projects / arvados.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
20610: Removes the need to directly edit the arvados.sls pillar.
[arvados.git] / tools / salt-install / installer.sh
diff --git a/tools/salt-install/installer.sh b/tools/salt-install/installer.sh
index 5a55e337da3248e22c335f5ac7d9be3e020d9ae6..cfa7b1454ad24cfad790ed542808a6635d5c0111 100755 (executable)
--- a/tools/salt-install/installer.sh
+++ b/tools/salt-install/installer.sh
@@ -47,6 +47,11 @@ declare GITTARGET
 # This will be populated by loadconfig()
 declare USE_SSH_JUMPHOST
 
 # This will be populated by loadconfig()
 declare USE_SSH_JUMPHOST
 
+# The temp file that will get used to disable envvar forwarding to avoid locale
+# issues in Debian distros.
+# This will be populated by loadconfig()
+declare SSH_CONFFILE
+
 checktools() {
     local MISSING=''
     for a in git ip ; do
 checktools() {
     local MISSING=''
     for a in git ip ; do
@@ -60,6 +65,13 @@ checktools() {
     fi
 }
 
     fi
 }
 
+cleanup() {
+    local NODE=$1
+    local SSH=`ssh_cmd "$NODE"`
+    # Delete the old repository
+    $SSH $DEPLOY_USER@$NODE rm -rf ${GITTARGET}.git ${GITTARGET}
+}
+
 sync() {
     local NODE=$1
     local BRANCH=$2
 sync() {
     local NODE=$1
     local BRANCH=$2
@@ -68,33 +80,26 @@ sync() {
     # each node, pushing our branch, and updating the checkout.
 
     if [[ "$NODE" != localhost ]] ; then
     # each node, pushing our branch, and updating the checkout.
 
     if [[ "$NODE" != localhost ]] ; then
-               SSH=`ssh_cmd "$NODE"`
-               GIT="eval `git_cmd $NODE`"
-               if ! $SSH $DEPLOY_USER@$NODE test -d ${GITTARGET}.git ; then
-
-                       # Initialize the git repository (1st time case).  We're
-                       # actually going to make two repositories here because git
-                       # will complain if you try to push to a repository with a
-                       # checkout. So we're going to create a "bare" repository
-                       # and then clone a regular repository (with a checkout)
-                       # from that.
-
-                       $SSH $DEPLOY_USER@$NODE git init --bare --shared=0600 ${GITTARGET}.git
-                       if ! $GIT remote add $NODE $DEPLOY_USER@$NODE:${GITTARGET}.git ; then
-                               $GIT remote set-url $NODE $DEPLOY_USER@$NODE:${GITTARGET}.git
-                       fi
-                       $GIT push $NODE $BRANCH
-                       $SSH $DEPLOY_USER@$NODE "umask 0077 && git clone ${GITTARGET}.git ${GITTARGET}"
-               fi
+       SSH=`ssh_cmd "$NODE"`
+       GIT="eval `git_cmd $NODE`"
+
+       cleanup $NODE
 
 
-               # The update case.
-               #
-               # Push to the bare repository on the remote node, then in the
-               # remote node repository with the checkout, pull the branch
-               # from the bare repository.
+       # Update the git remote for the remote repository.
+       if ! $GIT remote add $NODE $DEPLOY_USER@$NODE:${GITTARGET}.git ; then
+           $GIT remote set-url $NODE $DEPLOY_USER@$NODE:${GITTARGET}.git
+       fi
 
 
-               $GIT push $NODE $BRANCH
-               $SSH $DEPLOY_USER@$NODE "git -C ${GITTARGET} checkout ${BRANCH} && git -C ${GITTARGET} pull"
+       # Initialize the git repository.  We're
+       # actually going to make two repositories here because git
+       # will complain if you try to push to a repository with a
+       # checkout. So we're going to create a "bare" repository
+       # and then clone a regular repository (with a checkout)
+       # from that.
+
+       $SSH $DEPLOY_USER@$NODE git init --bare --shared=0600 ${GITTARGET}.git
+       $GIT push $NODE $BRANCH
+       $SSH $DEPLOY_USER@$NODE "umask 0077 && git clone -s ${GITTARGET}.git ${GITTARGET} && git -C ${GITTARGET} checkout ${BRANCH}"
     fi
 }
 
