hewlettpackard / ezdemo Goto Github PK
View Code? Open in Web Editor NEWHPE Ezmeral Deployment tool for demos
Home Page: https://www.hpe.com/ezmeral
License: MIT License
ezdemo's People
Contributors
Stargazers
Watchers
Forkers
classicvalues caverav aruruka richardhpe smehmetoglu dkerr-ignw andyscheel bridgecrew-perf6 mgmehmetgurbuz bridgecrew-perf7 jaideepjoshi gary-sixgen bgburakgurbuz glennf nkhoshiniezdemo's Issues
Migrate terraform to ansible for cloud deployment
Use ansible (similar to deploy_vmware.yml) to enable cloud provisioning on AWS/Azure/GCP.
Import Runtime
Support importing existing Ezmeral Runtime to add demo use cases.
Should support adding nodes, re-configuring clusters and deploying MLOps or future use cases.
Standalone Data Fabric deployment
Invalid role(controller) in app(training-engine) specified.
I'm not sure why the controller role is no longer valid, I'm working with the PM team to find out why this no longer exists.
fatal: [localhost]: FAILED! => {
"changed": true,
"cmd": "./setup_notebook.sh 'kubectl --kubeconfig /root/.kube/config -n mlops-ex-demo' 'mlflow'",
"delta": "0:00:04.303174",
"end": "2022-03-07 20:43:44.310150",
"msg": "non-zero return code",
"rc": 1,
"start": "2022-03-07 20:43:40.006976",
"stderr": "Error from server (NotFound): secrets \"hpecp-kc-secret-7ef8565ce52989f4312f16c43d3de9b0\" not found\nError from server: error when creating \"STDIN\": admission webhook \"hard-validate-cr.kubedirector.hpe.com\" denied the request: \nInvalid role(controller) in app(training-engine) specified. Valid roles: \"LoadBalancer,RESTServer\"",
"stderr_lines": [
"Error from server (NotFound): secrets \"hpecp-kc-secret-7ef8565ce52989f4312f16c43d3de9b0\" not found",
"Error from server: error when creating \"STDIN\": admission webhook \"hard-validate-cr.kubedirector.hpe.com\" denied the request: ",
"Invalid role(controller) in app(training-engine) specified. Valid roles: \"LoadBalancer,RESTServer\""
],
"stdout": "secret/hpecp-kc-secret-7ef8565ce52989f4312f16c43d3de9b0 created\nLaunching Training Cluster",
"stdout_lines": [
"secret/hpecp-kc-secret-7ef8565ce52989f4312f16c43d3de9b0 created",
"Launching Training Cluster"
]
}
add license to header of each bash file
Copyright 2022 Hewlett Packard Enterprise
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
with comments and line wrap @ 80 chars (see https://github.com/HewlettPackard/ezdemo/blob/main/start.sh for example)
# =============================================================================
# Copyright 2022 Hewlett Packard Enterprise
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
# SOFTWARE.
# =============================================================================
provide automation for registering baremetal DF?
Thanks to @jaideepjoshi
register-xdf-tenant-storage.sh
#!/bin/bash
exec > >(tee -i generated/$(basename $0).log)
exec 2>&1
set -e
set -u
set -o pipefail
source "./scripts/functions.sh"
source "./scripts/00b-load-env-variables.sh"
export HPECP_CONFIG_FILE="./generated/hpecp.conf"
if [[ ! -d generated ]]; then
echo "This file should be executed from the project directory"
exit 1
fi
XDFHOST1=`cat ./generated/novalist |grep $PROJECT_ID|grep externaldf-host-1| awk '{ split($12, v, "="); print v[2]}'`
echo "Creating Service Ticket"
ssh -o StrictHostKeyChecking=no -i "./generated/controller.prv_key" -T ubuntu@$XDFHOST1 << ENDSSH1
sudo apt-get install -y expect
set -x
expect <<EOF
spawn \maprlogin password -user mapr
expect "Password for user 'mapr' at cluster 'xdf.demo.com': " { send "mapr\r" }
expect eof
EOF
maprlogin print
maprlogin generateticket -type service -user mapr -out /tmp/mapr-service-ticket
chmod 777 /tmp/mapr-service-ticket
echo "Done Creating Service Ticket"
sudo ls -l /tmp/mapr-service-ticket
ENDSSH1
echo "Creating Secrets File"
scp -i "./generated/controller.prv_key" ./files/gen-external-secrets.sh ubuntu@$XDFHOST1:/tmp/gen-external-secrets.sh
#ssh -i "./generated/controller.prv_key" -T ubuntu@$XDFHOST1 "sudo cp /tmp/gen-external-secrets.sh /home/mapr/gen-external-secrets.sh"
