Ansible 使用 mysql_db & mysql_user 模組

這次剛好有機會使用ansible的資料庫模組，所以就紀錄一下筆記

首先在官網 ansible_document ，點選 Module Index 這裡就有提供很多模組可以使用，這次我使用的是Database Modules，點進來後就找 mysql_db & mysql_user，這是我這次主要用的二個模組。

第一次建立資料庫無非就是下列四件事：

1. 修改root密碼
2. 新建資料庫
3. 新建使用者
4. 給使用者特定的權限

先介紹一下我使用的環境

SYSTEM VERSION

Control machine：CentOS Linux release 7.2.1511 (Core)

Remote machine: CentOS Linux release 7.1.1503 (Core)

ANSIBLE VERSION

ansible 2.1.0.0
  config file = /etc/ansible/ansible.cfg
  configured module search path = Default w/o overrides

STEPS TO REPRODUCE

---
- name: Setup | Percona XtraDB Cluster
  hosts: db
  tasks:
    - name: Setup | Percona yum Repository
      yum: name=http://www.percona.com/downloads/percona-release/redhat/0.1-3/percona-release-0.1-3.noarch.rpm state=present

    - name: Setup | Install EPEL Repository
      yum: name=epel-release update_cache=yes state=present

    - name: Setup | Install Percona-XtraDB-Cluster-56 Package
      yum: name=Percona-XtraDB-Cluster-56 update_cache=yes state=present

    - name: Setup | Install Requirement Packages
      yum: name={{ item }} state=present  update_cache=yes
        # 裝這二個套件主要是要讓控制端主機要有MySQL的libary，這樣才能與遠端的主機裡的資料庫做溝通，如果沒有的話就會出現 "the python mysqldb module is required"
     with_items:
        - mysql-devel    # 本機端的libary
        - MySQL-python   # 給python用的libary

    - name: Setup | Create Mysql Data Directories
      file: path={{ item }} state=directory recurse=yes owner=mysql group=mysql mode=0755
      with_items:
        - /var/log/mysql

    - name: Setup | Mysql Configuration
      # 使用 Jinja2 的範本，來做設定檔的維護
      template: src=./templates/my_cnf_test.j2 dest=/etc/my.cnf
      # 這個變數會套進剛剛設定的my_cnf_test.j2
      vars:
        - gcomm_list: 192.168.1.100
      # notify 是用來觸發事件，通常會跟handlers一起使用，而且只會跑一次，在此劇本目前只會觸發二件事，一個啟動mysql service，另一個是更新root密碼
      notify:
        - restart_mysql
        - Update MySQL root password
        - Create Database

  # handlers 事件處理器，也就是被notify所調用
  handlers:
    - name: restart_mysql
      service: name=mysql@bootstrap.service  state=restarted

    - name: Update MySQL root password
      run_once: true
      mysql_user:
      # 有驗証的登入使用者
        login_user=root
      # 登入者的密碼
        login_password="\n"
      # 建立使用者的名字或是已存在的使用者
        name=root
      # 設定密碼
        password='123456789'
      # 設定權限; 語法是： 資料庫.資料表:權限1,權限2
      # 小建議，如果是設定權限時，最好是用雙引號包起來，避免會有語法上的錯誤
        priv=*.*:ALL,GRANT
      # host預設就是localhost，如果有要連別的主機就可以用這選項
        host={{ item }}
      # present=安裝 absent=移除
        state=present
      # 檢查MySQL允許用root/NOPASSWORD登入之前嘗試提供憑証(這個不設也可以用)
        check_implicit_admin=True
      with_items:
        - localhost

    - name: Setup | Create MySQL Database
      mysql_db:
      # 有驗証的登入使用者
        login_user=root
      # 使用者的登入密碼
        login_password='123456789'
      # 建立資料庫的名稱
        name=Apple
      # present=安裝 absent=移除
        state=present

templates/my_cnf_test.j2

[mysqld]
# Path to Galera library
wsrep_provider=/usr/lib64/libgalera_smm.so
# Cluster connection URL
wsrep_cluster_address=gcomm://{{ gcomm_list }}
# In order for Galera to work correctly binlog format should be ROW
binlog_format=ROW
# MyISAM storage engine has only experimental support
default_storage_engine=InnoDB
# This changes how |InnoDB| autoincrement locks are managed and is a requirement for Galera
innodb_autoinc_lock_mode=2

