e2e: Linux AMI setup cleanup (#8821)

As we add new Linux targets for E2E, the existing setup.sh script will be used only for Ubuntu. Rather than have the service and config files echo'd from the script, move them into files we upload so they can be reused. Includes some general noise reduction in the setup.sh script and removal of unused bits.
hashicorp · Sep 3, 2020 · 2c73d2e · 2c73d2e
1 parent 4ba3afa
commit 2c73d2e
Show file tree

Hide file tree

Showing 5 changed files with 76 additions and 97 deletions.
diff --git a/e2e/terraform/packer/linux/dnsmasq b/e2e/terraform/packer/linux/dnsmasq
@@ -0,0 +1,8 @@
+port=53
+resolv-file=/var/run/dnsmasq/resolv.conf
+bind-interfaces
+interface=docker0
+interface=lo
+interface=eth0
+listen-address=127.0.0.1
+server=/consul/127.0.0.1#8600
diff --git a/e2e/terraform/packer/linux/io.podman.service b/e2e/terraform/packer/linux/io.podman.service
@@ -0,0 +1,15 @@
+[Unit]
+Description=Podman Remote API Service
+Requires=io.podman.socket
+After=io.podman.socket
+Documentation=man:podman-varlink(1)
+
+[Service]
+Type=simple
+ExecStart=/usr/bin/podman varlink unix:%t/podman/io.podman --timeout=60000
+TimeoutStopSec=30
+KillMode=process
+
+[Install]
+WantedBy=multi-user.target
+Also=io.podman.socket
diff --git a/e2e/terraform/packer/linux/io.podman.socket b/e2e/terraform/packer/linux/io.podman.socket
@@ -0,0 +1,10 @@
+[Unit]
+Description=Podman Remote API Socket
+Documentation=man:podman-varlink(1) https://podman.io/blogs/2019/01/16/podman-varlink.html
+
+[Socket]
+ListenStream=%t/podman/io.podman
+SocketMode=0600
+
+[Install]
+WantedBy=sockets.target
diff --git a/e2e/terraform/packer/linux/setup.sh b/e2e/terraform/packer/linux/setup.sh
@@ -1,30 +1,29 @@
 #!/bin/bash
+# setup script for Ubuntu Linux 18.04. Assumes that Packer has placed
+# build-time config files at /tmp/linux
 
 set -e
 
+# Will be overwritten at test time with the version specified
+NOMADVERSION=0.9.1
+CONSULVERSION=1.7.3
+VAULTVERSION=1.1.1
+
+NOMAD_PLUGIN_DIR=/opt/nomad/plugins/
+
+mkdir_for_root() {
+    sudo mkdir -p "$1"
+    sudo chmod 755 "$1"
+}
+
 # Disable interactive apt prompts
 export DEBIAN_FRONTEND=noninteractive
 echo 'debconf debconf/frontend select Noninteractive' | sudo debconf-set-selections
 
-
 sudo mkdir -p /ops/shared
 sudo chown -R ubuntu:ubuntu /ops/shared
-cd /ops
-
-CONSULVERSION=1.7.3
-CONSULDOWNLOAD=https://releases.hashicorp.com/consul/${CONSULVERSION}/consul_${CONSULVERSION}_linux_amd64.zip
-CONSULCONFIGDIR=/etc/consul.d
-CONSULDIR=/opt/consul
-VAULTVERSION=1.1.1
-VAULTDOWNLOAD=https://releases.hashicorp.com/vault/${VAULTVERSION}/vault_${VAULTVERSION}_linux_amd64.zip
-VAULTCONFIGDIR=/etc/vault.d
-VAULTDIR=/opt/vault
 
-# Will be overwritten by sha specified
-NOMADVERSION=0.9.1
-NOMADCONFIGDIR=/etc/nomad.d
-NOMADDIR=/opt/nomad
-NOMADPLUGINDIR=/opt/nomad/plugins
+mkdir_for_root /opt
 