#ssh -i "./generated/controller.prv_key" -T ubuntu@$XDFHOST1 "sudo chmod 777 /home/mapr/gen-external-secrets.sh"
#ssh -i "./generated/controller.prv_key" -T ubuntu@$XDFHOST1 "sudo chown mapr:mapr /home/mapr/gen-external-secrets.sh"
ssh -o StrictHostKeyChecking=no -i "./generated/controller.prv_key" -T ubuntu@$XDFHOST1 << ENDSSH2
set -x
sudo cp /tmp/gen-external-secrets.sh /home/mapr/gen-external-secrets.sh
sudo chmod 777 /home/mapr/gen-external-secrets.sh
sudo chown mapr:mapr /home/mapr/gen-external-secrets.sh
expect <<EOF
spawn \sudo runuser -l mapr -c /home/mapr/gen-external-secrets.sh
expect "Please provide output filename:" { send "mapr-external-secrets.yaml\r" }
expect "Please provide the MapR username:" { send "mapr\r" }
expect "Please provide mapr's password:" { send "mapr\r" }
expect "Is this a Kubernetes Storage Node?" { send "n\r" }
expect "Please provide the server configmap name:" { send "mapr-external-cm\r" }
expect "Please provide the user secret name:" { send "mapr-user-secrets\r" }
expect "Please provide the server secret name:" { send "mapr-server-secrets\r" }
expect "Please provide the client secret name:" { send "mapr-client-secrets\r" }
expect "Please provide the hivesite configmap name:" { send "mapr-hivesite-cm\r" }
expect eof
EOF
ENDSSH2
echo "Copying Secrets File and ssl trustore to /tmp"
ssh -o StrictHostKeyChecking=no -i "./generated/controller.prv_key" -T ubuntu@$XDFHOST1 << ENDSSH3
sudo cp /home/mapr/mapr-external-secrets.yaml /tmp/mapr-external-secrets.yaml
sudo cp /opt/mapr/conf/ssl_truststore /tmp/ssl_truststore
sudo ls -l /tmp/mapr-external-secrets.yaml
sudo ls -l /tmp/ssl_truststore
echo "Done Secrets File and ssl trustore to /tmp"
ENDSSH3
echo "Copying Ticket, Secrets, SSL TrustStore, Manifest File to ./generated"
scp -i "./generated/controller.prv_key" ubuntu@$XDFHOST1:/tmp/mapr-service-ticket ./generated/mapr-service-ticket
scp -i "./generated/controller.prv_key" ubuntu@$XDFHOST1:/tmp/mapr-external-secrets.yaml ./generated/mapr-external-secrets.yaml
scp -i "./generated/controller.prv_key" ubuntu@$XDFHOST1:/tmp/ssl_truststore ./generated/ssl_truststore
cp ./files/ext-dftenant-manifest ./generated/ext-dftenant-manifest
echo "Copying Ticket, Secrets, SSL TrustStore, Manifest File to Controller"
for CONTROLLER in `cat ./generated/novalist |grep $PROJECT_ID|grep controller | awk '{ split($12, v, "="); print v[2]}'`
do
scp -i "./generated/controller.prv_key" ./generated/mapr-service-ticket centos@$CONTROLLER:/opt/bluedata/bundles/hpe-cp-rhel-release-5.4-150/scripts/mapr-service-ticket
scp -i "./generated/controller.prv_key" ./generated/mapr-external-secrets.yaml centos@$CONTROLLER:/opt/bluedata/bundles/hpe-cp-rhel-release-5.4-150/scripts/mapr-external-secrets.yaml
scp -i "./generated/controller.prv_key" ./generated/ssl_truststore centos@$CONTROLLER:/opt/bluedata/bundles/hpe-cp-rhel-release-5.4-150/scripts/ssl_truststore
ssh -i "./generated/controller.prv_key" -T centos@$CONTROLLER "mkdir /opt/bluedata/tmp/ext-bm-mapr"
scp -i "./generated/controller.prv_key" ./generated/ext-dftenant-manifest centos@$CONTROLLER:/opt/bluedata/tmp/ext-bm-mapr/ext-dftenant-manifest
done
echo "Congiguring XDF as Tenant Storage"
ssh -i "./generated/controller.prv_key" -T centos@$CONTROLLER "LOG_FILE_PATH=/tmp/"ext_configure_dftenants_"`date +"%Y-%m-%d.%H.%M"`".txt" HCP_ADMIN_PASS="admin123" /opt/bluedata/bundles/hpe-cp-*/startscript.sh --action ext_configure_dftenants"
echo "Registering XDF as Tenant Storage"
ssh -i "./generated/controller.prv_key" -T centos@$CONTROLLER "LOG_FILE_PATH=/tmp/"ext_register_dftenants_"`date +"%Y-%m-%d.%H.%M"`".txt" HCP_ADMIN_PASS="admin123" /opt/bluedata/bundles/hpe-cp-*/startscript.sh --action ext_register_dftenants"
#need expect for the following
#Enter Site Admin username: admin
#Enter Site Admin password: admin123
ext-dftenant-manifest
CLDB_LIST="jai-ecp-demo-externaldf-host-1.demo.com"
CLDB_PORT="7222"
SECURE="true"
CLUSTER_NAME="xdf.demo.com"
REST_URL="https://jai-ecp-demo-externaldf-host-1.demo.com:8443/rest/"
EXT_MAPR_MOUNT_DIR="/xdf"
TICKET_FILE_LOCATION="/opt/bluedata/bundles/hpe-cp-rhel-release-5.4-150/scripts/mapr-service-ticket"
