From acf623f9cc8a94d4a87a78d432d192aab843c212 Mon Sep 17 00:00:00 2001
From: George Sedov <george.sedov@desy.de>
Date: Wed, 16 Feb 2022 18:01:54 +0100
Subject: [PATCH] add missing files
---
deploy/asapo_services/consul.hcl.tpl | 34 ++++++++++
deploy/asapo_services/jobs-start | 18 +++++
deploy/asapo_services/jobs-stop | 9 +++
deploy/asapo_services/nomad.hcl.tpl | 63 ++++++++++++++++++
deploy/asapo_services/orchestr_config.py | 81 +++++++++++++++++++++++
deploy/asapo_services/scripts/provider.tf | 5 ++
deploy/asapo_services/supervisord.conf | 20 ++++++
7 files changed, 230 insertions(+)
create mode 100644 deploy/asapo_services/consul.hcl.tpl
create mode 100755 deploy/asapo_services/jobs-start
create mode 100755 deploy/asapo_services/jobs-stop
create mode 100644 deploy/asapo_services/nomad.hcl.tpl
create mode 100644 deploy/asapo_services/orchestr_config.py
create mode 100644 deploy/asapo_services/scripts/provider.tf
create mode 100644 deploy/asapo_services/supervisord.conf
diff --git a/deploy/asapo_services/consul.hcl.tpl b/deploy/asapo_services/consul.hcl.tpl
new file mode 100644
index 000000000..fb2e5bb25
--- /dev/null
+++ b/deploy/asapo_services/consul.hcl.tpl
@@ -0,0 +1,34 @@
+"bind_addr" = "$advertise_ip"
+
+enable_script_checks = true
+
+recursors = $recursors
+
+domain = "asapo"
+
+datacenter = "dc1"
+data_dir = "/var/consul"
+log_level = "INFO"
+
+enable_syslog = false
+enable_debug = false
+ui = true
+
+addresses = {
+"http" = "0.0.0.0"
+}
+
+node_meta = {
+ ib_address = "$ib_address"
+}
+
+server = $is_server
+$bootstrap_expect_string
+
+rejoin_after_leave = true
+retry_join = $server_adresses
+
+telemetry = {
+ disable_compat_1.9 = false
+ prometheus_retention_time = "24h"
+}
diff --git a/deploy/asapo_services/jobs-start b/deploy/asapo_services/jobs-start
new file mode 100755
index 000000000..cb24f6ad9
--- /dev/null
+++ b/deploy/asapo_services/jobs-start
@@ -0,0 +1,18 @@
+#!/usr/bin/env bash
+
+if [ ! -f /var/nomad/token ] && [ "${ACL_ENABLED}" = "true" ]; then
+ nomad acl bootstrap > /var/nomad/bootstrap && \
+ cat /var/nomad/bootstrap | grep Secret | awk '{print $4}' > /var/nomad/token && \
+ cp /var/nomad/token $NOMAD_ALLOC_DIR/nomad_token
+ cat /var/nomad/token
+fi
+
+if [ -f /var/run/asapo/user_vars.tfvars ]; then
+ USER_VAR_FILE="-var-file=/var/run/asapo/user_vars.tfvars"
+fi
+
+cd /var/run/asapo && terraform apply -auto-approve $USER_VAR_FILE "$@"
+
+if [ "${ACL_ENABLED}" = "true" ]; then
+ cat /var/nomad/token
+fi
diff --git a/deploy/asapo_services/jobs-stop b/deploy/asapo_services/jobs-stop
new file mode 100755
index 000000000..4a2b10319
--- /dev/null
+++ b/deploy/asapo_services/jobs-stop
@@ -0,0 +1,9 @@
+#!/usr/bin/env bash
+
+#export NOMAD_TOKEN=`cat /var/nomad/token `
+
+if [ -f /var/run/asapo/user_vars.tfvars ]; then
+ USER_VAR_FILE="-var-file=/var/run/asapo/user_vars.tfvars"
+fi
+
+cd /var/run/asapo && terraform destroy -auto-approve $USER_VAR_FILE "$@"
diff --git a/deploy/asapo_services/nomad.hcl.tpl b/deploy/asapo_services/nomad.hcl.tpl
new file mode 100644
index 000000000..4f7477faa
--- /dev/null
+++ b/deploy/asapo_services/nomad.hcl.tpl
@@ -0,0 +1,63 @@
+advertise {
+ http = "$advertise_ip"
+ rpc = "$advertise_ip"
+ serf = "$advertise_ip"
+}
+
+acl {
+ enabled = $acl_enabled
+}
+
+server {
+ enabled = $is_server
+ $bootstrap_expect_string
+}
+
+data_dir = "/var/nomad"
+
+client {
+ enabled = true
+ alloc_dir="$nomad_alloc_dir"
+ meta {
+ "asapo_service" = $is_asapo_lightweight_service_node
+ "ib_address" = "$ib_address"
+ }
+ template {
+ disable_file_sandbox = true
+ }
+}
+
+plugin "docker" {
+ config {
+ endpoint = "$docker_endpoint"
+ gc {
+ image = false
+ }
+ tls {
+ cert = "/etc/nomad/cert.pem"
+ key = "/etc/nomad/key.pem"
+ ca = "/etc/nomad/ca.pem"
+ }
+ volumes {
+ enabled = true
+ }
+ allow_privileged = true
+
+ }
+}
+
+plugin "raw_exec" {
+ config {
+ enabled = true
+ }
+}
+
+telemetry {
+ collection_interval = "1s"
+ disable_hostname = true
+ prometheus_metrics = true
+ publish_allocation_metrics = true
+ publish_node_metrics = true
+}
+
+
