POSTS

Advanced provisioning with simple-cdd and git

By Daniele Brugnara

March 18, 2017

Installing machines, is now more easy, as seen in my previous article.

What happens if we want to update a configuration? If we only rely to the simple-cdd way, we are going to rebuild the iso and reinstall our VMs, which is not we always want to do.

In my case, I have found many tools able to achieve this goal. Chef, PuppetLabs are just two of those. Do you really want to use something you need to learn? Do you have the time to learn something new just to provision your machines once? Not me. Thank you.

All of us known git and bash, so we are going to use both, hurray!

provisioning

Simple profile.postinst content for simple-cdd. We can also do by hand this configuration.

git clone git@bitbucket.org:your-name-here/server-bootstrap.git /var/bootstrap
chmod 700 /var/bootstrap

# prepare rc.local

echo "#!/bin/sh

# update repo with bootstrap file
cd /var/bootstrap
git reset --hard
git pull origin master

cd /var/bootstrap/service
/bin/bash bootstrap

exit 0
" > /etc/rc.local

# executable only from root, not visible to anyone else
chmod 100 /etc/rc.local

As you can see, we are writing a rc.local able to update the files at boot time. This allow the machine to auto update with a reboot.

Let’s see a simple dhcpd bootstrap file:

#!/bin/bash

echo "+-------------------+"
echo "| configuring dhcpd |"
echo "+-------------------+"

echo "INTERFACES=\"eth1 eth2 eth3\"" > /etc/default/isc-dhcp-server

cp dhcpd.conf /etc/dhcp/dhcpd.conf

/etc/init.d/isc-dhcp-server restart

echo "+-----------+"
echo "| all done! |"
echo "+-----------+"

Here’s another bootstrap for a nodejs service, as an example

#!/bin/bash

IP=192.168.10.41
PORT=8080
NODE_VERSION="v6.10.0"

# sysctl configs

echo "+--------------------+"
echo "| configuring sysctl |"
echo "+--------------------+"

sysctl -w net.ipv4.ip_forward=1
sysctl -w net.core.somaxconn=65536

if [ `node -v` = $NODE_VERSION ];
then
    echo "+-----------------------------------+"
    echo "| node is already on wanted version |"
    echo "+-----------------------------------+"
else
    echo "+---------------+"
    echo "| updating node |"
    echo "+---------------+"

    curl -k https://nodejs.org/dist/$NODE_VERSION/node-$NODE_VERSION-linux-x64.tar.xz | tar xvJ --strip-components=1 -C "/usr/local"
fi

echo "+---------------------------------+"
echo "| intalling and upgrading forever |"
echo "+---------------------------------+"

npm i -g forever
npm up -g forever

echo "+----------------+"
echo "| updating proxy |"
echo "+----------------+"

chown -R devops:devops /var/www/proxy
su -l devops -c "cd /var/www/proxy; HOST=$IP /bin/bash start.sh"
chown -R root:root /var/www/proxy

echo "+----------------+"
echo "| iptables stuff |"
echo "+----------------+"

# clean rules
iptables -F -t nat
iptables -F

# NAT users using output eth
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

echo "+-----------+"
echo "| all done! |"
echo "+-----------+"

Enjoy!