From Fedora Project Wiki
No edit summary |
No edit summary |
||
| Line 174: | Line 174: | ||
4 f - Setup Plugins | 4 f - Setup Plugins | ||
Edit /var/www/stickshift/broker/Gemfile and add the following in the plugin section | Edit /var/www/stickshift/broker/Gemfile and add the following in the plugin section | ||
<pre> | |||
gem 'openshift-origin-msg-broker-mcollective' | gem 'openshift-origin-msg-broker-mcollective' | ||
gem 'openshift-origin-dns-bind' | gem 'openshift-origin-dns-bind' | ||
gem 'openshift-origin-auth-mongo' | gem 'openshift-origin-auth-mongo' | ||
</pre> | |||
Then do the following | Then do the following | ||
<pre> | |||
cd /var/www/stickshift/broker/ | cd /var/www/stickshift/broker/ | ||
bundle --local | bundle --local | ||
</pre> | |||
Then edit /var/www/stickshift/broker/config/environments/development.rb and add the following at the very last, after the very last 'end' statement | Then edit /var/www/stickshift/broker/config/environments/development.rb and add the following at the very last, after the very last 'end' statement | ||
<pre> | |||
require File.expand_path('../plugin-config/openshift-origin-msg-broker-mcollective.rb', __FILE__) | require File.expand_path('../plugin-config/openshift-origin-msg-broker-mcollective.rb', __FILE__) | ||
require File.expand_path('../plugin-config/openshift-origin-dns-bind.rb', __FILE__) | require File.expand_path('../plugin-config/openshift-origin-dns-bind.rb', __FILE__) | ||
require File.expand_path('../plugin-config/openshift-origin-auth-mongo.rb', __FILE__) | require File.expand_path('../plugin-config/openshift-origin-auth-mongo.rb', __FILE__) | ||
</pre> | |||
And then do the following. | And then do the following. | ||
It is best if you are still in the same session that you did the DNS setup, so that you have the variables still set. | It is best if you are still in the same session that you did the DNS setup, so that you have the variables still set. | ||
<pre> | |||
mkdir -p /var/www/stickshift/broker/config/environments/plugin-config | mkdir -p /var/www/stickshift/broker/config/environments/plugin-config | ||
cat < /var/www/stickshift/broker/config/environments/plugin-config/uplift-bind-plugin.rb | cat < /var/www/stickshift/broker/config/environments/plugin-config/uplift-bind-plugin.rb | ||
| Line 210: | Line 211: | ||
perl -p -i -e "s/.*:domain_suffix.*/ :domain_suffix => \"${domain}\",/" /var/www/stickshift/broker/config/environments/*.rb | perl -p -i -e "s/.*:domain_suffix.*/ :domain_suffix => \"${domain}\",/" /var/www/stickshift/broker/config/environments/*.rb | ||
</pre> | |||
5 - Reboot and Test | 5 - Reboot and Test | ||
After your machine has been rebooted, log in, and try the following | After your machine has been rebooted, log in, and try the following | ||
<pre> | |||
curl -Ik https://localhost/broker/rest/api | curl -Ik https://localhost/broker/rest/api | ||
* If you get an error do | * If you get an error do | ||
curl -k https://localhost/broker/rest/api | curl -k https://localhost/broker/rest/api | ||
</pre> | |||
Revision as of 15:12, 19 October 2012
Wiki version of https://openshift.redhat.com/community/forums/openshift/fedora-18-openshift-origin-setup-steps-and-testing
so we can edit and adjust
1 - Install OpenShift Origin packages
yum install "*openshift*" yum install mcollective-qpid-plugin yum install qpid-cpp-server
2 - Turn off selinux (for now, this step will go away)
setenforce 0 sed -i -e 's|SELINUX=enforcing|SELINUX=permissive|' /etc/sysconfig/selinux
3 - Setup the Broker 3a - Setup MongoDB(This part is the same as the original instructions) https://openshift.redhat.com/community/wiki/build-your-own#Configuring_MongoDB
To configure MongoDB to require authentication:
Open the /etc/mongodb.conf file on the broker host.
Locate the line beginning with "auth=" and ensure that it is set to "true", as follows:
auth = true
Save and close the file.
To configure the MongoDB default database size:
Open the /etc/mongodb.conf file on the broker host.
Locate the line beginning with "smallfiles=" and ensure that it is set to "true", as follows:
smallfiles = true
Save and close the file.
Start mongodb and make sure it starts on reboot
systemctl start mongod.service
systemctl enable mongod.service
Make sure the mongo daemon is running by connecting to it mongo Sometimes it takes a little while for it to start up. Keep trying until it connects. Then exit out. Create initial mongodb accounts.
mongo stickshift_broker_dev --eval 'db.addUser("stickshift", "mooo")'
mongo stickshift_broker_dev --eval 'db.auth_user.update({"_id":"admin"}, {"_id":"admin","user":"admin","password":"2a8462d93a13e51387a5e607cbd1139f"}, true)'
3b - Setup the firewall
firewall-cmd --add-service=ssh firewall-cmd --add-service=https firewall-cmd --add-service=http firewall-cmd --add-service=dns firewall-cmd --add-port=5672/tcp
3c - Setup services
systemctl enable httpd systemctl enable mcollective systemctl enable mongod chkconfig network on systemctl enable openshift-origin-broker systemctl enable sshd systemctl enable qpidd
3d - Setup mcollective Save off /etc/mcollective/client.cfg and /etc/mcollective/server.cfg. Then edit them so that they look like the following. Note: Change broker.example.com to whatever your hostname is.
