You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@dlab.apache.org by my...@apache.org on 2020/02/05 10:50:42 UTC

[incubator-dlab] 01/04: [DLAB-1430] - Prepare post-deployment configuration scripts for SSN

This is an automated email from the ASF dual-hosted git repository.

mykolabodnar pushed a commit to branch DLAB-1430
in repository https://gitbox.apache.org/repos/asf/incubator-dlab.git

commit 2494f70e356b3fabafa39de1e6904950d2d520d6
Author: Mykola_Bodnar1 <bo...@gmail.com>
AuthorDate: Thu Jan 30 11:06:06 2020 +0200

    [DLAB-1430] - Prepare post-deployment configuration scripts for SSN
---
 .../scripts/post_deployment_configuration.py       | 84 ++++++++++++++++++++++
 .../scripts/post_deployment_configuration.sh       | 56 +++++++++++++++
 2 files changed, 140 insertions(+)

diff --git a/infrastructure-provisioning/scripts/post_deployment_configuration.py b/infrastructure-provisioning/scripts/post_deployment_configuration.py
new file mode 100644
index 0000000..b5a9ffd
--- /dev/null
+++ b/infrastructure-provisioning/scripts/post_deployment_configuration.py
@@ -0,0 +1,84 @@
+#!/usr/bin/python
+
+# *****************************************************************************
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+# ******************************************************************************
+
+from fabric.api import *
+import argparse
+import os
+import requests
+
+if __name__ == "__main__":
+
+    parser = argparse.ArgumentParser()
+    parser.add_argument('--keycloak_realm_name', type=str, default='dlab', help='Keycloak Realm name')
+    parser.add_argument('--keycloak_auth_server_url', type=str, default='dlab', help='Keycloak auth server URL')
+    parser.add_argument('--keycloak_client_name', type=str, default='dlab', help='Keycloak client name')
+    parser.add_argument('--keycloak_client_secret', type=str, default='dlab', help='Keycloak client secret')
+    parser.add_argument('--keycloak_user', type=str, default='dlab', help='Keycloak user')
+    parser.add_argument('--keycloak_user_password', type=str, default='keycloak-user-password',
+                        help='Keycloak user password')
+    args = parser.parse_args()
+
+    headers = {
+        'Metadata-Flavor': 'Google',
+    }
+
+    server_external_ip = requests.post('http://metadata/computeMetadata/v1/instance/network-interfaces/0/access-configs/0/external-ip', headers=headers).text
+    dlab_sbn = requests.post('http://metadata/computeMetadata/v1/instance/name', headers=headers).text
+    dlab_zone = requests.post('http://metadata/computeMetadata/v1/instance/zone', headers=headers).text
+    dlab_region = '-'.join(dlab_zone.split('-', 2)[:2])
+    deployment_vpcId = local("sudo gcloud compute instances describe {0} --zone {1} --format 'value(networkInterfaces.network)' | sed 's|.*/||'".format(dlab_sbn, dlab_zone), capture=True)
+    deployment_subnetId = local("sudo gcloud compute instances describe {0} --zone {1} --format 'value(networkInterfaces.subnetwork)' | sed 's|.*/||'".format(dlab_sbn, dlab_zone), capture=True)
+    gcp_projectId = requests.get('http://metadata/computeMetadata/v1/project/project-id', headers=headers).text
+    keycloak_redirectUri = 'http://{}'.format(server_external_ip)
+
+    local('sed -i "s|DLAB_SBN|{}|g" /opt/dlab/conf/self-service.yml'.format(dlab_sbn))
+    local('sed - i "s|KEYCLOAK_REDIRECTURI|{}|g" /opt/dlab/conf/self-service.yml'.format(keycloak_redirectUri))
+    local('sed - i "s|KEYCLOAK_REALM_NAME|{}|g" /opt/dlab/conf/self-service.yml'.format(args.keycloak_realm_name))
+    local('sed - i "s|KEYCLOAK_AUTH_SERVER_URL|{}|g" /opt/dlab/conf/self-service.yml'.format(args.keycloak_auth_server_url))
+    local('sed - i "s|KEYCLOAK_CLIENT_NAME|{}|g" /opt/dlab/conf/self-service.yml'.format(args.keycloak_client_name))