     fi
 }
 
@@ -112,7 +117,7 @@ deploynode() {
     fi
 
     logfile=deploy-${NODE}-$(date -Iseconds).log
     fi
 
     logfile=deploy-${NODE}-$(date -Iseconds).log
-       SSH=`ssh_cmd "$NODE"`
+    SSH=`ssh_cmd "$NODE"`
 
     if [[ "$NODE" = localhost ]] ; then
            SUDO=''
 
     if [[ "$NODE" = localhost ]] ; then
            SUDO=''
@@ -120,25 +125,33 @@ deploynode() {
                        SUDO=sudo
                fi
                $SUDO ./provision.sh --config ${CONFIG_FILE} ${ROLES} 2>&1 | tee $logfile
                        SUDO=sudo
                fi
                $SUDO ./provision.sh --config ${CONFIG_FILE} ${ROLES} 2>&1 | tee $logfile
-       else
-               $SSH $DEPLOY_USER@$NODE "cd ${GITTARGET} && sudo ./provision.sh --config ${CONFIG_FILE} ${ROLES}" 2>&1 | tee $logfile
+    else
+           $SSH $DEPLOY_USER@$NODE "cd ${GITTARGET} && git log -n1 HEAD && sudo ./provision.sh --config ${CONFIG_FILE} ${ROLES}" 2>&1 | tee $logfile
+           cleanup $NODE
     fi
 }
 
 loadconfig() {
     fi
 }
 
 loadconfig() {
-    if [[ ! -s $CONFIG_FILE ]] ; then
+    if ! [[ -s ${CONFIG_FILE} && -s ${CONFIG_FILE}.secrets ]]; then
                echo "Must be run from initialized setup dir, maybe you need to 'initialize' first?"
     fi
                echo "Must be run from initialized setup dir, maybe you need to 'initialize' first?"
     fi
+    source ${CONFIG_FILE}.secrets
     source ${CONFIG_FILE}
     GITTARGET=arvados-deploy-config-${CLUSTER}
     source ${CONFIG_FILE}
     GITTARGET=arvados-deploy-config-${CLUSTER}
+
+       # Set up SSH so that it doesn't forward any environment variable. This is to avoid
+       # getting "setlocale" errors on the first run, depending on the distro being used
+       # to run the installer (like Debian).
+       SSH_CONFFILE=$(mktemp)
+       echo "Include config SendEnv -*" > ${SSH_CONFFILE}
 }
 
 ssh_cmd() {
        local NODE=$1
        if [ -z "${USE_SSH_JUMPHOST}" -o "${NODE}" == "${USE_SSH_JUMPHOST}" -o "${NODE}" == "localhost" ]; then
 }
 
 ssh_cmd() {
        local NODE=$1
        if [ -z "${USE_SSH_JUMPHOST}" -o "${NODE}" == "${USE_SSH_JUMPHOST}" -o "${NODE}" == "localhost" ]; then
-               echo "ssh"
+               echo "ssh -F ${SSH_CONFFILE}"
        else
        else
-               echo "ssh -J ${DEPLOY_USER}@${USE_SSH_JUMPHOST}"
+               echo "ssh -F ${SSH_CONFFILE} -J ${DEPLOY_USER}@${USE_SSH_JUMPHOST}"
        fi
 }
 
        fi
 }
 
@@ -197,6 +210,7 @@ case "$subcmd" in
        cp -r *.sh tests $SETUPDIR
 
        cp local.params.example.$PARAMS $SETUPDIR/${CONFIG_FILE}
        cp -r *.sh tests $SETUPDIR
 
        cp local.params.example.$PARAMS $SETUPDIR/${CONFIG_FILE}
+       cp local.params.secrets.example $SETUPDIR/${CONFIG_FILE}.secrets
        cp -r config_examples/$SLS $SETUPDIR/${CONFIG_DIR}
 
        if [[ -n "$TERRAFORM" ]] ; then
        cp -r config_examples/$SLS $SETUPDIR/${CONFIG_DIR}
 
