Install telegraf on all provisioned VMs

Install binaries as early as possible in the provisioning process, and start them, in order to monitor provisioning too. To achieve this, some OS auto-detection logic is introduced in shell script common.sourced.sh. The script can be sourced and used in all kind of other generic scripts. ioping is also installed from custom-compiled binaries in order to monitor the disk latency of the VMs. Reason we don't use ioping from the repositories, is that the units differ between ioping versions (new ioping reports latencies in nanoseconds, old in microseconds). Fixes: QTQAINFRA-3092 Change-Id: I9d9afb791955725d4bd0b32dae97dfc0bd4a76a3 Reviewed-by: Heikki Halmet <heikki.halmet@qt.io>
author: Dimitrios Apostolou <jimis@qt.io> 2019-07-24 16:17:46 +0200
committer: Dimitrios Apostolou <jimis@qt.io> 2019-09-27 08:42:31 +0200
commit: fbe3a8d84e943b8e1ff89389bc6af9e09532722a (patch)
tree: 16feb9af6e1c6983e6a0c186ce1fcc6937d333c0 /coin/provisioning/common/unix
parent: 0a0ec7ffe33d8d646ad700b2b7b26541ee910420 (diff)
3 files changed, 297 insertions, 0 deletions
diff --git a/coin/provisioning/common/unix/common.sourced.sh b/coin/provisioning/common/unix/common.sourced.sh
new file mode 100644
index 00000000..a52880b2
--- /dev/null
+++ b/coin/provisioning/common/unix/common.sourced.sh
@@ -0,0 +1,139 @@
+#!/bin/sh
+
+
+#############################################################################
+##
+## Copyright (C) 2019 The Qt Company Ltd.
+## Contact: http://www.qt.io/licensing/
+##
+## This file is part of the provisioning scripts of the Qt Toolkit.
+##
+## $QT_BEGIN_LICENSE:LGPL21$
+## Commercial License Usage
+## Licensees holding valid commercial Qt licenses may use this file in
+## accordance with the commercial license agreement provided with the
+## Software or, alternatively, in accordance with the terms contained in
+## a written agreement between you and The Qt Company. For licensing terms
+## and conditions see http://www.qt.io/terms-conditions. For further
+## information use the contact form at http://www.qt.io/contact-us.
+##
+## GNU Lesser General Public License Usage
+## Alternatively, this file may be used under the terms of the GNU Lesser
+## General Public License version 2.1 or version 3 as published by the Free
+## Software Foundation and appearing in the file LICENSE.LGPLv21 and
+## LICENSE.LGPLv3 included in the packaging of this file. Please review the
+## following information to ensure the GNU Lesser General Public License
+## requirements will be met: https://www.gnu.org/licenses/lgpl.html and
+## http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
+##
+## As a special exception, The Qt Company gives you certain additional
+## rights. These rights are described in The Qt Company LGPL Exception
+## version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
+##
+## $QT_END_LICENSE$
+##
+#############################################################################
+
+
+# Script to be sourced from everywhere you need a common environment. Defines:
+export PROVISIONING_DIR
+export PROVISIONING_OS
+export PROVISIONING_OS_ID
+export PROVISIONING_ARCH
+export CMD_PKG_INSTALL
+export CMD_PKG_LOCALINSTALL
+export CMD_INSTALL
+
+
+
+if [ x"$IS_PROVISIONING_COMMON_SOURCED" != x ]
+then
+    echo "common.sourced.sh has already been sourced, re-sourcing skipped"
+    return
+fi
+
+# Do not export; you want children to re-source, because they only inherit the
+# variables but not the functions
+IS_PROVISIONING_COMMON_SOURCED=1
+
+
+fatal () {
+    echo "$1" 1>&2
+    if [ x"$2" != x ]
+    then  exit "$2"
+    else  exit
+    fi
+}
+
+is_script_executed () {
+   [ x"$(basename "$0")" = x"$1" ]
+}
+
+
+is_script_executed  common.sourced.sh  \
+    && fatal "Script common.sourced.sh should always be sourced, not executed"
+
+
+set_common_environment () {
+    # Unfortunately we can't find the provisioning directory from a sourced
+    # script in a portable way
+    # PROVISIONING_DIR="$(dirname "$0")/../../"
+
+    [ x"$PROVISIONING_DIR" = x ]  \