ACTUAL RESULTS

PLAY [Setup | Percona XtraDB Cluster] **************************************************

TASK [setup] *******************************************************************
ok: [db]

TASK [Setup | Percona yum Repository] ******************************************
changed: [db]

TASK [Setup | Install EPEL Repository] *****************************************

changed: [db]

TASK [Setup | Install Percona-XtraDB-Cluster-56 Package] ***********************
changed: [db]

TASK [Setup | Install Requirement Packages] ************************************
changed: [db] => (item=[u'mysql-devel', u'MySQL-python'])

TASK [Setup | Create Mysql Data Directories] ***********************************
changed: [db] => (item=/var/log/mysql)

TASK [Setup | Mysql Configuration] *********************************************
changed: [db]

RUNNING HANDLER [restart_mysql] ************************************************
changed: [db]

RUNNING HANDLER [Update MySQL root password] ***********************************
changed: [db] => (item=localhost)

RUNNING HANDLER [Create MySQL Database] ****************************************
changed: [db]

PLAY RECAP *********************************************************************
db                         : ok=10   changed=9    unreachable=0    failed=0

Foreman on CentOS 7 - Part1

更新

sudo yum -y update && sudo yum -y upgrade

修改/etc/hosts

vim /etc/hosts
127.0.0.1    localhost
IP           daniel-foreman.example.com

關閉selinx

sudo sed 's/SELINUX=enforcing/SELINUX=disabled/' -i /etc/sysconfig/selinux
sudo sed 's/SELINUX=enforcing/SELINUX=disabled/' -i /etc/selinux/config

關閉IPv6

Method 1

sudo vim /etc/sysctl.conf
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
sudo sysctl -p

Method 2

sudo echo 'net.ipv6.conf.all.disable_ipv6 = 1' >> /etc/sysctl.d/disableipv6.conf
sudo echo 'net.ipv6.conf.default.disable_ipv6 = 1' >> /etc/sysctl.d/disableipv6.conf
sudo reboot

Method 3

sudo echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6
sudo echo 1 > /proc/sys/net/ipv6/conf/default/disable_ipv6

開放相對應的防火牆

PORT	PROTOCOL	REQUIRED FOR
53	TCP & UCP	DNS Server
67,68	UDP	DHCP Server
69	UDP	*TFTP Server
80, 443	TCP	* HTTP & HTTPS access to Foreman web UI – using Apache + Passenger
3000	TCP	HTTP access to Foreman web UI – using standalone WEBrick service
3306	TCP	Separate MySQL database
5432	TCP	Separate PostgreSQL database
5910 – 5930	TCP	Server VNC Consoles
8140	TCP	* Puppet Master
8443	TCP	* Smart Proxy, open only to Foreman

firewall-cmd --permanent --add-port=53/tcp
firewall-cmd --permanent --add-port=67-69/udp
firewall-cmd --permanent --add-port=80/tcp
firewall-cmd --permanent --add-port=443/tcp
firewall-cmd --permanent --add-port=3000/tcp
firewall-cmd --permanent --add-port=3306/tcp
firewall-cmd --permanent --add-port=5910-5930/tcp
firewall-cmd --permanent --add-port=5432/tcp
firewall-cmd --permanent --add-port=8140/tcp
firewall-cmd --permanent --add-port=8443/tcp
firewall-cmd --reload

前置作業都做好了，現在就來安裝要使用套件的Repositories

Puppet Repo

sudo rpm -ivh http://yum.puppetlabs.com/puppetlabs-release-el-7.noarch.rpm

EPEL Repo

sudo yum -y install epel-release http://yum.theforeman.org/releases/1.11/el7/x86_64/foreman-release.rpm