SSL_TRUSTSTORE_LOCATION="/opt/bluedata/bundles/hpe-cp-rhel-release-5.4-150/scripts/ssl_truststore"
EXT_SECRETS_FILE_LOCATION="/opt/bluedata/bundles/hpe-cp-rhel-release-5.4-150/scripts/mapr-external-secrets.yaml"
HCP_ADMIN="admin"
FORCE_ERASE="false"
RESTART_CNODE="false"
`
create MLOPS SCC configuration using API
To update the MLOPS SCC configuration:
POST /api/v2/k8scluster/ {cluster_id} /kubectl
E.g. Parent
{
"method": "post",
"apiurl": "https://127.0.0.1:8080",
"timeout": 239,
"data": {
"kubectl_op": "create",
"cluster_href": "/api/v2/k8scluster/1",
"payload": {
"apiVersion": "v1",
"kind": "ConfigMap",
"metadata": {
"namespace": "k8s-tenant-1",
"name": "abc",
"labels": {
"kubedirector.hpe.com/cmType": "source-control",
"createdByUser": "6",
"createdByRole": "Admin"
}
},
"data": {
"type": "github",
"repoURL": "[email protected]:hpe-container-platform-community/example_active_directory_server.git",
"authType": "token",
"branch": "main",
"workingDirectory": "",
"proxyProtocol": "",
"proxyHostname": "",
"proxyPort": "",
"description": ""
}
}
},
"op": "source_control_action"
}
Example child
{
"method": "post",
"apiurl": "https://127.0.0.1:8080",
"timeout": 239,
"data": {
"kubectl_op": "create",
"cluster_href": "/api/v2/k8scluster/1",
"payload": {
"apiVersion": "v1",
"kind": "ConfigMap",
"metadata": {
"namespace": "k8s-tenant-1",
"name": "mysccchild",
"labels": {
"kubedirector.hpe.com/cmType": "source-control",
"createdByUser": "22",
"createdByRole": "Member",
"parentConfiguration": "myscc"
}
},
"data": {
"type": "github",
"repoURL": "[email protected]:hpe-container-platform-community/example_active_directory_server.git",
"authType": "token",
"branch": "main",
"workingDirectory": "",
"proxyProtocol": "",
"proxyHostname": "",
"proxyPort": "",
"username": "mygitusername",
"email": "[email protected]",
"token": "mygittoken",
"description": ""
}
}
},
"op": "source_control_action"
}
Enable airgap installation for Runtime
Enable airgap installation from pre-populated repo (using https://docs.containerplatform.hpe.com/54/reference/deploying-the-platform/phase-4/using-the-air-gap-utility-script.html)
AD parameters for MLOps
MLOps scripts should not use hard-coded AD users/groups (ad_user1/ad_admin1).
We can provide these users via ansible inventory if install_ad=false.
support baremetal deployment (i.e. no infra automation)
@erdincka - does this look like it could work?
baremetal/myvars.tfvars
...
workers_private_ip = [ 1.2.3.4 ]
workers_private_dns = [ a.b.c ]
worker_count = [ 2 ]baremetal/variables.tf
variable workers_private_ip { default = [] }
variable workers_private_dns { default = [ ] }
variable worker_count { default = [] }
...
output "workers_private_ip" {
value = vars.workers_private_ip
}
output "workers_private_dns" {
value = vars.workers_private_dns
}
output "worker_count" {
value = vars.worker_count
}We should just need these files and a config.json file?
ssh to hosts integration
Following feedback I've received from the field, several users have issues connecting to the controller, gateway or K8s master (on AWS). It would be interesting to either integrate a console where we could directly ssh to hosts or at least have a button that could create that connection (something like the ssh scripts from Chris Snow for example).
notebook doesn't display in list of notebooks for ad_user1
new branch for onPremise deployment
My Ansible scripts would already support VMware, oVirt, and Baremetal, but since I can't find an easy way to add them here without risking that the AWS/Azure deployment doesn't work anymore, I will open another branch and if the on-premise deployments run stable then we can merge both projects again. What do you think?
onPremise requirements
With onPremise deployments like Baremetal, oVirt, VMware, HyperV we also need to support existing infrastructure components like AD/LDAP/PROXY/DNS/NTP...., right?
Ubuntu based demo?
Just curious about running this demo on a Ubuntu 20.04, please close issue if this is the incorrect forum for this question.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.