+        &&  fatal  "PROVISIONING_DIR variable needs to be set before calling set_common_environment"
+
+    uname_s="$(uname -s)"
+    case "$uname_s" in
+        Linux)
+            PROVISIONING_OS=linux
+            . /etc/os-release
+            PROVISIONING_OS_ID="$ID"
+            case "$PROVISIONING_OS_ID" in
+                suse|sles|opensuse*)
+                    CMD_PKG_INSTALL="sudo zypper -nq install"
+                    CMD_PKG_LOCALINSTALL="sudo zypper --no-gpg-checks -nq install"
+                    ;;
+                debian|ubuntu)
+                    CMD_PKG_INSTALL="sudo apt -y install"
+                    CMD_PKG_LOCALINSTALL="sudo apt -y install"
+                    ;;
+                rhel|centos|fedora)
+                    CMD_PKG_INSTALL="sudo yum -y install"
+                    CMD_PKG_LOCALINSTALL="sudo yum -y --nogpgcheck localinstall"
+                    ;;
+                *)  fatal "Unknown ID in /etc/os-release: $PROVISIONING_OS_ID" ;;
+            esac
+            ;;
+        Darwin)
+            PROVISIONING_OS=macos
+            PROVISIONING_OS_ID=macos
+            CMD_PKG_INSTALL="brew install"
+            CMD_PKG_LOCALINSTALL="echo 'TODO how to install a package file on macOS'"
+            ;;
+        *)
+            fatal "Unknown system in uname: $uname_s" 42
+            ;;
+    esac
+
+    uname_m="$(uname -m)"
+    case "$uname_m" in
+        x86_64|amd64) PROVISIONING_ARCH=amd64 ;;
+        i[3456]86)    PROVISIONING_ARCH=x86  ;;
+        *) fatal "Unknown architecture in uname: $uname_m" 43 ;;
+    esac
+
+    CMD_INSTALL="sudo install"
+}
+
+set_common_environment
+
+set_dry_run () {
+    if [ x"$PROVISIONING_DRY_RUN" != x ]
+    then
+        CMD_PKG_INSTALL="echo DRYRUN:  $CMD_PKG_INSTALL"
+        CMD_PKG_LOCALINSTALL="echo DRYRUN:  $CMD_PKG_LOCALINSTALL"
+        CMD_INSTALL="echo DRYRUN:  $CMD_INSTALL"
+    fi
+}
+
+set_dry_run
diff --git a/coin/provisioning/common/unix/telegraf_install.sh b/coin/provisioning/common/unix/telegraf_install.sh
new file mode 100755
index 00000000..1412650e
--- /dev/null
+++ b/coin/provisioning/common/unix/telegraf_install.sh
@@ -0,0 +1,98 @@
+#!/bin/sh
+
+#############################################################################
+##
+## Copyright (C) 2019 The Qt Company Ltd.
+## Contact: http://www.qt.io/licensing/
+##
+## This file is part of the provisioning scripts of the Qt Toolkit.
+##
+## $QT_BEGIN_LICENSE:LGPL21$
+## Commercial License Usage
+## Licensees holding valid commercial Qt licenses may use this file in
+## accordance with the commercial license agreement provided with the
+## Software or, alternatively, in accordance with the terms contained in
+## a written agreement between you and The Qt Company. For licensing terms
+## and conditions see http://www.qt.io/terms-conditions. For further
+## information use the contact form at http://www.qt.io/contact-us.
+##
+## GNU Lesser General Public License Usage
+## Alternatively, this file may be used under the terms of the GNU Lesser
+## General Public License version 2.1 or version 3 as published by the Free
+## Software Foundation and appearing in the file LICENSE.LGPLv21 and
+## LICENSE.LGPLv3 included in the packaging of this file. Please review the
+## following information to ensure the GNU Lesser General Public License
+## requirements will be met: https://www.gnu.org/licenses/lgpl.html and
+## http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
+##
+## As a special exception, The Qt Company gives you certain additional
+## rights. These rights are described in The Qt Company LGPL Exception
+## version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
+##
+## $QT_END_LICENSE$
+##
+#############################################################################
+
+
+# This script installs telegraf and ioping and our script telegraf-ioping.sh
+# to the /usr/bin directory.
+#
+# The reasons we don't install to /usr/local/bin are:
+# 1. On SLES and RHEL, the PATH of sudo (secure_path setting in /etc/sudoers)
+#    does not include /usr/local/bin.
+# 2. On macOS /usr/local/bin does not even exist early in provisioning.