安裝Foreman-installer

sudo yum -y install foreman-installer

進入互動模式安裝，關閉Configure puppet，啟用foreman_plugin_ansible

sudo foreman-installer -i

Ready to start? (y/n) y

預設如下

Main Config Menu
1. [✓] Configure foreman
2. [✓] Configure foreman_cli
3. [✓] Configure foreman_proxy
4. [✓] Configure puppet
5. [✗] Configure foreman_plugin_ansible
6. [✗] Configure foreman_plugin_bootdisk
7. [✗] Configure foreman_plugin_chef
8. [✗] Configure foreman_plugin_cockpit
9. [✗] Configure foreman_plugin_default_hostgroup
10. [✗] Configure foreman_plugin_dhcp_browser
11. [✗] Configure foreman_plugin_digitalocean
12. [✗] Configure foreman_plugin_discovery
13. [✗] Configure foreman_plugin_docker
14. [✗] Configure foreman_plugin_hooks
15. [✗] Configure foreman_plugin_memcache
16. [✗] Configure foreman_plugin_openscap
17. [✗] Configure foreman_plugin_ovirt_provision
18. [✗] Configure foreman_plugin_puppetdb
19. [✗] Configure foreman_plugin_remote_execution
20. [✗] Configure foreman_plugin_salt
21. [✓] Configure foreman_plugin_setup
22. [✗] Configure foreman_plugin_tasks
23. [✗] Configure foreman_plugin_templates
24. [✗] Configure foreman_compute_ec2
25. [✗] Configure foreman_compute_gce
26. [✗] Configure foreman_compute_libvirt
27. [✗] Configure foreman_compute_openstack
28. [✗] Configure foreman_compute_ovirt
29. [✗] Configure foreman_compute_rackspace
30. [✗] Configure foreman_compute_vmware
31. [✗] Configure foreman_proxy_plugin_abrt
32. [✗] Configure foreman_proxy_plugin_chef
33. [✗] Configure foreman_proxy_plugin_discovery
34. [✗] Configure foreman_proxy_plugin_dns_powerdns
35. [✗] Configure foreman_proxy_plugin_dynflow
36. [✗] Configure foreman_proxy_plugin_openscap
37. [✗] Configure foreman_proxy_plugin_pulp
38. [✗] Configure foreman_proxy_plugin_remote_execution_ssh
39. [✗] Configure foreman_proxy_plugin_salt
40. Display current config
41. Save and run
42. Cancel run without Saving
Choose an option from the menu...

選4，關閉Configure puppet

Module puppet configuration
1. Enable/disable puppet module, current value: true
2. Set version, current value: present
3. Set user, current value: puppet
4. Set group, current value: puppet
5. Set dir, current value: /etc/puppet
6. Set codedir, current value: /etc/puppet
7. Set vardir, current value: /var/lib/puppet
8. Set logdir, current value: /var/log/puppet
9. Set rundir, current value: /var/run/puppet
10. Set ssldir, current value: /var/lib/puppet/ssl
11. Set sharedir, current value: /usr/share/puppet
12. Set manage_packages, current value: true
13. Set package_provider, current value:
14. Set package_source, current value:
15. Set port, current value: 8140
16. Set listen, current value: false
17. Set listen_to, current value: []
18. Set pluginsync, current value: true
19. Set splay, current value: false
20. Set splaylimit, current value: 1800
21. Set runinterval, current value: 1800
22. Set autosign, current value: $confdir/autosign.conf { mode = 664 }
23. Set usecacheonfailure, current value: true
24. Set runmode, current value: service
25. Set unavailable_runmodes, current value: []
26. Set cron_cmd, current value:
27. Set systemd_cmd, current value:
28. Set show_diff, current value: false
29. Set module_repository, current value:
30. Set configtimeout, current value: 120
31. Set ca_server, current value:
32. Set ca_port, current value:
33. Set dns_alt_names, current value: []
34. Set classfile, current value: $statedir/classes.txt
35. Set hiera_config, current value: $confdir/hiera.yaml
36. Set syslogfacility, current value:
37. Set auth_template, current value: puppet/auth.conf.erb
38. Set nsauth_template, current value: puppet/namespaceauth.conf.erb
39. Set main_template, current value: puppet/puppet.conf.erb
40. Set use_srv_records, current value: false
41. Set srv_domain, current value: example.com
42. Set pluginsource, current value: puppet:///plugins
43. Set pluginfactsource, current value: puppet:///pluginfacts
44. Set additional_settings, current value: {}
45. Configure puppet::agent parameters
46. Configure puppet::server parameters
47. Back to main menu
Choose an option from the menu...

