more dockercon prep

Author: BretFisher

create-servers.sh

@@ -1,6 +1,8 @@
 #!/bin/bash
+set -x
 
-# create managers servers
+# create managers servers in digital ocean with pre-set environment vars
+# https://docs.docker.com/machine/drivers/digital-ocean/
 for server in {1..3}; do
 docker-machine create \
   --driver=digitalocean \
@@ -10,11 +12,27 @@ docker-machine create \
   --digitalocean-ssh-key-fingerprint="${SSH_FINGERPRINT}" \
   --digitalocean-tags=dogvscat \
   dvc${server} &
-
-# enable monitoring
-for server in {1..3}; do
-docker-machine scp daemon.json dvc${server}:/etc/docker/ && 
-docker-machine ssh dvc${server} systemctl restart docker &
 done
 
+# if you wanted to create these locally in virtualbox, you might do this
+# remember to check if you have enough RAM
+# https://docs.docker.com/machine/drivers/virtualbox/
+
+#for server in {1..3}; do
+#docker-machine create \
+#  --driver=virtualbox \
+#  --virtualbox-memory=2 \
+#  dvc${server} &
+#done
+
+# if you wanted to create these locally in hyper-v (windows 10), you might do this from git bash
+# remember to check if you have enough RAM and if virtual switch is created
+# https://docs.docker.com/machine/drivers/hyper-v/
 
+#for server in {1..3}; do
+#docker-machine create \
+#  --driver=hyperv \
+#  --hyperv-memory=2 \
+#  --hyperv-virtual-switch="Primary Virtual Swtich" \
+#  dvc${server} &
+#done

create-swarm.sh

@@ -1,3 +1,10 @@
 #!/bin/bash
+set -x
+
+# create a swarm as all managers
 docker-machine ssh dvc1 docker swarm init --listen-addr=eth1 --data-path-addr=eth1 --advertise-addr=eth1
 
+docker-machine ssh dvc1 docker swarm join-token manager
+
+# copy this command and add run it on other nodes
+# docker-machine ssh dvc2 <paste command>

dci-aws/.gitignore

@@ -4,6 +4,14 @@ docker_subscription.lic
 #terraform resources
 inventory/1.hosts
 
+# ansible resources
+group_vars/all
+.logs
+
+# client bundles
+ucp-bundle-admin
+ucp-bundle*
+
 # Created by https://www.gitignore.io/api/vim,macos,ansible,windows,terraform
 
 ### Ansible ###

dci-aws/group_vars/all

@@ -3,14 +3,14 @@
 #
 # Infrastructure stack
 #
-# infra_stack=vmware
+# infra_stack=aws
 
 #
 # Docker EE.
 #
 # docker_ee_version: 17.06
 
-# docker_ee_subscriptions_ubuntu: <placeholder> # Format: sub-xxx-xxx-xxx-xxx
+docker_ee_subscriptions_ubuntu: sub-a4bf3c6c-4024-443a-9a20-2337f6fa79e4
 # docker_ee_package_version: 3:17.06.2~ee~7~3-0~ubuntu
 #
 # docker_ee_subscriptions_centos: <placeholder> # Format: sub-xxx-xxx-xxx-xxx
@@ -37,14 +37,14 @@
 # Subscription and certificate directories.
 # These paths are relative to the root folder (containing inventory/, group_vars/, etc...)
 docker_ucp_certificate_directory: ssl_cert
-# docker_ucp_license_path: "{{ playbook_dir }}/docker_subscription.lic"
+docker_ucp_license_path: "{{ playbook_dir }}/license/docker_subscription.lic"
 
-# docker_ucp_admin_password: <placeholder>
+docker_ucp_admin_password: adminadmin123
 
 # DNS name of the UCP load balancer endpoint (e.g. "ucp.example.com").
 # This is also used for the SAN (subject alternative names) in any generated UCP certificate,
 # and as the address which DTR nodes will use to contact UCP.
-# docker_ucp_lb: <placeholder>
+docker_ucp_lb: ucp.dogvscat.biz
 
 #
 # Docker storage volume.
@@ -60,7 +60,7 @@ docker_ucp_certificate_directory: ssl_cert
 
 # DNS name of the DTR load balancer endpoint (e.g. "dtr.example.com").
 # This is also used for the SAN (subject alternative names) in any generated DTR certificate.
-# docker_dtr_lb: <placeholder>
+docker_dtr_lb: dtr.dogvscat.biz
 
 # The address the initial swarm leader will advertise.  The default behavior is to use
 # the publicly routable address of `ansible_default_ipv4`.  Override this to force swarm to
@@ -73,6 +73,7 @@ docker_ucp_certificate_directory: ssl_cert
 
