleaning Up Old Kubespray Installation" && \
+ echo "Cleaning Up Old Kubespray Installation"
rm -rf kubespray
# Download Kubespray
- echo -e "\nDownloading Kubespray" && \
- git clone https://github.com/kubernetes-incubator/kubespray.git -b v2.4.0 && \
+ echo "Downloading Kubespray"
+ git clone https://github.com/kubernetes-incubator/kubespray.git -b "v2.4.0"
# Generate inventory and var files
- echo -e "\nGenerating The Inventory File" && \
- rm -rf "inventories/${DEPLOYMENT_NAME}" && \
- cp -r "kubespray/inventory inventories/${DEPLOYMENT_NAME}" && \
- CONFIG_FILE="inventories/${DEPLOYMENT_NAME}/inventory.cfg" python3 kubespray/contrib/inventory_builder/inventory.py "${NODES[@]}" && \
+ echo "Generating The Inventory File"
+ rm -rf "inventories/${DEPLOYMENT_NAME}"
+ cp -r kubespray/inventory "inventories/${DEPLOYMENT_NAME}"
+ CONFIG_FILE="inventories/${DEPLOYMENT_NAME}/inventory.cfg" python3 kubespray/contrib/inventory_builder/inventory.py "${NODES[@]}"
- # Edit inventory var files
- NODE_LIST=$(echo "${NODES[@]}")
- ansible-playbook k8s-configs.yaml --extra-vars "deployment_name=${DEPLOYMENT_NAME} k8s_nodes='${NODE_LIST}'"
-
- # Copy SSH keys
- echo -e "\nCopying Public SSH Keys To Remote Machines" && \
- source copy-ssh-keys.sh "${NODES[@]}" && \
+ # Add configuration to inventory
+ ansible-playbook k8s-configs.yaml --extra-vars "deployment_name=${DEPLOYMENT_NAME} k8s_nodes='${NODES[*]}' kubespray_remote_ssh_user='${REMOTE_SSH_USER}'"
# Prepare Target Machines
- echo -e "\nInstalling Prerequisites On Remote Machines" && \
- ansible-playbook -i "inventories/${DEPLOYMENT_NAME}/inventory.cfg" k8s-requirements.yaml && \
+ echo "Installing Prerequisites On Remote Machines"
+ ansible-playbook -i "inventories/${DEPLOYMENT_NAME}/inventory.cfg" k8s-requirements.yaml
# Install Kubespray
- echo -e "\nInstalling Kubespray" && \
- ansible-playbook -i "inventories/${DEPLOYMENT_NAME}/inventory.cfg" kubespray/cluster.yml -b -v && \
+ echo "Installing Kubespray"
+ ansible-playbook -i "inventories/${DEPLOYMENT_NAME}/inventory.cfg" kubespray/cluster.yml -b -v
# Export the Kubespray Config Location
- echo -e "\nLoading Kubespray Configuration" && \
+ echo "Loading Kubespray Configuration"
cp kubespray/artifacts/admin.conf "configs/${DEPLOYMENT_NAME}.conf"
}
@@ -67,17 +62,19 @@
# Helm init
#
helm_init () {
- echo -e "\nInitializing Helm" && \
- source_kubeconfig "$DEPLOYMENT_NAME" && \
+ echo "Initializing Helm"
+ source_kubeconfig "$DEPLOYMENT_NAME"
helm init --upgrade
+ echo "Waiting a minute for Tiller to start"
+ sleep 60
}
#
# Deploy an insecure registry
#
deploy_insecure_registry () {
- echo -e "\nDeploying insecure registry" && \
- source_kubeconfig "$DEPLOYMENT_NAME" && \
+ echo "Deploying insecure registry"
+ source_kubeconfig "$DEPLOYMENT_NAME"
helm install stable/docker-registry --set service.nodePort=30500,service.type=NodePort -n docker-registry
}
@@ -110,7 +107,7 @@
echo " "
echo "Example usages:"
echo " ./setup.sh -i podname 192.168.10.100 192.168.10.101 192.168.10.102"
- echo " ./setup.sh -i podname (detault is 10.90.0.101 10.90.0.102 10.90.0.103)"
+ echo " ./setup.sh -i podname (default is 10.90.0.101 10.90.0.102 10.90.0.103)"
echo " source setup.sh -s podname"
}
@@ -120,17 +117,19 @@
CLI_OPT=$1
DEPLOYMENT_NAME=$2
shift 2
-DEFAULT_NODES="10.90.0.101 10.90.0.102 10.90.0.103"
-NODES=(${@:-$DEFAULT_NODES})
+DEFAULT_NODES=(10.90.0.101 10.90.0.102 10.90.0.103)
+NODES=("${@:-${DEFAULT_NODES[@]}}")
+
+REMOTE_SSH_USER="${REMOTE_SSH_USER:-cord}"
while :
do
case $CLI_OPT in
-i | --install)
check_pod_name
- install_kubespray "$DEPLOYMENT_NAME" "$NODES"
- helm_init "$DEPLOYMENT_NAME"
- deploy_insecure_registry "$DEPLOYMENT_NAME"
+ install_kubespray
+ helm_init
+ deploy_insecure_registry
exit 0
;;
-h | --help)
@@ -139,7 +138,7 @@
;;
-s | --source)
check_pod_name
- source_kubeconfig "$DEPLOYMENT_NAME"
+ source_kubeconfig
return 0
;;
--) # End of all options