選1

Module puppet configuration
1. Enable/disable puppet module, current value: false
2. Back to main menu
Choose an option from the menu...

選2

Main Config Menu
1. [✓] Configure foreman
2. [✓] Configure foreman_cli
3. [✓] Configure foreman_proxy
4. [✗] Configure puppet
5. [✗] Configure foreman_plugin_ansible
6. [✗] Configure foreman_plugin_bootdisk
7. [✗] Configure foreman_plugin_chef
8. [✗] Configure foreman_plugin_cockpit
9. [✗] Configure foreman_plugin_default_hostgroup
10. [✗] Configure foreman_plugin_dhcp_browser
11. [✗] Configure foreman_plugin_digitalocean
12. [✗] Configure foreman_plugin_discovery
13. [✗] Configure foreman_plugin_docker
14. [✗] Configure foreman_plugin_hooks
15. [✗] Configure foreman_plugin_memcache
16. [✗] Configure foreman_plugin_openscap
17. [✗] Configure foreman_plugin_ovirt_provision
18. [✗] Configure foreman_plugin_puppetdb
19. [✗] Configure foreman_plugin_remote_execution
20. [✗] Configure foreman_plugin_salt
21. [✓] Configure foreman_plugin_setup
22. [✗] Configure foreman_plugin_tasks
23. [✗] Configure foreman_plugin_templates
24. [✗] Configure foreman_compute_ec2
25. [✗] Configure foreman_compute_gce
26. [✗] Configure foreman_compute_libvirt
27. [✗] Configure foreman_compute_openstack
28. [✗] Configure foreman_compute_ovirt
29. [✗] Configure foreman_compute_rackspace
30. [✗] Configure foreman_compute_vmware
31. [✗] Configure foreman_proxy_plugin_abrt
32. [✗] Configure foreman_proxy_plugin_chef
33. [✗] Configure foreman_proxy_plugin_discovery
34. [✗] Configure foreman_proxy_plugin_dns_powerdns
35. [✗] Configure foreman_proxy_plugin_dynflow
36. [✗] Configure foreman_proxy_plugin_openscap
37. [✗] Configure foreman_proxy_plugin_pulp
38. [✗] Configure foreman_proxy_plugin_remote_execution_ssh
39. [✗] Configure foreman_proxy_plugin_salt
40. Display current config
41. Save and run
42. Cancel run without Saving
Choose an option from the menu...

啟用foreman_plugin_ansible，選5

Module foreman_plugin_ansible configuration
1. Enable/disable foreman_plugin_ansible module, current value: false
2. Back to main menu
Choose an option from the menu... 1
Enable foreman_plugin_ansible module? (y/n) y

選1，再選y

Module foreman_plugin_ansible configuration
1. Enable/disable foreman_plugin_ansible module, current value: true
2. Back to main menu
Choose an option from the menu...

