#!/bin/sh

set -e
#set -x

    BLUE="\033[1;34m"
   LGRAY="\033[0;37m"
  NO_COL="\033[0m"
   LBLUE="\033[1;36m"
     RED="\033[1;31m"
  DGREEN="\033[0;32m"
   GREEN="\033[1;32m"
   WHITE="\033[1;37m"
   BROWN="\033[0;33m"
  PURPLE="\033[0;35m"
  YELLOW="\033[1;33m"
LINEWRAP="\033[7h"

ALL_SLAVE_NODES="bdbdev1-controller-node-1.infomaniak.ch bdbdev1-controller-node-2.infomaniak.ch bdbdev1-controller-node-3.infomaniak.ch bdbdev1-compute-node-1.infomaniak.ch bdbdev1-compute-node-2.infomaniak.ch bdbdev1-compute-node-3.infomaniak.ch"
ALL_SLAVE_IPS="192.168.100.20 192.168.100.21 192.168.100.22 192.168.100.23 192.168.100.24 192.168.100.25"
#ALL_SLAVE_IPS="192.168.100.20"

install_deb_repos_and_pkg () {
	echo "deb http://stretch-queens.debian.net/debian stretch-queens-backports main
deb-src http://stretch-queens.debian.net/debian stretch-queens-backports main

deb http://stretch-queens.debian.net/debian stretch-queens-backports-nochange main
deb-src http://stretch-queens.debian.net/debian stretch-queens-backports-nochange main
" >/etc/apt/sources.list.d/openstack.list

	apt-get update
	apt-get install --allow-unauthenticated -y openstack-backports-archive-keyring
	apt-get update
	apt-get install -y qemu-kvm qemu-utils bridge-utils openstack-pkg-tools net-tools openstack-debian-images ipcalc curl jq
}

install_fake_networking () {
	echo "#!/bin/sh

### BEGIN INIT INFO
# Provides:          puppet-openstack-host
# Required-Start:    $network
# Required-Stop:     $network
# Should-Start:      $local_fs
# Should-Stop:       $local_fs
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: A small script to initialise iptables to allow forwarding and masquerading.
# Description:       A small script to initialise iptables to allow forwarding and masquerading.
### END INIT INFO

MODPROBE=/sbin/modprobe
IPTABLES=/sbin/iptables
BRIDGE_NET=192.168.100.0/24
BRIDGE_GW=192.168.100.1

fake_if () {
	echo 1 >/proc/sys/net/ipv4/ip_forward
	echo 1 >/proc/sys/net/ipv6/conf/all/forwarding

	# Load the dummy interface module
	\$MODPROBE dummy
 
	# Create a dummy interface called mynic0
	ip link add mynic0 type dummy
 
	# Set its MAC address
	ifconfig mynic0 hw ether 00:22:22:dd:ee:ff
 
	# Add a tap device
	ip tuntap add dev mytap0 mode tap user root
	ip tuntap add dev mytap1 mode tap user root
	ip tuntap add dev mytap2 mode tap user root
	ip tuntap add dev mytap3 mode tap user root
	ip tuntap add dev mytap4 mode tap user root
	ip tuntap add dev mytap5 mode tap user root
	ip tuntap add dev mytap6 mode tap user root
	ip tuntap add dev mytap7 mode tap user root
	ip tuntap add dev mytap8 mode tap user root
	ip tuntap add dev mytap9 mode tap user root
 
	# Create a bridge, and bridge to it mynic0 and mytap0
	brctl addbr mybr0
	brctl addif mybr0 mynic0
	brctl addif mybr0 mytap1
	brctl addif mybr0 mytap2
	brctl addif mybr0 mytap3
	brctl addif mybr0 mytap4
	brctl addif mybr0 mytap5
	brctl addif mybr0 mytap6
	brctl addif mybr0 mytap7
	brctl addif mybr0 mytap8
	brctl addif mybr0 mytap9
 
	# Set an IP addresses to the bridge
	ifconfig mybr0 \$BRIDGE_GW netmask 255.255.255.0 up
	ip addr add fd5d:12c9:2201:1::1/24 dev mybr0
 
	# Make sure all interfaces are up
	ip link set mybr0 up
	ip link set mynic0 up
	ip link set mytap0 up
	ip link set mytap1 up
	ip link set mytap2 up
	ip link set mytap3 up
	ip link set mytap4 up
	ip link set mytap5 up
	ip link set mytap6 up
	ip link set mytap7 up
	ip link set mytap8 up
	ip link set mytap9 up
 