 # Dependencies
 sudo apt-get update
@@ -43,42 +42,37 @@ sudo chown root:root /usr/local/bin/sockaddr
 sudo ufw disable || echo "ufw not installed"
 
 echo "Install Consul"
-curl -fsL -o /tmp/consul.zip $CONSULDOWNLOAD
+curl -fsL -o /tmp/consul.zip \
+     "https://releases.hashicorp.com/consul/${CONSULVERSION}/consul_${CONSULVERSION}_linux_amd64.zip"
 sudo unzip -q /tmp/consul.zip -d /usr/local/bin
 sudo chmod 0755 /usr/local/bin/consul
 sudo chown root:root /usr/local/bin/consul
 
 echo "Configure Consul"
-sudo mkdir -p $CONSULCONFIGDIR
-sudo chmod 755 $CONSULCONFIGDIR
-sudo mkdir -p $CONSULDIR
-sudo chmod 755 $CONSULDIR
-sudo mv /tmp/consul.service /etc/systemd/system/consul.service
+mkdir_for_root /etc/consul.d
+mkdir_for_root /opt/consul
+sudo mv /tmp/linux/consul_aws.service /etc/systemd/system/consul.service
 
 echo "Install Vault"
-curl -fsL -o /tmp/vault.zip $VAULTDOWNLOAD
+curl -fsL -o /tmp/vault.zip \
+     "https://releases.hashicorp.com/vault/${VAULTVERSION}/vault_${VAULTVERSION}_linux_amd64.zip"
 sudo unzip -q /tmp/vault.zip -d /usr/local/bin
 sudo chmod 0755 /usr/local/bin/vault
 sudo chown root:root /usr/local/bin/vault
 
 echo "Configure Vault"
-sudo mkdir -p $VAULTCONFIGDIR
-sudo chmod 755 $VAULTCONFIGDIR
-sudo mkdir -p $VAULTDIR
-sudo chmod 755 $VAULTDIR
-sudo mv /tmp/vault.service /etc/systemd/system/vault.service
+mkdir_for_root /etc/vault.d
+mkdir_for_root /opt/vault
+sudo mv /tmp/linux/vault.service /etc/systemd/system/vault.service
 
 echo "Configure Nomad"
-sudo mkdir -p $NOMADCONFIGDIR
-sudo chmod 755 $NOMADCONFIGDIR
-sudo mkdir -p $NOMADDIR
-sudo chmod 755 $NOMADDIR
-sudo mkdir -p $NOMADPLUGINDIR
-sudo chmod 755 $NOMADPLUGINDIR
-sudo mv /tmp/nomad.service /etc/systemd/system/nomad.service
+mkdir_for_root /etc/nomad.d
+mkdir_for_root /opt/nomad
+mkdir_for_root $NOMAD_PLUGIN_DIR
+sudo mv /tmp/linux/nomad.service /etc/systemd/system/nomad.service
 
 echo "Install Nomad"
-sudo mv /tmp/install-nomad /opt/install-nomad
+sudo mv /tmp/linux/install-nomad /opt/install-nomad
 sudo chmod +x /opt/install-nomad
 /opt/install-nomad --nomad_version $NOMADVERSION --nostart
 
@@ -104,7 +98,6 @@ sudo apt-get install -y docker-ce
 
 echo "Installing Java"
 sudo apt-get install -y openjdk-8-jdk
-JAVA_HOME=$(readlink -f /usr/bin/java | sed "s:bin/java::")
 
 echo "Installing CNI plugins"
 sudo mkdir -p /opt/cni/bin
@@ -125,56 +118,22 @@ echo "Installing latest podman task driver"
 # install nomad-podman-driver and move to plugin dir
 latest_podman=$(curl -s https://releases.hashicorp.com/nomad-driver-podman/index.json | jq --raw-output '.versions |= with_entries(select(.key|match("^\\d+\\.\\d+\\.\\d+$"))) | .versions | keys[]' | sort -rV | head -n1)
 