選2

Main Config Menu
1. [✓] Configure foreman
2. [✓] Configure foreman_cli
3. [✓] Configure foreman_proxy
4. [✗] Configure puppet
5. [✓] Configure foreman_plugin_ansible
6. [✗] Configure foreman_plugin_bootdisk
7. [✗] Configure foreman_plugin_chef
8. [✗] Configure foreman_plugin_cockpit
9. [✗] Configure foreman_plugin_default_hostgroup
10. [✗] Configure foreman_plugin_dhcp_browser
11. [✗] Configure foreman_plugin_digitalocean
12. [✗] Configure foreman_plugin_discovery
13. [✗] Configure foreman_plugin_docker
14. [✗] Configure foreman_plugin_hooks
15. [✗] Configure foreman_plugin_memcache
16. [✗] Configure foreman_plugin_openscap
17. [✗] Configure foreman_plugin_ovirt_provision
18. [✗] Configure foreman_plugin_puppetdb
19. [✗] Configure foreman_plugin_remote_execution
20. [✗] Configure foreman_plugin_salt
21. [✓] Configure foreman_plugin_setup
22. [✗] Configure foreman_plugin_tasks
23. [✗] Configure foreman_plugin_templates
24. [✗] Configure foreman_compute_ec2
25. [✗] Configure foreman_compute_gce
26. [✗] Configure foreman_compute_libvirt
27. [✗] Configure foreman_compute_openstack
28. [✗] Configure foreman_compute_ovirt
29. [✗] Configure foreman_compute_rackspace
30. [✗] Configure foreman_compute_vmware
31. [✗] Configure foreman_proxy_plugin_abrt
32. [✗] Configure foreman_proxy_plugin_chef
33. [✗] Configure foreman_proxy_plugin_discovery
34. [✗] Configure foreman_proxy_plugin_dns_powerdns
35. [✗] Configure foreman_proxy_plugin_dynflow
36. [✗] Configure foreman_proxy_plugin_openscap
37. [✗] Configure foreman_proxy_plugin_pulp
38. [✗] Configure foreman_proxy_plugin_remote_execution_ssh
39. [✗] Configure foreman_proxy_plugin_salt
40. Display current config
41. Save and run
42. Cancel run without Saving
Choose an option from the menu...

確定如上面這樣後，就選41，就會進行安裝了

Could not start Service[foreman-proxy]: Execution of '/bin/systemctl start foreman-proxy' returned 1: Job for foreman-proxy.service failed because the control process exited with error code. See "systemctl status foreman-proxy.service" and "journalctl -xe" for details.
 /Stage[main]/Foreman_proxy::Service/Service[foreman-proxy]/ensure: change from stopped to running failed: Could not start Service[foreman-proxy]: Execution of '/bin/systemctl start foreman-proxy' returned 1: Job for foreman-proxy.service failed because the control process exited with error code. See "systemctl status foreman-proxy.service" and "journalctl -xe" for details.
 Could not start Service[httpd]: Execution of '/bin/systemctl start httpd' returned 1: Job for httpd.service failed because the control process exited with error code. See "systemctl status httpd.service" and "journalctl -xe" for details.
 /Stage[main]/Apache::Service/Service[httpd]/ensure: change from stopped to running failed: Could not start Service[httpd]: Execution of '/bin/systemctl start httpd' returned 1: Job for httpd.service failed because the control process exited with error code. See "systemctl status httpd.service" and "journalctl -xe" for details.
 /Stage[main]/Foreman_proxy::Register/Foreman_smartproxy[daniel-foreman.example.com]: Failed to call refresh: Proxy daniel-foreman.example.com cannot be registered (Could not load data from https://daniel-foreman.example.com
 /Stage[main]/Foreman_proxy::Register/Foreman_smartproxy[daniel-foreman.example.com]: Proxy daniel-foreman.example.com cannot be registered (Could not load data from https://daniel-foreman.example.com
Installing             Done                                               [100%] [............................................................................................................................................................................................]