	# Set basic masquerading for both ipv4 and 6
	iptables -I FORWARD -j ACCEPT
	iptables -t nat -I POSTROUTING -s \$BRIDGE_NET -j MASQUERADE
	ip6tables -I FORWARD -j ACCEPT
	ip6tables -t nat -I POSTROUTING -s fd5d:12c9:2201:1::/64 -j MASQUERADE

	# Forward to OCI's web interface
	iptables -t nat -I PREROUTING -p tcp -i eth0 --dport 80 -j DNAT --to-destination 192.168.100.2:80
}
case \"\$1\" in
start|systemd-start)
	echo 1 >/proc/sys/net/ipv4/ip_forward
	fake_if
;;
stop)
	iptables -F FORWARD
	ip6tables -F FORWARD
	iptables -t nat -F POSTROUTING
	ip6tables -t nat -F POSTROUTING
	ip addr del fd5d:12c9:2201:1::1/24 dev mybr0 || true
	ifconfig mybr0 down || true
	brctl delif mybr0 mytap0 || true
	brctl delif mybr0 mynic0 || true
	brctl delbr mybr0 || true
	ip link delete mynic0 || true
	ip tuntap delete mytap0 mod tap || true
;;
restart|reload|force-reload)
	\$0 stop
	sleep 1
	\$0 start
;;
*)
	echo 'Usage: \$0 {start|stop|restart|reload}'
	exit 1
;;
esac
" >/etc/init.d/puppet-openstack-host
	chmod +x /etc/init.d/puppet-openstack-host
	update-rc.d puppet-openstack-host defaults
	invoke-rc.d puppet-openstack-host start
}

make_vm_image_puppet_master () {
	MYDIR=$(pwd)
	mkdir -p ~/img
	cd ~/img
	build-openstack-debian-image \
		--release stretch \
		--output cloud-puppet-1.infomaniak.ch \
		--boot-manager grub \
		--debootstrap-url http://10.4.22.95:9999/debian \
		--sources.list-mirror http://10.4.22.95:9999/debian \
		--image-size 10 \
		--password a_big_secret \
		--no-cloud-init \
		--root-ssh-key /root/.ssh/authorized_keys \
		--no-remove-host-keys \
		--permit-ssh-as-root \
		--hostname cloud-puppet-1.infomaniak.ch \
		--static-eth0 192.168.100.2/24 \
		--security-mirror http://10.4.22.95:9999/security
	cd ${MYDIR}
}

make_vm_image_slave_node () {
	MYDIR=$(pwd)
	mkdir -p ~/img
	cd ~/img
	build-openstack-debian-image \
		--release stretch \
		--output bdbdev1-controller-node-1.infomaniak.ch \
		--boot-manager grub \
		--debootstrap-url http://10.4.22.95:9999/debian \
		--sources.list-mirror http://10.4.22.95:9999/debian \
		--image-size 10 \
		--password a_big_secret \
		--no-cloud-init \
		--root-ssh-key /root/.ssh/authorized_keys \
		--no-remove-host-keys \
		--permit-ssh-as-root \
		--hostname bdbdev1-controller-node-1.infomaniak.ch \
		--security-mirror http://10.4.22.95:9999/security
	cd ${MYDIR}
}

install_puppet_node_startup () {
	echo "#!/bin/sh

### BEGIN INIT INFO
# Provides:          puppet-openstack-node
# Required-Start:    $network
# Required-Stop:     $network
# Should-Start:      $local_fs puppet-openstack-host
# Should-Stop:       $local_fs
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: A small script to start the puppet VM.
# Description:       A small script to start the puppet VM.
### END INIT INFO

PID_FILE=/var/run/puppet-openstack-node.pid

start_vm () {
/usr/bin/kvm \\
	-m size=4G \\
	-smp cpus=2 \\
	-cpu host \\
	-vnc :1 \\
	-pidfile \$PID_FILE \\
	-daemonize \\
	-name puppet-openstack-node \\
	-drive if=virtio,file=/root/runtime/cloud-puppet-1.infomaniak.ch.qcow2,index=0,media=disk,format=qcow2 \\
	-boot c \\
        -device e1000,netdev=net0,mac=08:00:27:06:CC:C0 \\
        -netdev tap,id=net0,ifname=mytap0,script=no,downscript=no
}

case \"\$1\" in
start|systemd-start)
	start_vm
;;
stop)
	if [ -e \$PID_FILE ] ; then
		VM_PID=\$(cat \${PID_FILE})
		kill -9 \${VM_PID} || true
		rm -f \${PID_FILE}
	fi
;;
restart|reload|force-reload)
	\$0 stop
	sleep 1
	\$0 start
;;
*)
	echo 'Usage: \$0 {start|stop|restart|reload}'
	exit 1
;;
esac