+
+
+######################## BOILERPLATE ###########################
+set -e
+
+
+PROVISIONING_DIR="$(dirname "$0")/../../"
+. "$PROVISIONING_DIR"/common/unix/common.sourced.sh
+
+. "$PROVISIONING_DIR"/common/unix/DownloadURL.sh
+
+is_script_executed telegraf_install.sh  \
+    || fatal "Script telegraf_install.sh should be executed, not sourced"
+
+################################################################
+
+
+[ "$PROVISIONING_OS" = linux ]  \
+    && ioping_sha256=259abf04bcb84f4126ff97c04b6651e1cf5ea6d8a9ff364c769a26c95b6eeb44  \
+    || ioping_sha256=55de6a2f1a5343e0ce8df31d82d47a9e79c7e612edbc6dfb39b5fc6fb358b2e3
+DownloadURL "http://ci-files01-hki.intra.qt.io/input/ioping/ioping.${PROVISIONING_OS}-${PROVISIONING_ARCH}"  \
+    ''  "$ioping_sha256"  ioping
+$CMD_INSTALL -m 755 ./ioping /usr/bin/
+rm -f ioping
+
+# 2. Install custom ioping monitoring script
+$CMD_INSTALL -m 755  "$PROVISIONING_DIR"/common/shared/telegraf/telegraf-ioping.sh  /usr/bin/
+
+# 3. Download and install telegraf
+
+[ x"$PROVISIONING_OS"   = xmacos ] && os=darwin || os=linux
+[ x"$PROVISIONING_ARCH" = xx86   ] && arch=i386 || arch=amd64
+package_filename=telegraf-1.12.1_${os}_${arch}.tar.gz
+package_sha256_list="$PROVISIONING_DIR"/common/shared/telegraf/telegraf_packages.sha256.txt
+package_sha256=$(sed -n "s/.*$package_filename *//p" "$package_sha256_list")
+
+DownloadURL  \
+    http://ci-files01-hki.intra.qt.io/input/telegraf/"$package_filename"  \
+    https://dl.influxdata.com/telegraf/releases/"$package_filename"  \
+    "$package_sha256"  \
+    telegraf.tar.gz
+
+tar -xzf ./telegraf.tar.gz -C /tmp
+telegraf_binary=$(find /tmp/telegraf* -name telegraf -type f | grep /bin/ | head -1)
+$CMD_INSTALL -m 755  "$telegraf_binary"  /usr/bin/
+rm -rf /tmp/telegraf*
+
+# 4. Edit config file with passwords
+"$PROVISIONING_DIR"/common/unix/telegraf_password.sh
+
+# 5. Start telegraf in background (-b) and with retaining the environment (-E)
+#    in order to report as hostname = $COIN_UNIQUE_JOB_ID.
+/usr/bin/sudo -b -E telegraf --config /etc/telegraf-coin.conf >/dev/null 2>&1
+
+echo DONE: "Installed and started telegraf: $package_filename"
diff --git a/coin/provisioning/common/unix/telegraf_password.sh b/coin/provisioning/common/unix/telegraf_password.sh
new file mode 100755
index 00000000..efbed142
--- /dev/null
+++ b/coin/provisioning/common/unix/telegraf_password.sh
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+#############################################################################
+##
+## Copyright (C) 2019 The Qt Company Ltd.
+## Contact: http://www.qt.io/licensing/
+##
+## This file is part of the provisioning scripts of the Qt Toolkit.
+##
+## $QT_BEGIN_LICENSE:LGPL21$
+## Commercial License Usage
+## Licensees holding valid commercial Qt licenses may use this file in
+## accordance with the commercial license agreement provided with the
+## Software or, alternatively, in accordance with the terms contained in
+## a written agreement between you and The Qt Company. For licensing terms
+## and conditions see http://www.qt.io/terms-conditions. For further
+## information use the contact form at http://www.qt.io/contact-us.
+##
+## GNU Lesser General Public License Usage
+## Alternatively, this file may be used under the terms of the GNU Lesser
+## General Public License version 2.1 or version 3 as published by the Free
+## Software Foundation and appearing in the file LICENSE.LGPLv21 and
+## LICENSE.LGPLv3 included in the packaging of this file. Please review the
+## following information to ensure the GNU Lesser General Public License
+## requirements will be met: https://www.gnu.org/licenses/lgpl.html and
+## http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
+##
+## As a special exception, The Qt Company gives you certain additional
+## rights. These rights are described in The Qt Company LGPL Exception
+## version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
+##
+## $QT_END_LICENSE$
+##
+#############################################################################
+
+
+######################## BOILERPLATE ###########################
+set -e
+
+
+PROVISIONING_DIR="$(dirname "$0")/../../"
+. "$PROVISIONING_DIR"/common/unix/common.sourced.sh
+
+is_script_executed telegraf_password.sh  \
+    || fatal "Script telegraf_password.sh should be executed, not sourced, to avoid leaking secrets in the logs"
+# Avoid leaking secrets in the logs
+set +x
+################################################################
+
+
+# Provisioning should run even without the secrets repository
+influxdb_password=$(cut -d : -f 2  ~qt/work/influxdb/coin_vms_writer.auth)  \
+   || influxdb_password=no_password_provided
+
+rm -f ~qt/work/influxdb/coin_vms_writer.auth
+sed "s|COIN_VMS_WRITER_PASS|$influxdb_password|"  \
+    "$PROVISIONING_DIR"/common/"$PROVISIONING_OS"/telegraf-coin.conf  \
+    > .telegraf-coin.conf.final
+$CMD_INSTALL -m 600 .telegraf-coin.conf.final /etc/telegraf-coin.conf
+rm -f .telegraf-coin.conf.final
author	Dimitrios Apostolou <jimis@qt.io>	2019-07-24 16:17:46 +0200
committer	Dimitrios Apostolou <jimis@qt.io>	2019-09-27 08:42:31 +0200
commit	fbe3a8d84e943b8e1ff89389bc6af9e09532722a (patch)
tree	16feb9af6e1c6983e6a0c186ce1fcc6937d333c0 /coin/provisioning/common/unix
parent	0a0ec7ffe33d8d646ad700b2b7b26541ee910420 (diff)