Something went wrong! Check the log for ERROR-level output
* Foreman is running at https://daniel-foreman.example.com
Initial credentials are admin / EWWaLugGTdqT4na3
* Foreman Proxy is running at https://daniel-foreman.example.com:8443
* Puppetmaster is running at port 8140
The full log is at /var/log/foreman-installer/foreman.log

安裝完後會出現登入 Foreman 的資訊，請勿必要記下來，並更改 admin 的密碼，同時你也會看到有報錯誤，就開始進行修復

sudo systemctl status foreman-proxy.service

smart-proxy[3493]: Errors detected on startup, see log for details. Exiting: No such file or directory - /var/lib/puppet/ssl/private_keys/daniel-foreman.example.com.pem

如上面的錯誤訊息得知，找不到 /var/lib/puppet/ssl/private_keys/daniel-foreman.example.com.pem 這個檔案，所以我們需要建立 daniel-foreman.example.com.pem

解法：

puppet cert --generate daniel-foreman.example.com
Notice: Signed certificate request for ca
Notice: daniel-foreman.example.com.pem has a waiting certificate request
Notice: Signed certificate request for daniel-foreman.example.com.pem
Notice: Removing file Puppet::SSL::CertificateRequest daniel-foreman.example.com.pem at '/var/lib/puppet/ssl/ca/requests/daniel-foreman.example.com.pem'
INotice: Removing file Puppet::SSL::CertificateRequest daniel-foreman.example.com.pem at '/var/lib/puppet/ssl/certificate_requests/daniel-foreman.example.com.pem'

systemctl status httpd.service

May 16 14:53:06 daniel-foreman.example.com httpd[3840]: AH00526: Syntax error on line 30 of /etc/httpd/conf.d/05-foreman-ssl.conf:
May 16 14:53:06 daniel-foreman.example.com httpd[3840]: SSLCertificateFile: file '/var/lib/puppet/ssl/certs/daniel-foreman.example.com.pem' does not exist or is empty

如上面的錯誤訊息得知，第一個是 語法錯誤 ，第二個是 /var/lib/puppet/ssl/certs/daniel-foreman.example.com.pem 找不到

vim /etc/httpd/conf.d/05-foreman-ssl.conf
SSLCertificateFile      "/var/lib/puppet/ssl/certs/daniel-foreman.example.com.pem"
SSLCertificateKeyFile   "/var/lib/puppet/ssl/private_keys/daniel-foreman.example.com.pem"

結果也發現，原來也是SSL的錯誤，但因為我們剛剛在解上一個問題時，就也順帶解決了這個問題，此時可以確認一下

ls -la /var/lib/puppet/ssl/certs/daniel-foreman.example.com.pem
-rw-r--r--. 1 puppet puppet 2057 May 16 17:50 /var/lib/puppet/ssl/certs/daniel-foreman.example.com.pem
ls -la /var/lib/puppet/ssl/private_keys/daniel-foreman.example.com.pem
-rw-r-----. 1 puppet puppet 3247 May 16 17:50 /var/lib/puppet/ssl/private_keys/daniel-foreman.example.com.pem

很明顯都有存在，所以真的確定解決了，接下來就是將這二個給服務給重啟

sudo systemctl start foreman-proxy.service
sudo systemctl start httpd.service

Reference：

Foreman官網

修復foreman-proxy找不到key

DC/OS on CentOS

Update system packages 

$ sudo yum udate -y && sudo yum upgrade -y

Please check your kernel version

$ uname -r
3.10.0-327.10.1.el7.x86_64

Docker requirements

• Docker 1.7 or greater must be installed on all bootstrap and cluster nodes.

Docker recommendations

• Docker 1.9 or greater is recommended for stability reasons.
• Do not use Docker devicemapper storage driver in loop-lvm mode.
• Prefer OverlayFS or devicemapper in direct-lvm mode when choosing a production storage driver.
• Manage Docker on CentOS with systemd.
• Run Docker commands as the root user (with sudo) or as a user in the docker user group.