diff --git a/deploy/asapo_services/orchestr_config.py b/deploy/asapo_services/orchestr_config.py
new file mode 100644
index 000000000..52f5da0e6
--- /dev/null
+++ b/deploy/asapo_services/orchestr_config.py
@@ -0,0 +1,81 @@
+import time
+import argparse
+from string import Template
+import socket
+import json
+import os
+
+def in_server_list(ip,server_names, check_single=False):
+ servers = json.loads(server_names)
+ if len(servers) == 1 and check_single == False:
+ return "true"
+ for server in json.loads(server_names):
+ try:
+ server_ip = socket.gethostbyname(server)
+ except:
+ server_ip = server
+ if ip == server_ip:
+ return "true"
+ return "false"
+
+def my_get_env(name,default):
+ res = os.getenv(name)
+ if res == None or res=='':
+ res = default
+ if default=='':
+ raise Exception(name + ' not set')
+ return res
+
+def set_parameters():
+ d = {}
+ try:
+ my_ip = socket.gethostbyname(socket.gethostname())
+ except:
+ print ("cannot define own ip")
+ my_ip = "127.0.0.1"
+
+ d['docker_endpoint']=my_get_env('DOCKER_ENDPOINT',"unix:///var/run/docker.sock")
+ d['advertise_ip']=my_get_env('ADVERTISE_IP',my_ip)
+ d['n_servers']=my_get_env('N_SERVERS',1)
+ d['server_adresses']=my_get_env('SERVER_ADRESSES','["'+socket.gethostname()+'"]')
+ d['is_server']=in_server_list(d['advertise_ip'],d['server_adresses'])
+ if d['is_server']=="true":
+ d['bootstrap_expect_string'] = "bootstrap_expect = "+ str(d['n_servers'])
+ else:
+ d['bootstrap_expect_string'] = ""
+ d['ib_address']=my_get_env('IB_ADDRESS',"none")
+ d['acl_enabled']=my_get_env('ACL_ENABLED',"false")
+ d['nomad_alloc_dir']=my_get_env('NOMAD_ALLOC_DIR','')
+ d['recursors']=my_get_env('RECURSORS','["8.8.8.8"]')
+ lightweight_service_nodes=my_get_env('ASAPO_LIGHTWEIGHT_SERVICE_NODES','[]')
+ d['is_asapo_lightweight_service_node']=in_server_list(d['advertise_ip'],lightweight_service_nodes, True)
+ d['use_telemetry'] = my_get_env('NOMAD_TELEMETRY','false')
+ d['telegraf_address'] = my_get_env('TELEGRAF_ADDRESS','localhost:8125')
+
+ return d
+
+def process_file(file_in,file_out):
+ print ("processing " + file_in+" to "+file_out)
+ filein = open(file_in)
+ src = Template(filein.read())
+ d = set_parameters()
+ with open(file_out, "w") as out:
+ out.write(src.substitute(d))
+
+if __name__ == '__main__':
+
+ parser = argparse.ArgumentParser()
+
+ parser.add_argument('--input-files', action='store', dest='input_files',nargs="*",required=True)
+ parser.add_argument('--output-files', action='store', dest='output_files',nargs="*",required=True)
+
+ args = parser.parse_args()
+
+ pairs = list(zip(args.input_files, args.output_files))
+
+ for pair in pairs:
+ process_file(pair[0],pair[1])
+
+ print ("finished configuring nomad and consul")
+ time.sleep(1)
+
diff --git a/deploy/asapo_services/scripts/provider.tf b/deploy/asapo_services/scripts/provider.tf
new file mode 100644
index 000000000..922c3af25
--- /dev/null
+++ b/deploy/asapo_services/scripts/provider.tf
@@ -0,0 +1,5 @@
+provider "nomad" {
+ address = "http://localhost:4646"
+ secret_id = chomp(file("/var/nomad/token"))
+}
+
diff --git a/deploy/asapo_services/supervisord.conf b/deploy/asapo_services/supervisord.conf
new file mode 100644
index 000000000..875399994
--- /dev/null
+++ b/deploy/asapo_services/supervisord.conf
@@ -0,0 +1,20 @@
+[supervisord]
+nodaemon = true
+logfile=/var/log/supervisord/supervisord.log ; supervisord log file
+logfile_maxbytes=50MB ; maximum size of logfile before rotation
+logfile_backups=10 ; number of backed up logfiles
+loglevel=info ; info, debug, warn, trace
+childlogdir=/var/log/supervisord/ ; where child log files will live
+use=root
+
+[program:prepare_scripts]
+command=/usr/bin/python3 /etc/asapo/orchestr_config.py --input-files /etc/asapo/nomad.hcl.tpl /etc/asapo/consul.hcl.tpl --output-files /etc/nomad.d/nomad.hcl /etc/consul.d/consul.hcl
+autorestart = false
+startsecs = 1
+priority=1
+
+[program:consul]
+command=/usr/bin/consul agent -config-dir=/etc/consul.d
+
+[program:nomad]
+command=/usr/bin/nomad agent -config=/etc/nomad.d
--
GitLab