+    local('sed - i "s|KEYCLOAK_CLIENT_SECRET|{}|g" /opt/dlab/conf/self-service.yml'.format(args.keycloak_client_secret))
+
+    local('sed - i "s|KEYCLOAK_REALM_NAME|{}|g" /opt/dlab/conf/provisioning.yml'.format(args.keycloak_realm_name))
+    local('sed - i "s|KEYCLOAK_AUTH_SERVER_URL|{}|g" /opt/dlab/conf/provisioning.yml'.format(args.keycloak_auth_server_url))
+    local('sed - i "s|KEYCLOAK_CLIENT_NAME|{}|g" /opt/dlab/conf/provisioning.yml'.format(args.keycloak_client_name))
+    local('sed - i "s|KEYCLOAK_CLIENT_SECRET|{}|g" /opt/dlab/conf/provisioning.yml'.format(args.keycloak_client_secret))
+    local('sed - i "s|DLAB_SBN|{}|g" /opt/dlab/conf/provisioning.yml'.format(dlab_sbn))
+    local('sed - i "s|SUBNET_ID|{}|g" /opt/dlab/conf/provisioning.yml'.format(deployment_subnetId))
+    local('sed - i "s|DLAB_REGION|{}|g" /opt/dlab/conf/provisioning.yml'.format(dlab_region))
+    local('sed - i "s|DLAB_ZONE|{}|g" /opt/dlab/conf/provisioning.yml'.format(dlab_zone))
+    local('sed - i "s|SSN_VPC_ID|{}|g" /opt/dlab/conf/provisioning.yml'.format(deployment_vpcId))
+    local('sed - i "s|GCP_PROJECT_ID|{}|g" /opt/dlab/conf/provisioning.yml'.format(gcp_projectId))
+    local('sed - i "s|KEYCLOAK_USER|{}|g" /opt/dlab/conf/provisioning.yml'.format(args.keycloak_user))
+    local('sed - i "s|KEYCLOAK_USER_PASSWORD|{}|g" /opt/dlab/conf/provisioning.yml'.format(args.keycloak_user_password))
+
+    local('sed - i "s|DLAB_SBN|{}|g" /opt/dlab/sources/infrastructure-provisioning/src/general/conf/overwrite.ini'.format(dlab_sbn))
+    local('sed - i "s|GCP_PROJECT_ID|{}|g" /opt/dlab/sources/infrastructure-provisioning/src/general/conf/overwrite.ini'.format(gcp_projectId))
+    local('sed - i "s|DLAB_REGION|{}|g" /opt/dlab/sources/infrastructure-provisioning/src/general/conf/overwrite.ini'.format(dlab_region))
+    local('sed - i "s|DLAB_ZONE|{}|g" /opt/dlab/sources/infrastructure-provisioning/src/general/conf/overwrite.ini'.format(dlab_zone))
+    local('sed - i "s|KEYCLOAK_REALM_NAME|{}|g" /opt/dlab/sources/infrastructure-provisioning/src/general/conf/overwrite.ini'.format(args.keycloak_realm_name))
+    local('sed - i "s|KEYCLOAK_AUTH_SERVER_URL|{}|g" /opt/dlab/sources/infrastructure-provisioning/src/general/conf/overwrite.ini'.format(args.keycloak_auth_server_url))
+    local('sed - i "s|KEYCLOAK_CLIENT_NAME|{}|g" /opt/dlab/sources/infrastructure-provisioning/src/general/conf/overwrite.ini'.format(args.keycloak_client_name))
+    local('sed - i "s|KEYCLOAK_CLIENT_SECRET|{}|g" /opt/dlab/sources/infrastructure-provisioning/src/general/conf/overwrite.ini'.format(args.keycloak_client_secret))
+    local('sed - i "s|KEYCLOAK_USER|{}|g" /opt/dlab/sources/infrastructure-provisioning/src/general/conf/overwrite.ini'.format(args.keycloak_user))
+    local('sed - i "s|KEYCLOAK_USER_PASSWORD|{}|g" /opt/dlab/sources/infrastructure-provisioning/src/general/conf/overwrite.ini'.format(args.keycloak_user_password))
+
diff --git a/infrastructure-provisioning/scripts/post_deployment_configuration.sh b/infrastructure-provisioning/scripts/post_deployment_configuration.sh
new file mode 100644
index 0000000..234e108
--- /dev/null
+++ b/infrastructure-provisioning/scripts/post_deployment_configuration.sh
@@ -0,0 +1,56 @@
+#!/bin/bash
+
+server_external_ip=$(curl -H "Metadata-Flavor: Google" http://metadata/computeMetadata/v1/instance/network-interfaces/0/access-configs/0/external-ip)
+sed -i "s|SERVER_IP|$server_external_ip|g" /etc/nginx/conf.d/nginx_proxy.conf
+systemctl restart nginx
+
+dlab_sbn=$(curl -H "Metadata-Flavor: Google" http://metadata/computeMetadata/v1/instance/name)
+
+KEYCLOAK_REDIRECTURI='http://'$server_external_ip
+KEYCLOAK_REALM_NAME='dlab'
+KEYCLOAK_AUTH_SERVER_URL='https://idp.demo.dlabanalytics.com/auth'