Setting Overlay script for CentOS7

#!/bin/bash
 
#####
# Basic tool
#####
 
yum -y install curl git tig tree vim wget
yum -y groupinstall "Development Tools"
 
#####
# Docker Repo
#####
 
DOCKER_REPO="/etc/yum.repos.d/docker.repo"
 
if [ -f ${DOCKER_REPO} ]; then
    echo -e "\033[0;33;40mDocker Repo exist\033[0m"
    echo -e "\033[0;36;40mInstall Docker Engine\033[0m"
    yum install -y docker-engine
    echo -e "\033[0;32;40mdone\033[0m"
else
    echo -e "\033[0;36;40mSetting Docker Repo\033[0m"
    tee ${DOCKER_REPO} <<- -e="" -y="" 2="" baseurl="https://yum.dockerproject.org/repo/main/centos/7/" docker-engine="" docker="" dockerrepo="" echo="" enable="" enabled="1" engine="" eof="" fi="" gpgcheck="1" gpgkey="https://yum.dockerproject.org/gpg" grep="" install="" lsmod="" m="" mdone="" minstall="" module="" name="Docker" overlay="" repository="" sleep="" yum="">> /dev/null
check_overlay=$?
 
if [ ${check_overlay} = 0 ]; then
    echo -e "\033[0;33;40mAlready Enabled overlay module\033[0m"
else
    echo -e "\033[0;36;40mEnable overlay module\033[0m"
    modprobe overlay
    echo -e "\033[0;32;40mdone\033[0m"
fi
 
sleep 2
#####
# Setting Disk and mount
####
 
HDD_DEVICE="`cat /var/log/messages | grep 'unknown partition table' | awk '{print $6}' | cut -d: -f1 | head -n 1`"
OVERLAY_DIR="/var/lib/docker/overlay"
 
if [ -b /dev/${HDD_DEVICE}1 ]; then
    echo -e "\033[0;33;40m${HDD_DEVICE}1 exist\033[0m"
else
    echo -e "\033[0;36;40mFormate Disk\033[0m"
    echo "n
p
1
 
 
w
"|fdisk /dev/${HDD_DEVICE}; mkfs.ext4 /dev/${HDD_DEVICE}1
    echo -e "\033[0;32;40mdone\033[0m"
fi
 
sleep 2
 
if [ -d ${OVERLAY_DIR} ]; then
    echo -e "\033[0;33;40m${OVERLAY_DIR} exist\033[0m"
else
    echo -e "\033[0;36;40mCreating ${OVERLAY_DIR} directoy\033[0m"
    mkdir -p ${OVERLAY_DIR}
    echo -e "\033[0;32;40mdone\033[0m"
fi
 
sleep 2
 
cat /etc/fstab | grep 'overlay' >> /dev/null
check_uuid=$?
HDD_UUID_1="`blkid  /dev/${HDD_DEVICE}1 | awk '{print $2}' | sed 's/\"//g'`"
 
if [ ${check_uuid} = 0 ]; then
    echo -e "\033[0;33;40mfstab OK\033[0m"
else
    echo -e "\033[0;36;40mSetting fstab\033[0m"
    echo -n "${HDD_UUID_1}    ${OVERLAY_DIR}  ext4 defaults 0 2" >> /etc/fstab
    mount -a
    echo -e "\033[0;32;40mdone\033[0m"
fi
 
sleep 2
#####
# Setting Docker Engine
####
 
DOCKER_SERVICE="/usr/lib/systemd/system/docker.service"
 
grep '\-\-storage-driver=overlay' ${DOCKER_SERVICE} >> /dev/null
check_storage_driver=$?
 
if [ ${check_storage_driver} = 0 -a -f ${DOCKER_SERVICE} ]; then
  echo -e "\033[0;33;40mDocker Storage nothing to do\033[0m"
else
  echo -e "\033[0;36;40mSetting docker storage\033[0m"
  sed 12d -i ${DOCKER_SERVICE}
  sed "11 aExecStart=/usr/bin/docker daemon --storage-driver=overlay -H fd://" -i ${DOCKER_SERVICE} >> /dev/null
  echo -e "\033[0;32;40mdone\033[0m"
fi
 
#####
# Enable Docker
#####
 
systemctl daemon-reload
systemctl start docker

On CentOS 7, firewalld must be stopped and disabled.