-wget -q -P /tmp https://releases.hashicorp.com/nomad-driver-podman/${latest_podman}/nomad-driver-podman_${latest_podman}_linux_amd64.zip
-sudo unzip -q /tmp/nomad-driver-podman_${latest_podman}_linux_amd64.zip -d $NOMADPLUGINDIR
-sudo chmod +x $NOMADPLUGINDIR/nomad-driver-podman
+wget -q -P /tmp "https://releases.hashicorp.com/nomad-driver-podman/${latest_podman}/nomad-driver-podman_${latest_podman}_linux_amd64.zip"
+sudo unzip -q "/tmp/nomad-driver-podman_${latest_podman}_linux_amd64.zip" -d "$NOMAD_PLUGIN_DIR"
+sudo chmod +x "${NOMAD_PLUGIN_DIR}/nomad-driver-podman"
 
 # enable varlink socket (not included in ubuntu package)
-sudo tee /etc/systemd/system/io.podman.service << EOF
-[Unit]
-Description=Podman Remote API Service
-Requires=io.podman.socket
-After=io.podman.socket
-Documentation=man:podman-varlink(1)
-
-[Service]
-Type=simple
-ExecStart=/usr/bin/podman varlink unix:%t/podman/io.podman --timeout=60000
-TimeoutStopSec=30
-KillMode=process
-
-[Install]
-WantedBy=multi-user.target
-Also=io.podman.socket
-EOF
+sudo mv /tmp/linux/io.podman.service /etc/systemd/system/io.podman.service
+sudo mv /tmp/linux/io.podman.socket /etc/systemd/system/io.podman.socket
 
-sudo tee /etc/systemd/system/io.podman.socket << EOF
-[Unit]
-Description=Podman Remote API Socket
-Documentation=man:podman-varlink(1) https://podman.io/blogs/2019/01/16/podman-varlink.html
-
-[Socket]
-ListenStream=%t/podman/io.podman
-SocketMode=0600
-
-[Install]
-WantedBy=sockets.target
-EOF
+echo "Configuring dnsmasq"
 
 # disable systemd-resolved and configure dnsmasq to forward local requests to
 # consul. the resolver files need to dynamic configuration based on the VPC
 # address and docker bridge IP, so those will be rewritten at boot time.
 sudo systemctl disable systemd-resolved.service
-echo '
-port=53
-resolv-file=/var/run/dnsmasq/resolv.conf
-bind-interfaces
-interface=docker0
-interface=lo
-interface=eth0
-listen-address=127.0.0.1
-server=/consul/127.0.0.1#8600
-' | sudo tee /etc/dnsmasq.d/default
+sudo mv /tmp/linux/dnsmasq /etc/dnsmasq.d/default
+sudo chown root:root /etc/dnsmasq.d/default
 
 # this is going to be overwritten at provisioning time, but we need something
 # here or we can't fetch binaries to do the provisioning
@@ -183,11 +142,13 @@ sudo mv /tmp/resolv.conf /etc/resolv.conf
 
 sudo systemctl restart dnsmasq
 
+echo "Updating boot parameters"
+
 # enable cgroup_memory and swap
 sudo sed -i 's/GRUB_CMDLINE_LINUX="[^"]*/& cgroup_enable=memory swapaccount=1/' /etc/default/grub
 sudo update-grub
 
-echo "Configure user shell"
+echo "Configuring user shell"
 sudo tee -a /home/ubuntu/.bashrc << 'EOF'
 IP_ADDRESS=$(/usr/local/bin/sockaddr eval 'GetPrivateIP')
 export CONSUL_RPC_ADDR=$IP_ADDRESS:8400

diff --git a/e2e/terraform/packer/packer.json b/e2e/terraform/packer/packer.json
@@ -16,23 +16,8 @@
   "provisioners": [
     {
       "type": "file",
-      "source": "./linux/install-nomad",
-      "destination": "/tmp/install-nomad"
-    },
-    {
-      "type": "file",
-      "source": "./linux/nomad.service",
-      "destination": "/tmp/nomad.service"
-    },
-    {
-      "type": "file",
-      "source": "./linux/consul_aws.service",
-      "destination": "/tmp/consul.service"
-    },
-    {
-      "type": "file",
-      "source": "./linux/vault.service",
-      "destination": "/tmp/vault.service"
+      "source": "./linux",
+      "destination": "/tmp/linux"
     },
     {
       "type": "shell",