+KEYCLOAK_CLIENT_NAME=$dlab_sbn'-ui'
+KEYCLOAK_CLIENT_SECRET='e235f2b6-a5e0-448a-837d-465d1a4990f7'
+KEYCLOAK_USER='admin'
+KEYCLOAK_USER_PASSWORD='v7rdj2ckHgAdJj54'
+
+sed -i "s|DLAB_SBN|$dlab_sbn|g" /opt/dlab/conf/self-service.yml
+sed -i "s|KEYCLOAK_REDIRECTURI|$KEYCLOAK_REDIRECTURI|g" /opt/dlab/conf/self-service.yml
+sed -i "s|KEYCLOAK_REALM_NAME|$KEYCLOAK_REALM_NAME|g" /opt/dlab/conf/self-service.yml
+sed -i "s|KEYCLOAK_AUTH_SERVER_URL|$KEYCLOAK_AUTH_SERVER_URL|g" /opt/dlab/conf/self-service.yml
+sed -i "s|KEYCLOAK_CLIENT_NAME|$KEYCLOAK_CLIENT_NAME|g" /opt/dlab/conf/self-service.yml
+sed -i "s|KEYCLOAK_CLIENT_SECRET|$KEYCLOAK_CLIENT_SECRET|g" /opt/dlab/conf/self-service.yml
+sed -i "s|KEYCLOAK_REALM_NAME|$KEYCLOAK_REALM_NAME|g" /opt/dlab/conf/provisioning.yml
+sed -i "s|KEYCLOAK_AUTH_SERVER_URL|$KEYCLOAK_AUTH_SERVER_URL|g" /opt/dlab/conf/provisioning.yml
+sed -i "s|KEYCLOAK_CLIENT_NAME|$KEYCLOAK_CLIENT_NAME|g" /opt/dlab/conf/provisioning.yml
+sed -i "s|KEYCLOAK_CLIENT_SECRET|$KEYCLOAK_CLIENT_SECRET|g" /opt/dlab/conf/provisioning.yml
+
+ssn_subnetId=$(sudo gcloud compute instances describe $dlab_sbn --zone us-west1-a | awk -F/ '/subnetwork: / {print $11}')
+dlab_zone=$(curl -H "Metadata-Flavor: Google" http://metadata/computeMetadata/v1/instance/zone | awk -F/ '{print $4}')
+dlab_region=$(echo $dlab_zone | awk '{print substr($0, 1, length($0)-2)}')
+ssn_vpcId=$(curl -H "Metadata-Flavor: Google" http://metadata/computeMetadata/v1/instance/network-interfaces/0/network | awk -F/ '{print $4}')
+gcp_projectId=$(curl -H "Metadata-Flavor: Google" http://metadata/computeMetadata/v1/project/project-id)
+
+sed -i "s|DLAB_SBN|$dlab_sbn|g" /opt/dlab/conf/provisioning.yml
+sed -i "s|SUBNET_ID|$ssn_subnetId|g" /opt/dlab/conf/provisioning.yml
+sed -i "s|DLAB_REGION|$dlab_region|g" /opt/dlab/conf/provisioning.yml
+sed -i "s|DLAB_ZONE|$dlab_zone|g" /opt/dlab/conf/provisioning.yml
+sed -i "s|SSN_VPC_ID|$ssn_vpcId|g" /opt/dlab/conf/provisioning.yml
+sed -i "s|GCP_PROJECT_ID|$gcp_projectId|g" /opt/dlab/conf/provisioning.yml
+sed -i "s|KEYCLOAK_USER|$KEYCLOAK_USER|g" /opt/dlab/conf/provisioning.yml
+sed -i "s|KEYCLOAK_USER_PASSWORD|$KEYCLOAK_USER_PASSWORD|g" /opt/dlab/conf/provisioning.yml
+
+sed -i "s|DLAB_SBN|$dlab_sbn|g" /opt/dlab/sources/infrastructure-provisioning/src/general/conf/overwrite.ini
+sed -i "s|GCP_PROJECT_ID|$gcp_projectId|g" /opt/dlab/sources/infrastructure-provisioning/src/general/conf/overwrite.ini
+sed -i "s|DLAB_REGION|$dlab_region|g" /opt/dlab/sources/infrastructure-provisioning/src/general/conf/overwrite.ini
+sed -i "s|DLAB_ZONE|$dlab_zone|g" /opt/dlab/sources/infrastructure-provisioning/src/general/conf/overwrite.ini
+sed -i "s|KEYCLOAK_REALM_NAME|$KEYCLOAK_REALM_NAME|g" /opt/dlab/sources/infrastructure-provisioning/src/general/conf/overwrite.ini
+sed -i "s|KEYCLOAK_AUTH_SERVER_URL|$KEYCLOAK_AUTH_SERVER_URL|g" /opt/dlab/sources/infrastructure-provisioning/src/general/conf/overwrite.ini
+sed -i "s|KEYCLOAK_CLIENT_NAME|$KEYCLOAK_CLIENT_NAME|g" /opt/dlab/sources/infrastructure-provisioning/src/general/conf/overwrite.ini
+sed -i "s|KEYCLOAK_CLIENT_SECRET|$KEYCLOAK_CLIENT_SECRET|g" /opt/dlab/sources/infrastructure-provisioning/src/general/conf/overwrite.ini
+sed -i "s|KEYCLOAK_USER|$KEYCLOAK_USER|g" /opt/dlab/sources/infrastructure-provisioning/src/general/conf/overwrite.ini
+sed -i "s|KEYCLOAK_USER_PASSWORD|$KEYCLOAK_USER_PASSWORD|g" /opt/dlab/sources/infrastructure-provisioning/src/general/conf/overwrite.ini
+
+supervisorctl restart all
+
+cd /opt/dlab/sources/infrastructure-provisioning/src/ && docker-build all
\ No newline at end of file


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@dlab.apache.org
For additional commands, e-mail: commits-help@dlab.apache.org