$ sudo systemctl stop firewalld && sudo systemctl disable firewalld

Data compression (advanced installer),to install these utilities on CentOS7 and RHEL7:

$ sudo yum install -y tar xz unzip curl ipset

Cluster permissions (advanced installer)

On each of your cluster nodes, use the following command to:

• Disable SELinux or set it to permissive mode.
• Add nogroup to each of your Mesos masters and agents.
• Disable IPV6.

$ sudo sed -i s/SELINUX=enforcing/SELINUX=permissive/g /etc/selinux/config &&
  sudo groupadd nogroup &&
  sudo sysctl -w net.ipv6.conf.all.disable_ipv6=1 &&
  sudo sysctl -w net.ipv6.conf.default.disable_ipv6=1 &&
  sudo reboot

• Download the DC/OS installer

curl -O https://downloads.dcos.io/dcos/EarlyAccess/dcos_generate_config.sh

• Create a directory named genconf on your bootstrap each node.

sudo mkdir -p genconf && cd genconf

• Create a ip-detect script

#!/usr/bin/env bash
set -o nounset -o errexit
export PATH=/usr/sbin:/usr/bin:$PATH
echo $(ip addr show eth0 | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | head -1)

• Create config.yaml. for exammple

---
agent_list:
- 
- 
- 
bootstrap_url: file:///opt/dcos_install_tmp
cluster_name: DCOS
exhibitor_storage_backend: static
ip_detect_filename: /genconf/ip-detect
master_discovery: static
master_list:
- 
- 
- 
process_timeout: 10000
resolvers:
- 8.8.8.8
ssh_port: 22
ssh_user: 

• Copy your private SSH key to genconf/ssh_key

$ cp  genconf/ssh_key && chmod 0600 genconf/ssh_key

Now you genconf will be like this and copy to each node

genconf/
├── config.yaml
├── ip-detect
└── ssh_key
$ scp -rp genconf username@:

Check help

$ sudo bash dcos_generate_config.sh --help
Running mesosphere/dcos-genconf docker with BUILD_DIR set to /home/centos/genconf
usage:
Install DC/OS
 
dcos_installer [-h] [-f LOG_FILE] [--hash-password HASH_PASSWORD] [-v]
[--web | --genconf | --preflight | --deploy | --postflight | --uninstall | --validate-config | --test]
 
Environment Settings:
 
  PORT                  Set the :port to run the web UI
  CHANNEL_NAME          ADVANCED - Set build channel name
  BOOTSTRAP_ID          ADVANCED - Set bootstrap ID for build
 
optional arguments:
  -h, --help            show this help message and exit
  -v, --verbose         Verbose log output (DEBUG).
  --offline             Do not install preflight prerequisites on CentOS7,
                        RHEL7 in web mode
  --web                 Run the web interface.
  --genconf             Execute the configuration generation (genconf).
  --preflight           Execute the preflight checks on a series of nodes.
  --install-prereqs     Install preflight prerequisites. Works only on CentOS7
                        and RHEL7.
  --deploy              Execute a deploy.
  --postflight          Execute postflight checks on a series of nodes.
  --uninstall           Execute uninstall on target hosts.
  --validate-config     Validate the configuration in config.yaml
  --test                Performs tests on the dcos_installer application

• Run this command for each master and node.

sudo bash dcos_generate_config.sh --install-prereqs

• Run docker nginx for download install dcos_install.sh on master, and other node just download dcos_install.sh

sudo bash dcos_generate_config.sh
sudo docker run -d -p :80 -v $PWD/genconf/serve:/usr/share/nginx/html:ro nginx

Create /tmp/dcos directory and download dcos_install.sh

mkdir -p /tmp/dcos && cd /tmp/dcos
curl -O http://:/dcos_install.sh
sudo bash dcos_install.sh 

role must be master or slave

Now You can check

ZooKeeper http://IP:8181/exhibitor/v1/ui/index.html
Mesos http://IP:5050
DC/OShttp://IP

Reference: https://docs.docker.com/engine/userguide/storagedriver/overlayfs-driver/ https://dcos.io/