From f22a1e2eaa02036639397804605db5fe3a2d36ac Mon Sep 17 00:00:00 2001 From: Teddy Fontaine Date: Wed, 1 Jun 2022 08:05:58 +0200 Subject: [PATCH] feat: add support script to install Nomad & Consul cluster (#9) --- README.md | 13 +++ cluster.sh | 4 + config.properties | 19 ++++- scripts/tools/700_install_nomad.sh | 121 ++++++++++++++++++++++++++++ scripts/tools/701_install_consul.sh | 12 +++ 5 files changed, 168 insertions(+), 1 deletion(-) create mode 100644 scripts/tools/700_install_nomad.sh create mode 100644 scripts/tools/701_install_consul.sh diff --git a/README.md b/README.md index 26b45cd..c82480c 100644 --- a/README.md +++ b/README.md @@ -142,6 +142,19 @@ rancher.tls.san=192.168.2.211 # --docker-rancher docker.rancher.id.scripts=[150, 600] docker.rancher.version=master-cd623b5d9bbed1628ebe6f3f9687b473e61dbebf-head + +# Nomad +# ${CONFIG_NOMAD_*} +# --nomad +nomad.id.scripts=[150, 700, 701] +nomad.version=1.3.1+ent +nomad.consul.version=1.12.1 +nomad.datacenter=dc1 +nomad.data.dir=/opt/nomad +nomad.server.enable=true +nomad.server.acl=true +nomad.server.bootstrap_expect=1 +nomad.client.enable=true ``` ## Full install for WSL2 or other linux diff --git a/cluster.sh b/cluster.sh index fc642d6..1f2eabd 100755 --- a/cluster.sh +++ b/cluster.sh @@ -237,6 +237,10 @@ if [[ " $@ " =~ --docker-rancher ]]; then setConfig "id.scripts" "${config['id.scripts']} ${config['docker.rancher.id.scripts']}" fi +if [[ " $@ " =~ --nomad ]]; then + setConfig "id.scripts" "${config['id.scripts']} ${config['nomad.id.scripts']}" +fi + if [[ " $@ " =~ --version ]]; then echo ${VERSION} exit 0 diff --git a/config.properties b/config.properties index 15619c8..92b1826 100644 --- a/config.properties +++ b/config.properties @@ -61,4 +61,21 @@ rancher.tls.san=192.168.2.211 # ${CONFIG_DOCKER-RANCHER_*} # --docker-rancher docker.rancher.id.scripts=[150, 600] -docker.rancher.version=master-cd623b5d9bbed1628ebe6f3f9687b473e61dbebf-head \ No newline at end of file +docker.rancher.version=master-cd623b5d9bbed1628ebe6f3f9687b473e61dbebf-head + +# Nomad +# ${CONFIG_NOMAD_*} +# --nomad +nomad.id.scripts=[150, 700, 701] +# https://releases.hashicorp.com/nomad/1.3.1+ent/nomad_1.3.1+ent_linux_arm64.zip +nomad.version=1.3.1+ent +# readelf -a /proc/self/exe | grep -q -c Tag_ABI_VFP_args && echo "armhf" || echo "armel" +# https://releases.hashicorp.com/consul/1.12.1/consul_1.12.1_linux_arm64.zip +nomad.consul.version=1.12.1 +nomad.datacenter=dc1 +nomad.data.dir=/opt/nomad +# TODO: add TLS -> https://learn.hashicorp.com/tutorials/nomad/security-enable-tls +nomad.server.enable=true +nomad.server.acl=true +nomad.server.bootstrap_expect=1 +nomad.client.enable=true diff --git a/scripts/tools/700_install_nomad.sh b/scripts/tools/700_install_nomad.sh new file mode 100644 index 0000000..0f198ee --- /dev/null +++ b/scripts/tools/700_install_nomad.sh @@ -0,0 +1,121 @@ +#!/usr/bin/env bash + +set -e + +mkdir -p /opt/startup + +# Nomad install + +cat < /opt/startup/700_install_nomad.sh +#!