 # Set to "disabled" to prevent the plugin being installed (even if cloudstor_plugin_options is set).
 cloudstor_plugin_version: 1.0
+# cloudstor_plugin_version: 18.01.0-ce
 
 # If defined and cloudstor_plugin_version is not "disabled", the playbook will
 # install the Cloudstor plugin with these settings on each node:

dci-aws/group_vars/all.example

@@ -0,0 +1,79 @@
+---
+
+#
+# Infrastructure stack
+#
+# infra_stack=vmware
+
+#
+# Docker EE.
+#
+# docker_ee_version: 17.06
+
+# docker_ee_subscriptions_ubuntu: <placeholder> # Format: sub-xxx-xxx-xxx-xxx
+# docker_ee_package_version: 3:17.06.2~ee~7~3-0~ubuntu
+#
+# docker_ee_subscriptions_centos: <placeholder> # Format: sub-xxx-xxx-xxx-xxx
+# docker_ee_package_version: 17.06.2.ee.7-3.el7.centos
+#
+# docker_ee_subscriptions_redhat: <placeholder> # Format: sub-xxx-xxx-xxx-xxx
+# docker_ee_package_version: 17.06.2.ee.7-3.el7.rhel
+#
+# docker_ee_subscriptions_oracle: <placeholder> # Format: sub-xxx-xxx-xxx-xxx
+# docker_ee_package_version: 17.06.2.ee.8-3.el7
+#
+# docker_ee_subscriptions_sles:   <placeholder> # Format: sub-xxx-xxx-xxx-xxx
+# docker_ee_package_version: 2:17.06.2.ee.7-3
+
+
+# docker_ee_package_version_win: 17.06.2-ee-7
+
+#
+# UCP.
+#
+
+# docker_ucp_version: 2.2.9
+
+# Subscription and certificate directories.
+# These paths are relative to the root folder (containing inventory/, group_vars/, etc...)
+docker_ucp_certificate_directory: ssl_cert
+# docker_ucp_license_path: "{{ playbook_dir }}/docker_subscription.lic"
+
+# docker_ucp_admin_password: <placeholder>
+
+# DNS name of the UCP load balancer endpoint (e.g. "ucp.example.com").
+# This is also used for the SAN (subject alternative names) in any generated UCP certificate,
+# and as the address which DTR nodes will use to contact UCP.
+# docker_ucp_lb: <placeholder>
+
+#
+# Docker storage volume.
+#
+# If this is set to a block device then the device will be formatted as ext4 (if not already formatted),
+# and mounted at /var/lib/docker.
+# docker_storage_volume="/dev/xvdb"
+# DTR
+#
+
+# docker_dtr_version: 2.4.3
+# docker_dtr_replica_id: <placeholder> # (A 12-character long hexadecimal number: e.g. 1234567890ab)
+
+# DNS name of the DTR load balancer endpoint (e.g. "dtr.example.com").
+# This is also used for the SAN (subject alternative names) in any generated DTR certificate.
+# docker_dtr_lb: <placeholder>
+
+# The address the initial swarm leader will advertise.  The default behavior is to use
+# the publicly routable address of `ansible_default_ipv4`.  Override this to force swarm to
+# listen on a non-default interface
+# docker_swarm_listen_address: <placeholder>
+
+#
+# Cloudstor
+#
+
+# Set to "disabled" to prevent the plugin being installed (even if cloudstor_plugin_options is set).
+cloudstor_plugin_version: 1.0
+
+# If defined and cloudstor_plugin_version is not "disabled", the playbook will
+# install the Cloudstor plugin with these settings on each node:
+# cloudstor_plugin_options: "CLOUD_PLATFORM=AWS EFS_ID_REGULAR=fs-AAA EFS_ID_MAXIO=fs-BBB EFS_SUPPORTED=1 AWS_STACK_ID=S2UCVL19bO2DOhi6"

dci-aws/group_vars/linux

@@ -1,3 +1,3 @@
 ---
 ansible_become: yes
-#ansible_user: ubuntu
+ansible_user: ubuntu

dci-aws/roles/docker-ee/filter_plugins/redhat.pyc

@@ -0,0 +1,4 @@
+*.pem
+*.crt
+*.key
+openssl.cnf

dci-aws/roles/docker-ucp/files/.gitignore

@@ -0,0 +1,4 @@
+#!/bin/sh
+openssl req -nodes -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 3650 -subj "/C=US/ST=Somewhere/L=Anywhere/O=Computer/CN=*.dogvscat.biz" -config openssl.cnf
+# cat cert.crt key.key > full.pem
+cp cert.pem ca.pem