        if [[ -n "$TERRAFORM" ]] ; then
@@ -213,7 +227,7 @@ case "$subcmd" in
                git add terraform
        fi
 
                git add terraform
        fi
 
-       git add *.sh ${CONFIG_FILE} ${CONFIG_DIR} tests .gitignore
+       git add *.sh ${CONFIG_FILE} ${CONFIG_FILE}.secrets ${CONFIG_DIR} tests .gitignore
        git commit -m"initial commit"
 
        echo
        git commit -m"initial commit"
 
        echo
@@ -224,7 +238,7 @@ case "$subcmd" in
            (cd $SETUPDIR/terraform/services && terraform init)
            echo "Now go to $SETUPDIR, customize 'terraform/vpc/terraform.tfvars' as needed, then run 'installer.sh terraform'"
        else
            (cd $SETUPDIR/terraform/services && terraform init)
            echo "Now go to $SETUPDIR, customize 'terraform/vpc/terraform.tfvars' as needed, then run 'installer.sh terraform'"
        else
-           echo "Now go to $SETUPDIR, customize '${CONFIG_FILE}' and '${CONFIG_DIR}' as needed, then run 'installer.sh deploy'"
+               echo "Now go to $SETUPDIR, customize '${CONFIG_FILE}', '${CONFIG_FILE}.secrets' and '${CONFIG_DIR}' as needed, then run 'installer.sh deploy'"
        fi
        ;;
 
        fi
        ;;
 
@@ -258,7 +272,7 @@ case "$subcmd" in
 
        loadconfig
 
 
        loadconfig
 
-       if grep -rni 'fixme' ${CONFIG_FILE} ${CONFIG_DIR} ; then
+       if grep -rni 'fixme' ${CONFIG_FILE} ${CONFIG_FILE}.secrets ${CONFIG_DIR} ; then
            echo
            echo "Some parameters still need to be updated.  Please fix them and then re-run deploy."
            exit 1
            echo
            echo "Some parameters still need to be updated.  Please fix them and then re-run deploy."
            exit 1
@@ -269,7 +283,7 @@ case "$subcmd" in
        set -x
 
        git add -A
        set -x
 
        git add -A
-       if ! git diff --cached --exit-code ; then
+       if ! git diff --cached --exit-code --quiet ; then
            git commit -m"prepare for deploy"
        fi
 
            git commit -m"prepare for deploy"
        fi
 
@@ -293,13 +307,22 @@ case "$subcmd" in
 
            for NODE in "${!NODES[@]}"
            do
 
            for NODE in "${!NODES[@]}"
            do
-               # then  'api' or 'controller' roles
+               # then 'api' or 'controller' roles
                if [[ "${NODES[$NODE]}" =~ (api|controller) ]] ; then
                    deploynode $NODE "${NODES[$NODE]}"
                    unset NODES[$NODE]
                fi
            done
 
                if [[ "${NODES[$NODE]}" =~ (api|controller) ]] ; then
                    deploynode $NODE "${NODES[$NODE]}"
                    unset NODES[$NODE]
                fi
            done
 
+           for NODE in "${!NODES[@]}"
+           do
+               # then 'balancer' role
+               if [[ "${NODES[$NODE]}" =~ (balancer) ]] ; then
+                   deploynode $NODE "${NODES[$NODE]}"
+                   unset NODES[$NODE]
+               fi
+           done
+
            for NODE in "${!NODES[@]}"
            do
                # Everything else (we removed the nodes that we
            for NODE in "${!NODES[@]}"
            do
                # Everything else (we removed the nodes that we
@@ -338,7 +361,7 @@ case "$subcmd" in
            exit 1
        fi
 
            exit 1
        fi
 
-       export ARVADOS_API_HOST="${CLUSTER}.${DOMAIN}:${CONTROLLER_EXT_SSL_PORT}"
+       export ARVADOS_API_HOST="${DOMAIN}:${CONTROLLER_EXT_SSL_PORT}"
        export ARVADOS_API_TOKEN="$SYSTEM_ROOT_TOKEN"
 
        arvados-client diagnostics $LOCATION
        export ARVADOS_API_TOKEN="$SYSTEM_ROOT_TOKEN"
 
        arvados-client diagnostics $LOCATION