Merge pull request rancher#3 from Oats87/do-userdata-scripts-backport

Backporting superseb's fixes for userdata

do/files/userdata_agent

@@ -1,14 +1,23 @@
 #!/bin/bash -x
-export curlprefix=appropriate
+export curlimage=appropriate/curl
+export jqimage=stedolan/jq
 export rancher_server_ip='${server_address}'
 
-curl https://releases.rancher.com/install-docker/${docker_version_agent}.sh | sh
+if [ `command -v curl` ]; then
+  curl -sL https://releases.rancher.com/install-docker/${docker_version_agent}.sh | sh
+elif [ `command -v wget` ]; then
+  wget -qO- https://releases.rancher.com/install-docker/${docker_version_agent}.sh | sh
+fi
 
-apt-get update
-apt-get -y install jq
+for image in $curlimage $jqimage; do
+  until docker inspect $image > /dev/null 2>&1; do
+    docker pull $image
+    sleep 2
+  done
+done
 
 while true; do
-  docker run --rm $curlprefix/curl -sLk https://$rancher_server_ip/ping && break
+  docker run --rm $curlimage -sLk https://$rancher_server_ip/ping && break
   sleep 5
 done
 
@@ -17,9 +26,9 @@ while true; do
 
     LOGINRESPONSE=$(docker run \
         --rm \
-        $curlprefix/curl \
+        $curlimage \
         -s "https://$rancher_server_ip/v3-public/localProviders/local?action=login" -H 'content-type: application/json' --data-binary '{"username":"admin","password":"${admin_password}"}' --insecure)
-    LOGINTOKEN=$(echo $LOGINRESPONSE | jq -r .token)
+    LOGINTOKEN=$(echo $LOGINRESPONSE | docker run --rm -i $jqimage -r .token)
 
     if [ "$LOGINTOKEN" != "null" ]; then
         break
@@ -28,14 +37,35 @@ while true; do
     fi
 done
 
+# Get the Agent Image from the rancher server
+while true; do
+  AGENTIMAGE=$(docker run \
+    --rm \
+    $curlimage \
+      -sLk \
+      -H "Authorization: Bearer $LOGINTOKEN" \
+      "https://$rancher_server_ip/v3/settings/agent-image" | docker run --rm -i $jqimage -r '.value')
+
+  if [ -n "$AGENTIMAGE" ]; then
+    break
+  else
+    sleep 5
+  fi
+done
+
+until docker inspect $AGENTIMAGE > /dev/null 2>&1; do
+  docker pull $AGENTIMAGE
+  sleep 2
+done
+
 # Test if cluster is created
 while true; do
   CLUSTERID=$(docker run \
     --rm \
-    $curlprefix/curl \
+    $curlimage \
       -sLk \
       -H "Authorization: Bearer $LOGINTOKEN" \
-      "https://$rancher_server_ip/v3/clusters?name=${cluster_name}" | jq -r '.data[].id')
+      "https://$rancher_server_ip/v3/clusters?name=${cluster_name}" | docker run --rm -i $jqimage -r '.data[].id')
 
   if [ -n "$CLUSTERID" ]; then
     break
@@ -55,10 +85,10 @@ fi
 while true; do
   AGENTCMD=$(docker run \
     --rm \
-    $curlprefix/curl \
+    $curlimage \
       -sLk \
       -H "Authorization: Bearer $LOGINTOKEN" \
-      "https://$rancher_server_ip/v3/clusterregistrationtoken?id=$CLUSTERID" | jq -r '.data[].nodeCommand' | head -1)
+      "https://$rancher_server_ip/v3/clusterregistrationtoken?id=$CLUSTERID" | docker run --rm -i $jqimage -r '.data[].nodeCommand' | head -1)
 
   if [ -n "$AGENTCMD" ]; then
     break
@@ -71,4 +101,4 @@ done
 COMPLETECMD="$AGENTCMD --$ROLEFLAG"
 
 # Run command
-$COMPLETECMD
+$COMPLETECMD

do/files/userdata_server

@@ -1,39 +1,63 @@
 #!/bin/bash -x
-apt update
-apt -y install curl vim jq
-curl https://releases.rancher.com/install-docker/${docker_version_server}.sh | sh
-
-until docker inspect rancher/rancher:${rancher_version} > /dev/null 2>&1; do
-  docker pull rancher/rancher:${rancher_version}
-  sleep 2
+export curlimage=appropriate/curl
+export jqimage=stedolan/jq
+
+if [ `command -v curl` ]; then
+  curl -sL https://releases.rancher.com/install-docker/${docker_version_server}.sh | sh
+elif [ `command -v wget` ]; then
+  wget -qO- https://releases.rancher.com/install-docker/${docker_version_server}.sh | sh
+fi
+
+for image in $curlimage $jqimage "rancher/rancher:${rancher_version}"; do
+  until docker inspect $image > /dev/null 2>&1; do
+    docker pull $image
+    sleep 2
+  done
 done
 
-docker run -d -p 80:80 -p 443:443 -v /root/rancher:/var/lib/rancher rancher/rancher:${rancher_version}
+docker run -d --restart=unless-stopped -p 80:80 -p 443:443 -v /root/rancher:/var/lib/rancher rancher/rancher:${rancher_version}
 
-while ! curl -k https://localhost/ping; do sleep 3; done
+while true; do
+  docker run --rm --net=host $curlimage -sLk https://127.0.0.1/ping && break
+  sleep 5
+done
 
