514
by Curtis Hovey
Added script to provision a machine on a different network |
1 |
#!/bin/bash
|
2 |
# Prepares the state-server and remote machine,
|
|
3 |
# then adds the remote machine to the environment.
|
|
4 |
#
|
|
5 |
# add-remote-machine.bash env path/ssh-key user@remote_private_ip
|
|
6 |
#
|
|
7 |
# Your host must have access via ssh to the remote *private* ip.
|
|
8 |
# The state-server will only provision machines with private IPs;
|
|
9 |
# the agent will only talk to the state-server by private dns name.
|
|
10 |
# Your host will be used to start the provisioning. your hosts ssh
|
|
11 |
# rules must permit access to the remote host via its private ip.
|
|
12 |
||
13 |
set -eu
|
|
14 |
||
522
by Curtis Hovey
Added sanity checks to add-remote-machine.bash. |
15 |
check_access() { |
16 |
name=$1 |
|
17 |
url=$2 |
|
18 |
echo "Checking $USER_AT_HOST can access $name at $url..." |
|
19 |
set +e
|
|
524
by Curtis Hovey
Don't show the progress of the network checks, just show |
20 |
result=$(ssh -i $SSH_KEY $USER_AT_HOST \ |
21 |
curl --connect-timeout 5 --silent --head $url || echo "fail") |
|
522
by Curtis Hovey
Added sanity checks to add-remote-machine.bash. |
22 |
set -e
|
524
by Curtis Hovey
Don't show the progress of the network checks, just show |
23 |
result=$(echo "$result" | tail -1) |
522
by Curtis Hovey
Added sanity checks to add-remote-machine.bash. |
24 |
if [[ $result == "fail" ]]; then |
25 |
echo "...FAIL" |
|
26 |
NETWORK_ACCESS="false" |
|
27 |
else
|
|
28 |
echo "...OK" |
|
29 |
fi
|
|
30 |
}
|
|
31 |
||
32 |
||
33 |
check_url_access() { |
|
34 |
option=$1 |
|
618.1.1
by Curtis Hovey
Strip the /tools dir from from the tools-metadata-url because s3 will return a 404 |
35 |
option_url=$(juju get-env -e $ENV $option | sed -e 's,/tools$,,') |
522
by Curtis Hovey
Added sanity checks to add-remote-machine.bash. |
36 |
if [[ -n "$option_url" ]]; then |
37 |
check_access $option $option_url |
|
38 |
else
|
|
524
by Curtis Hovey
Don't show the progress of the network checks, just show |
39 |
echo "! You must verify that $USER_AT_HOST can access $option" |
522
by Curtis Hovey
Added sanity checks to add-remote-machine.bash. |
40 |
fi
|
41 |
}
|
|
42 |
||
43 |
||
44 |
if [[ "$1" == "--dry-run" ]]; then |
|
45 |
DRY_RUN="true" |
|
46 |
shift
|
|
47 |
else
|
|
48 |
DRY_RUN="false" |
|
49 |
fi
|
|
50 |
ENV=$1 |
|
51 |
SSH_KEY=$2 |
|
52 |
USER_AT_HOST=$3 |
|
53 |
NETWORK_ACCESS="true" |
|
54 |
||
55 |
private_dns_name=$(juju ssh -e $ENV 0 'echo "$(hostname).$(dnsdomainname)"') |
|
56 |
public_dns_name=$(juju status -e $ENV | sed -r '/dns-name/!d; 1,1!d; s/.*: (.*)/\1/') |
|
514
by Curtis Hovey
Added script to provision a machine on a different network |
57 |
public_ip=$(dig "$public_dns_name" | sed -r '/^;/d; /IN/!d; s/.*A (.*)/\1/;') |
522
by Curtis Hovey
Added sanity checks to add-remote-machine.bash. |
58 |
api_port=$(juju get-env -e $ENV api-port) |
514
by Curtis Hovey
Added script to provision a machine on a different network |
59 |
echo "State-server public address: $public_ip $public_dns_name" |
60 |
echo "State-server private address: $private_dns_name" |
|
522
by Curtis Hovey
Added sanity checks to add-remote-machine.bash. |
61 |
check_access "state-server" http://$public_ip:$api_port |
62 |
check_url_access image-metadata-url |
|
63 |
check_url_access tools-metadata-url |
|
64 |
||
65 |
echo "Checking $USER_AT_HOST can access the cloud provider's storage" |
|
66 |
provider=$(juju get-env -e $ENV "type") |
|
67 |
if [[ $provider == "ec2" ]]; then |
|
68 |
control_bucket=$(juju get-env -e $ENV control-bucket) |
|
524
by Curtis Hovey
Don't show the progress of the network checks, just show |
69 |
check_access "s3" http://s3.amazon.com/$control_bucket |
522
by Curtis Hovey
Added sanity checks to add-remote-machine.bash. |
70 |
else
|
524
by Curtis Hovey
Don't show the progress of the network checks, just show |
71 |
echo "! You must verify that $USER_AT_HOST can access the cloud storage." |
522
by Curtis Hovey
Added sanity checks to add-remote-machine.bash. |
72 |
fi
|
73 |
||
74 |
||
75 |
if [[ $DRY_RUN == "true" || $NETWORK_ACCESS == 'false' ]]; then |
|
76 |
exit
|
|
77 |
fi
|
|
78 |
||
79 |
echo "Adding state-server's private dns name to $USER_AT_HOST:/etc/hosts" |
|
80 |
ssh -i $SSH_KEY $USER_AT_HOST \ |
|
514
by Curtis Hovey
Added script to provision a machine on a different network |
81 |
"echo '$public_ip $private_dns_name' | sudo tee -a /etc/hosts" |
82 |
||
522
by Curtis Hovey
Added sanity checks to add-remote-machine.bash. |
83 |
echo "Adding $USER_AT_HOST to $ENV" |
84 |
juju --show-log add-machine -e $ENV ssh:$USER_AT_HOST |