-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcloud-config.go
103 lines (94 loc) · 2.94 KB
/
cloud-config.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
package main
import (
"strconv"
"github.com/DimensionDataResearch/go-dd-cloud-compute/compute"
"github.com/gin-gonic/gin"
"gopkg.in/yaml.v2"
)
// GenerateCloudConfig creates the outer cloud-config (customised for the specified server) that directs the iPXE-booted image to install RancherOS.
//
// The outer cloud-config writes the inner cloud-config to a file and then uses that to drive the RancherOS setup.
func (app *Application) GenerateCloudConfig(server compute.Server) (cloudConfig gin.H, err error) {
var innerCloudConfig string
innerCloudConfig, err = app.GenerateInnerCloudConfig(server)
if err != nil {
return
}
cloudConfig = gin.H{
"write_files": []gin.H{
gin.H{
"path": "/opt/rancher/bin/install.yml",
"permissions": "0700",
"content": innerCloudConfig,
},
gin.H{
"path": "/opt/rancher/bin/start.sh",
"permissions": "0700",
"content": rancherOSInstallScript,
},
},
}
return
}
// GenerateInnerCloudConfig creates customised (host-specific) cloud-config for the specified server.
func (app *Application) GenerateInnerCloudConfig(server compute.Server) (cloudConfig string, err error) {
var serializedCloudConfig []byte
serializedCloudConfig, err = yaml.Marshal(gin.H{
"hostname": server.Name,
"rancher": gin.H{
"console": app.ROSConsole,
"sysctl": gin.H{
"vm.max_map_count": 262144,
},
"network": gin.H{
"interfaces": gin.H{
"eth*": gin.H{"dhcp": false},
"eth0": gin.H{
"addresses": []string{
*server.Network.PrimaryAdapter.PrivateIPv4Address + "/" + strconv.Itoa(app.VLAN.IPv4Range.PrefixSize),
*server.Network.PrimaryAdapter.PrivateIPv6Address + "/" + strconv.Itoa(app.VLAN.IPv6Range.PrefixSize),
},
"gateway": app.VLAN.IPv4GatewayAddress,
"gateway_ipv6": app.VLAN.IPv6GatewayAddress,
"mtu": 1500,
},
"dns": gin.H{
"nameservers": []string{
app.RancherOSDNS,
},
},
},
},
"services_include": gin.H{
"open-vm-tools": true,
},
"services": gin.H{
"rancher-agent1": gin.H{
"image": app.RancherAgentVersion,
"command": app.RancherAgentURL,
"privileged": true,
"volumes": []string{
"/var/run/docker.sock:/var/run/docker.sock",
"/var/lib/rancher:/var/lib/rancher",
},
"environment": gin.H{
"CATTLE_AGENT_IP": *server.Network.PrimaryAdapter.PrivateIPv4Address,
},
},
},
},
"ssh_authorized_keys": []string{app.SSHPublicKeyFromYML},
"runcmd": []string{
"echo " + app.SSHVaultCAFromYML + ">/etc/ssh/trusted-user-ca-keys.pem",
"echo \"TrustedUserCAKeys /etc/ssh/trusted-user-ca-keys.pem\" >>/etc/ssh/sshd_config",
"sudo kill -HUP \\$(ps ax |gmrep \"sshd -D\" | grep -v grep | awk \"{ print $1 }\")",
"sudo yum -y install epel-release",
"sudo yum - install openssh-clients",
},
})
if err != nil {
return
}
cloudConfig = "#cloud-config\n" + string(serializedCloudConfig)
return
}