Riak Node with System Update, Hostname and Private IP

by halzy
27 deployments · 13 still active · last rev. 1 year ago

Compatible with: Ubuntu 14.04 LTS
						#!/bin/bash
# Basic Script to set up a linode with hostname and private ip
# <UDF name="root_sshkey" label="Public Key for root" example="Recommended method of authentication. It is more secure than password log in." />
# <UDF name="sys_hostname" label="System hostname" example="Name of your server, i.e. linode1." />
# <UDF name="sys_private_ip" Label="Private IP" example="Configure network card to listen on this Private IP (if enabled in Linode/Remote Access settings tab). See http://library.linode.com/networking/configuring-static-ip-interfaces" />
# <UDF name="riak_cluster_ip" Label="Riak Cluster IP" default="" example="An IP address of a Riak Cluster Node" />

exec &> /root/stackscript.log

source <ssinclude StackScriptID="1">

########################################################
########################################################
function system_configure_private_network {
    # system_configure_private_network(private_ip)
    PRIVATE_IP=$1
    NETMASK="255.255.128.0"
    cat >>/etc/network/interfaces <<EOF
auto eth0:0
iface eth0:0 inet static
 address $PRIVATE_IP
 netmask $NETMASK
EOF
    touch /tmp/restart_initd-networking
}

function system_sshd_edit_bool {
    # system_sshd_edit_bool (param_name, "Yes"|"No")
    VALUE=`lower $2`
    if [ "$VALUE" == "yes" ] || [ "$VALUE" == "no" ]; then
        sed -i "s/^#*\($1\).*/\1 $VALUE/" /etc/ssh/sshd_config
    fi
}
function system_sshd_passwordauthentication {
    system_sshd_edit_bool "PasswordAuthentication" "$1"
}


function system_security_ufw_configure_basic {
    # see https://help.ubuntu.com/community/UFW
    # Private IP
    PRIVATE_IP=$1

    ufw logging on

    ufw default deny

    ufw allow from any to $PRIVATE_IP
    ufw allow from $PRIVATE_IP to any

    ufw allow ssh/tcp
    ufw limit ssh/tcp

    ufw allow http/tcp
    ufw allow https/tcp

    ufw enable
}

function restart_services {
    # restarts upstart services that have a file in /tmp/needs-restart/
    for service_name in $(ls /tmp/ | grep restart-* | cut -d- -f2-10); do
        service $service_name restart
        rm -f /tmp/restart-$service_name
    done
}

function restart_initd_services {
    # restarts upstart services that have a file in /tmp/needs-restart/
    for service_name in $(ls /tmp/ | grep restart_initd-* | cut -d- -f2-10); do
        /etc/init.d/$service_name restart
        rm -f /tmp/restart_initd-$service_name
    done
}
########################################################
########################################################

# Create user account
user_add_pubkey "root" "$ROOT_SSHKEY"
chmod 700 /home/root/.ssh
chmod 600 /home/root/.ssh/authorized_keys

cat > /etc/security/limits.conf <<EOD
* soft nofile 65536
* hard nofile 65536
EOD
ulimit -n 65536
echo "session required pam_limits.so" >> /etc/pam.d/common-session
echo "session required pam_limits.so" >>  /etc/pam.d/common-session-noninteractive

system_update
goodstuff
# dpkg-reconfigure tzdata

system_set_hostname "$SYS_HOSTNAME"
system_add_host_entry "$SYS_PRIVATE_IP" "$SYS_HOSTNAME" 

# may be done by linode
# system_configure_private_network "$SYS_PRIVATE_IP"

# Configure sshd
#system_sshd_passwordauthentication "No"
touch /tmp/restart-ssh

# Lock user account if not used for login
#ssh_disable_root

system_security_ufw_configure_basic "$SYS_PRIVATE_IP"

############
### RIAK ###
############
# Based on: http://docs.basho.com/riak/latest/ops/building/installing/debian-ubuntu/#Advanced-apt-Installation
############
curl https://packagecloud.io/gpg.key | apt-key add -
apt-get install -y apt-transport-https

FILENAME=/etc/apt/sources.list.d/basho.list
PACKAGE_CLOUD_RIAK_DIR=https://packagecloud.io/install/repositories/basho/riak
curl "${PACKAGE_CLOUD_RIAK_DIR}/config_file.list?os=ubuntu&dist=precise" > $FILENAME

apt-get update
apt-get install riak
riak stop
sed -i "s/127.0.0.1/${SYS_PRIVATE_IP}/g" /etc/riak/riak.conf
sed -i "s/search = off/search = on/g" /etc/riak/riak.conf

if [ "RIAK_CLUSTER_IP" ]; then
    riak-admin cluster join riak@${RIAK_CLUSTER_IP}
    riak-admin cluster commit
fi

apt-get install -y openjdk-7-jdk
apt-get install -y solr-common
sed -i "s/search.solr.start_timeout = 30s/search.solr.start_timeout = 600s/" /etc/riak/riak.conf
# sed -i "s/-Xms1g -Xmx1g/-Xms512m -Xmx512m/" /etc/riak/riak.conf

################
### END RIAK ###
################

restart_services
restart_initd_services

#########################
### BOOTSTRAP STAGE 2 ###
#########################
cat > /root/bootstrap.sh <<EOD
#!/bin/sh
sed -i "s/^\/root\/bootstrap.sh$//g" /etc/rc.local

if [ "${RIAK_CLUSTER_IP}" ]; then
    riak-admin cluster join riak@${RIAK_CLUSTER_IP}
    riak-admin cluster plan
    riak-admin cluster commit
fi

EOD
#############################
### END BOOTSTRAP STAGE 2 ###
#############################

chmod 755 /root/bootstrap.sh
sed -i "s/exit 0$/\/root\/bootstrap.sh\nexit 0/" /etc/rc.local

reboot