/usr/bin/env bash + +ARCH=arm64 + +curl --silent --remote-name https://releases.hashicorp.com/nomad/${CONFIG_NOMAD_VERSION}/nomad_${CONFIG_NOMAD_VERSION}_linux_${ARCH}.zip + +unzip nomad_${CONFIG_NOMAD_VERSION}_linux_${ARCH}.zip +sudo chown root:root nomad +sudo mv nomad /usr/local/bin/ +nomad version +nomad -autocomplete-install +complete -C /usr/local/bin/nomad nomad +sudo mkdir --parents /opt/nomad +sudo useradd --system --home /etc/nomad.d --shell /bin/false nomad + +sudo systemctl enable nomad +sudo systemctl start nomad +sudo systemctl status nomad + +if [[ ${CONFIG_NOMAD_SERVER_ACL} == true ]]; then + nomad acl bootstrap > ${CONFIG_NOMAD_DATA_DIR}/acl.keys +fi + +EOF + +chmod +x /opt/startup/700_install_nomad.sh + +# Nomad service startup + +cat < /etc/systemd/system/nomad.service +[Unit] +Description=Nomad +Documentation=https://www.nomadproject.io/docs/ +Wants=network-online.target +After=network-online.target + +# When using Nomad with Consul it is not necessary to start Consul first. These +# lines start Consul before Nomad as an optimization to avoid Nomad logging +# that Consul is unavailable at startup. +#Wants=consul.service +#After=consul.service + +[Service] + +# Nomad server should be run as the nomad user. Nomad clients +# should be run as root +User=nomad +Group=nomad + +ExecReload=/bin/kill -HUP \$MAINPID +ExecStart=/usr/local/bin/nomad agent -config /etc/nomad.d +KillMode=process +KillSignal=SIGINT +LimitNOFILE=65536 +LimitNPROC=infinity +Restart=on-failure +RestartSec=2 + +## Configure unit start rate limiting. Units which are started more than +## *burst* times within an *interval* time span are not permitted to start any +## more. Use `StartLimitIntervalSec` or `StartLimitInterval` (depending on +## systemd version) to configure the checking interval and `StartLimitBurst` +## to configure how many starts per interval are allowed. The values in the +## commented lines are defaults. + +# StartLimitBurst = 5 + +## StartLimitIntervalSec is used for systemd versions >= 230 +# StartLimitIntervalSec = 10s + +## StartLimitInterval is used for systemd versions < 230 +# StartLimitInterval = 10s + +TasksMax=infinity +OOMScoreAdjust=-1000 + +[Install] +WantedBy=multi-user.target + +EOF + +# Nomad configuration + +sudo mkdir -p /etc/nomad.d +sudo chmod 700 /etc/nomad.d + +sudo mkdir -p "${CONFIG_NOMAD_DATA_DIR}" + +cat < /etc/nomad.d/nomad.hcl +datacenter = "${CONFIG_NOMAD_datacenter}" +data_dir = "${CONFIG_NOMAD_DATA_DIR}" + +EOF + +cat < /etc/nomad.d/server.hcl +server { + enabled = ${CONFIG_NOMAD_SERVER_ENABLE} + bootstrap_expect = ${CONFIG_NOMAD_SERVER_BOOTSTRAP_EXPECT} +} + +acl { + enabled = ${CONFIG_NOMAD_SERVER_ACL} +} + +EOF + +cat < /etc/nomad.d/client.hcl +client { + enabled = ${CONFIG_NOMAD_SERVER_ENABLE} +} + +EOF diff --git a/scripts/tools/701_install_consul.sh b/scripts/tools/701_install_consul.sh new file mode 100644 index 0000000..d02cbe6 --- /dev/null +++ b/scripts/tools/701_install_consul.sh @@ -0,0 +1,12 @@ +#!/usr/bin/env bash + +set -e + +mkdir -p /opt/startup + +cat < /opt/startup/701_install_consul.sh +#!/usr/bin/env bash + +EOF + +chmod +x /opt/startup/701_install_consul.sh \ No newline at end of file