 # Login
-LOGINRESPONSE=`curl -s 'https://127.0.0.1/v3-public/localProviders/local?action=login' -H 'content-type: application/json' --data-binary '{"username":"admin","password":"admin"}' --insecure`
-LOGINTOKEN=`echo $LOGINRESPONSE | jq -r .token`
+while true; do
+
+    LOGINRESPONSE=$(docker run \
+        --rm \
+        --net=host \
+        $curlimage \
+        -s "https://127.0.0.1/v3-public/localProviders/local?action=login" -H 'content-type: application/json' --data-binary '{"username":"admin","password":"admin"}' --insecure)
+    LOGINTOKEN=$(echo $LOGINRESPONSE | docker run --rm -i $jqimage -r .token)
+    echo "Login Token is $LOGINTOKEN"
+    if [ "$LOGINTOKEN" != "null" ]; then
+        break
+    else
+        sleep 5
+    fi
+done
+
 
 # Change password
-curl -s 'https://127.0.0.1/v3/users?action=changepassword' -H 'content-type: application/json' -H "Authorization: Bearer $LOGINTOKEN" --data-binary '{"currentPassword":"admin","newPassword":"${admin_password}"}' --insecure
+docker run --rm --net=host $curlimage -s 'https://127.0.0.1/v3/users?action=changepassword' -H 'content-type: application/json' -H "Authorization: Bearer $LOGINTOKEN" --data-binary '{"currentPassword":"admin","newPassword":"${admin_password}"}' --insecure
 
 # Create API key
-APIRESPONSE=`curl -s 'https://127.0.0.1/v3/token' -H 'content-type: application/json' -H "Authorization: Bearer $LOGINTOKEN" --data-binary '{"type":"token","description":"automation"}' --insecure`
+APIRESPONSE=$(docker run --rm --net=host $curlimage -s 'https://127.0.0.1/v3/token' -H 'content-type: application/json' -H "Authorization: Bearer $LOGINTOKEN" --data-binary '{"type":"token","description":"automation"}' --insecure)
 
 # Extract and store token
-APITOKEN=`echo $APIRESPONSE | jq -r .token`
+APITOKEN=`echo $APIRESPONSE | docker run --rm -i $jqimage -r .token`
 
 # Configure server-url
-RANCHER_SERVER="https://$(curl -s http://169.254.169.254/metadata/v1/interfaces/public/0/ipv4/address)"
-curl -s 'https://127.0.0.1/v3/settings/server-url' -H 'content-type: application/json' -H "Authorization: Bearer $APITOKEN" -X PUT --data-binary '{"name":"server-url","value":"'$RANCHER_SERVER'"}' --insecure
+RANCHER_SERVER="https://$(docker run --rm --net=host $curlimage -s http://169.254.169.254/metadata/v1/interfaces/public/0/ipv4/address)"
+docker run --rm --net=host $curlimage -s 'https://127.0.0.1/v3/settings/server-url' -H 'content-type: application/json' -H "Authorization: Bearer $APITOKEN" -X PUT --data-binary '{"name":"server-url","value":"'$RANCHER_SERVER'"}' --insecure
 
 # Create cluster
-CLUSTERRESPONSE=`curl -s 'https://127.0.0.1/v3/cluster' -H 'content-type: application/json' -H "Authorization: Bearer $APITOKEN" --data-binary '{"type":"cluster","nodes":[],"rancherKubernetesEngineConfig":{"ignoreDockerVersion":true},"name":"${cluster_name}"}' --insecure`
+CLUSTERRESPONSE=$(docker run --rm --net=host $curlimage -s 'https://127.0.0.1/v3/cluster' -H 'content-type: application/json' -H "Authorization: Bearer $APITOKEN" --data-binary '{"type":"cluster","rancherKubernetesEngineConfig":{"addonJobTimeout":30,"ignoreDockerVersion":true,"sshAgentAuth":false,"type":"rancherKubernetesEngineConfig","authentication":{"type":"authnConfig","strategy":"x509"},"network":{"type":"networkConfig","plugin":"canal"},"ingress":{"type":"ingressConfig","provider":"nginx"},"services":{"type":"rkeConfigServices","kubeApi":{"podSecurityPolicy":false,"type":"kubeAPIService"},"etcd":{"snapshot":false,"type":"etcdService","extraArgs":{"heartbeat-interval":500,"election-timeout":5000}}}},"name":"${cluster_name}"}' --insecure)
 
 # Extract clusterid to use for generating the docker run command
-CLUSTERID=`echo $CLUSTERRESPONSE | jq -r .id`
+CLUSTERID=`echo $CLUSTERRESPONSE | docker run --rm -i $jqimage -r .id`
 
 # Generate registrationtoken
-curl -s 'https://127.0.0.1/v3/clusterregistrationtoken' -H 'content-type: application/json' -H "Authorization: Bearer $APITOKEN" --data-binary '{"type":"clusterRegistrationToken","clusterId":"'$CLUSTERID'"}' --insecure
+docker run --rm --net=host $curlimage -s 'https://127.0.0.1/v3/clusterregistrationtoken' -H 'content-type: application/json' -H "Authorization: Bearer $APITOKEN" --data-binary '{"type":"clusterRegistrationToken","clusterId":"'$CLUSTERID'"}' --insecure

do/main.tf

@@ -12,7 +12,7 @@ variable "prefix" {
 }
 
 variable "rancher_version" {
-  default = "v2.0.4"
+  default = "latest"
 }
 
 variable "count_agent_all_nodes" {