/etc/mcollective/client.cfg
topicprefix = /topic/ main_collective = mcollective collectives = mcollective libdir = /usr/libexec/mcollective loglevel = debug logfile = /var/log/mcollective-client.log # Plugins securityprovider = psk plugin.psk = unset connector = qpid plugin.qpid.host=broker.example.com plugin.qpid.secure=false plugin.qpid.timeout=5 # Facts factsource = yaml plugin.yaml = /etc/mcollective/facts.yaml
/etc/mcollective/server.cfg
topicprefix = /topic/ main_collective = mcollective collectives = mcollective libdir = /usr/libexec/mcollective logfile = /var/log/mcollective.log loglevel = debug daemonize = 1 direct_addressing = n # Plugins securityprovider = psk plugin.psk = unset connector = qpid plugin.qpid.host=broker.example.com plugin.qpid.secure=false plugin.qpid.timeout=5 # Facts factsource = yaml plugin.yaml = /etc/mcollective/facts.yaml
4e - Setup DNS Note 1: Do the DNS all in one sweep so the variables match Note 2: Change example.com to whatever your machines domain name is. Note3: Yep, except for the first line, you can cut and paste this whole thing.
export domain=example.com
export keyfile=/var/named/${domain}.key
rm -vf /var/named/K${domain}*
cd /var/named
dnssec-keygen -a HMAC-MD5 -b 512 -n USER -r /dev/urandom ${domain}
KEY="$(grep Key: K${domain}*.private | cut -d ' ' -f 2)"
rndc-confgen -a -r /dev/urandom
restorecon -v /etc/rndc.* /etc/named.*
chown -v root:named /etc/rndc.key
chmod -v 640 /etc/rndc.key
echo "forwarders { 8.8.8.8; 8.8.4.4; } ;" > /var/named/forwarders.conf
restorecon -v /var/named/forwarders.conf
chmod -v 755 /var/named/forwarders.conf
export uplift="$(rpm -q rubygem-openshift-origin-dns-bind --qf '%{NAME}-%{VERSION}')"
sed "s/example.com/${domain}/g" < /usr/share/gems/gems/${uplift#rubygem-}/doc/examples/example.com.db > /var/named/dynamic/${domain}.db
cat < /var/named/${domain}.key
key ${domain} {
algorithm HMAC-MD5;
secret "${KEY}";
};
EOF
chown -Rv named:named /var/named
restorecon -rv /var/named
mv /etc/named.conf /etc/named.conf.backup
sed "s/example.com/${domain}/g" < /usr/share/doc/${uplift}/examples/named.conf > /etc/named.conf
chown -v root:named /etc/named.conf
/usr/bin/chcon system_u:object_r:named_conf_t:s0 -v /etc/named.conf
/bin/systemctl start named.service
echo "nameserver 127.0.0.1
Then run "nsupdate -k ${keyfile}" and put in the following
Note1: Change broker.example.com to your hostname
Note2: Change 10.0.0.1 to your ip address Note3: Type CTR+D (The Control key with the "d" key) to exit out of the program.
server 127.0.0.1
update delete broker.example.com A
update add broker.example.com 180 A 10.0.0.1
send
Finally, add "nameserver 127.0.0.1" to the top of /etc/resolve.conf
4 f - Setup Plugins Edit /var/www/stickshift/broker/Gemfile and add the following in the plugin section
gem 'openshift-origin-msg-broker-mcollective' gem 'openshift-origin-dns-bind' gem 'openshift-origin-auth-mongo'
Then do the following
cd /var/www/stickshift/broker/ bundle --local
Then edit /var/www/stickshift/broker/config/environments/development.rb and add the following at the very last, after the very last 'end' statement
require File.expand_path('../plugin-config/openshift-origin-msg-broker-mcollective.rb', __FILE__)
require File.expand_path('../plugin-config/openshift-origin-dns-bind.rb', __FILE__)
require File.expand_path('../plugin-config/openshift-origin-auth-mongo.rb', __FILE__)
And then do the following. It is best if you are still in the same session that you did the DNS setup, so that you have the variables still set.
mkdir -p /var/www/stickshift/broker/config/environments/plugin-config
cat < /var/www/stickshift/broker/config/environments/plugin-config/uplift-bind-plugin.rb
Broker::Application.configure do
config.dns = {
:server => "127.0.0.1",
:port => 53,
:keyname => "${domain}",
:keyvalue => "${KEY}",
:zone => "${domain}"
}
end
EOF
chown -v apache:apache /var/www/stickshift/broker/config/environments/plugin-config/uplift-bind-plugin.rb
restorecon -v /var/www/stickshift/broker/config/environments/plugin-config/uplift-bind-plugin.rb
perl -p -i -e "s/.*:domain_suffix.*/ :domain_suffix => \"${domain}\",/" /var/www/stickshift/broker/config/environments/*.rb
5 - Reboot and Test After your machine has been rebooted, log in, and try the following
curl -Ik https://localhost/broker/rest/api * If you get an error do curl -k https://localhost/broker/rest/api