#!/bin/bash
##
## Script to automate the Kubernetes CentOS client side pieces
##
. .variables
HOST_IP=`hostname -I | awk '{ print $1 }'`
echo "Setting up the Kubernetes repo:"
cat > /etc/yum.repos.d/kubernetes.repo << EOM
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg
       https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOM

echo "Installing docker, etcd, and kubectl"
yum install -y docker etcd kubectl

echo "Starting and enabling the docker daemon"
systemctl start docker && sudo systemctl enable docker

echo "Setting SELinux to permissive mode"
setenforce 0
sed -i s/SELINUX=enforcing/SELINUX=permissive/g /etc/selinux/config

echo "Making requried directories and copying key material"
mkdir -p /etc/kubernetes
cp ca.pem kubernetes-key.pem kubernetes.pem /etc/etcd/

echo "Generating the ETCD_INITIAL_CLUSTER parameter ..."

for (( i=0; i<=$COUNTER; i++ )); do
  if [ "$i" == "0" ]; then
    printf 'controller-'${i}'=https://'$KUBE_SUBNET_ADDR'.1'${i}':2380' > etcd-initial
  else
    printf ',controller-'${i}'=https://'$KUBE_SUBNET_ADDR'.1'${i}':2380' >> etcd-initial
  fi
done
ETCD_INITIAL_CLUSTER=`cat etcd-initial`

echo "Applying the configuration for etcd"
cat > /etc/etcd/etcd.conf << EOM
#[Member]
#ETCD_CORS=""
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
#ETCD_WAL_DIR=""
ETCD_LISTEN_PEER_URLS="https://$HOST_IP:2380"
ETCD_LISTEN_CLIENT_URLS="https://$HOST_IP:2379,https://127.0.0.1:2379"
#ETCD_MAX_SNAPSHOTS="5"
#ETCD_MAX_WALS="5"
ETCD_NAME="$HOSTNAME"
#ETCD_SNAPSHOT_COUNT="100000"
#ETCD_HEARTBEAT_INTERVAL="100"
#ETCD_ELECTION_TIMEOUT="1000"
#ETCD_QUOTA_BACKEND_BYTES="0"
#ETCD_MAX_REQUEST_BYTES="1572864"
#ETCD_GRPC_KEEPALIVE_MIN_TIME="5s"
#ETCD_GRPC_KEEPALIVE_INTERVAL="2h0m0s"
#ETCD_GRPC_KEEPALIVE_TIMEOUT="20s"
#
#[Clustering]
ETCD_INITIAL_ADVERTISE_PEER_URLS="https://$HOST_IP:2380"
ETCD_ADVERTISE_CLIENT_URLS="https://$HOST_IP:2379"
#ETCD_DISCOVERY=""
#ETCD_DISCOVERY_FALLBACK="proxy"
#ETCD_DISCOVERY_PROXY=""
#ETCD_DISCOVERY_SRV=""
ETCD_INITIAL_CLUSTER="$ETCD_INITIAL_CLUSTER"
ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster"
ETCD_INITIAL_CLUSTER_STATE="new"
#ETCD_STRICT_RECONFIG_CHECK="true"
#ETCD_ENABLE_V2="true"
#
#[Proxy]
#ETCD_PROXY="off"
#ETCD_PROXY_FAILURE_WAIT="5000"
#ETCD_PROXY_REFRESH_INTERVAL="30000"
#ETCD_PROXY_DIAL_TIMEOUT="1000"
#ETCD_PROXY_WRITE_TIMEOUT="5000"
#ETCD_PROXY_READ_TIMEOUT="0"
#
#[Security]
ETCD_CERT_FILE="/etc/etcd/kubernetes.pem"
ETCD_KEY_FILE="/etc/etcd/kubernetes-key.pem"
ETCD_CLIENT_CERT_AUTH="true"
ETCD_TRUSTED_CA_FILE="/etc/etcd/ca.pem"
#ETCD_AUTO_TLS="false"
ETCD_PEER_CERT_FILE="/etc/etcd/kubernetes.pem"
ETCD_PEER_KEY_FILE="/etc/etcd/kubernetes-key.pem"
ETCD_PEER_CLIENT_CERT_AUTH="true"
ETCD_PEER_TRUSTED_CA_FILE="/etc/etcd/ca.pem"
#ETCD_PEER_AUTO_TLS="false"
#
#[Logging]
#ETCD_DEBUG="false"
#ETCD_LOG_PACKAGE_LEVELS=""
#ETCD_LOG_OUTPUT="default"
#
#[Unsafe]
#ETCD_FORCE_NEW_CLUSTER="false"
#
#[Version]
#ETCD_VERSION="false"
#ETCD_AUTO_COMPACTION_RETENTION="0"
#
#[Profiling]
#ETCD_ENABLE_PPROF="false"
#ETCD_METRICS="basic"
#
#[Auth]
#ETCD_AUTH_TOKEN="simple"
EOM

cat > /usr/lib/systemd/system/etcd.service << EOM
[Unit]
Description=Etcd Server
After=network.target
After=network-online.target
Wants=network-online.target

[Service]
Type=notify
WorkingDirectory=/var/lib/etcd/
EnvironmentFile=-/etc/etcd/etcd.conf
User=etcd
# set GOMAXPROCS to number of processors
ExecStart=/bin/bash -c "GOMAXPROCS=\$(nproc) /usr/bin/etcd --name=\${ETCD_NAME} \\
							  --data-dir=\${ETCD_DATA_DIR} \\
							  --listen-client-urls=\${ETCD_LISTEN_CLIENT_URLS} \\
							  --listen-peer-urls=\${ETCD_LISTEN_PEER_URLS} \\
							  --initial-advertise-peer-urls=\${ETCD_INITIAL_ADVERTISE_PEER_URLS} \\
							  --advertise-client-urls=\${ETCD_ADVERTISE_CLIENT_URLS} \\
							  --initial-cluster=\${ETCD_INITIAL_CLUSTER} \\
							  --initial-cluster-token=\${ETCD_INITIAL_CLUSTER_TOKEN} \\
							  --initial-cluster-state=\${ETCD_INITIAL_CLUSTER_STATE} \\
							  --cert-file=\${ETCD_CERT_FILE} \\
							  --key-file=\${ETCD_KEY_FILE} \\
							  --client-cert-auth=\${ETCD_CLIENT_CERT_AUTH} \\
							  --trusted-ca-file=\${ETCD_TRUSTED_CA_FILE} \\
							  --peer-cert-file=\${ETCD_PEER_CERT_FILE} \\
							  --peer-key-file=\${ETCD_PEER_KEY_FILE} \\
							  --peer-client-cert-auth=\${ETCD_PEER_CLIENT_CERT_AUTH} \\
							  --peer-trusted-ca-file=\${ETCD_PEER_TRUSTED_CA_FILE}"
Restart=on-failure
LimitNOFILE=65536

[Install]
WantedBy=multi-user.target
EOM

chown etcd:etcd /etc/etcd/*.pem
rm -rf /var/lib/etcd/default.etcd

echo "Starting and enabling the etcd daemon"
systemctl daemon-reload
systemctl start etcd
systemctl enable etcd

echo "Checking that etcd is running"
etcdctl --ca-file /etc/etcd/ca.pem --cert-file /etc/etcd/kubernetes.pem --key-file /etc/etcd/kubernetes-key.pem --endpoints https://127.0.0.1:2379 member list

echo "The next step is to create the Kubernetes services"