" > /etc/init.d/puppet-openstack-node
	chmod +x /etc/init.d/puppet-openstack-node
	update-rc.d puppet-openstack-node defaults
}

install_runtime_vms () {
	mkdir -p /root/runtime
#	cp /root/img/cloud-puppet-1.infomaniak.ch.qcow2 /root/runtime
	cp /root/img/bdbdev1-controller-node-1.infomaniak.ch.qcow2 /root/runtime/bdbdev1-controller-node-1.infomaniak.ch.qcow2
	cp /root/img/bdbdev1-controller-node-1.infomaniak.ch.qcow2 /root/runtime/bdbdev1-controller-node-2.infomaniak.ch.qcow2
	cp /root/img/bdbdev1-controller-node-1.infomaniak.ch.qcow2 /root/runtime/bdbdev1-controller-node-3.infomaniak.ch.qcow2
	cp /root/img/bdbdev1-controller-node-1.infomaniak.ch.qcow2 /root/runtime/bdbdev1-compute-node-1.infomaniak.ch.qcow2
	cp /root/img/bdbdev1-controller-node-1.infomaniak.ch.qcow2 /root/runtime/bdbdev1-compute-node-2.infomaniak.ch.qcow2
	cp /root/img/bdbdev1-controller-node-1.infomaniak.ch.qcow2 /root/runtime/bdbdev1-compute-node-3.infomaniak.ch.qcow2
}

start_puppet_node () {
	/etc/init.d/puppet-openstack-node start
}

wait_for_ssh () {
	COUNT=120
	CYCLES=0
	OTCI_CAN_SSH=no
	echo "===> Wait until we can ssh"
	echo "Waiting: "
	while [ "${OTCI_CAN_SSH}" != "yes" ] && [ ${COUNT} != 0 ] ; do
		echo ${CYCLES}
		if ssh -o "StrictHostKeyChecking no" -o "ConnectTimeout 2" 192.168.100.2 'echo -n ""' ; then
			OTCI_CAN_SSH=yes
		else
			COUNT=$(( ${COUNT} - 1 ))
			CYCLES=$(( ${CYCLES} + 1 ))
			sleep 1
		fi
	done
	ssh-keygen -f ~/.ssh/known_hosts -R 192.168.100.2 || true
	ssh -o "StrictHostKeyChecking no" -o "ConnectTimeout 2" 192.168.100.2 'echo -n ""'
}

otci_remote () {
	if [ "${1}" = "--host" ] ; then
		MYHOST=${2}
		shift
		shift
	else
		MYHOST=192.168.100.2
	fi
	ssh -o "StrictHostKeyChecking no" ${MYHOST} $@
}

otci_scp () {
	if [ "${1}" = "--host" ] ; then
		MYHOST=${2}
		shift
		shift
	else
		MYHOST=192.168.100.2
	fi
	scp -o "StrictHostKeyChecking no" ${1} ${MYHOST}:${2}
}

setup_puppet_vm_repo () {
	TMPFILE=$(mktemp)
	echo "deb http://stretch-queens.debian.net/debian stretch-queens-backports main
deb-src http://stretch-queens.debian.net/debian stretch-queens-backports main

deb http://stretch-queens.debian.net/debian stretch-queens-backports-nochange main
deb-src http://stretch-queens.debian.net/debian stretch-queens-backports-nochange main
" >${TMPFILE}
	otci_scp ${TMPFILE} /etc/apt/sources.list.d/openstack.list
	otci_remote apt-get update
	otci_remote apt-get install --allow-unauthenticated -y openstack-backports-archive-keyring
	otci_remote apt-get update
	rm ${TMPFILE}
}

setup_puppet_vm_puppet_master () {
	otci_remote apt-get install -y openstack-puppet-modules puppet-master puppet
}

setup_dhcp_server () {
	otci_remote apt-get install -y isc-dhcp-server
	otci_remote sed -i 's/INTERFACESv4=.*/INTERFACESv4="eth0"/' /etc/default/isc-dhcp-server
	TMPFILE=$(mktemp)
	echo "allow booting;
allow bootp;
default-lease-time 600;
max-lease-time 7200;
ddns-update-style none;
authoritative;

subnet 192.168.100.0 netmask 255.255.255.0 {
	range 192.168.100.20 192.168.100.100;
	option domain-name \"infomaniak.ch\";
	option domain-name-servers 84.16.67.69, 84.16.67.70;
	option routers 192.168.100.1;
	option subnet-mask 255.255.255.0;
	option broadcast-address 192.168.100.255;
	next-server 192.168.100.1;
	if exists user-class and option user-class = \"iPXE\" {
		filename \"http://192.168.100.2/openstack-cluster-installer/tftp/ipxe-boot-script\";
	} else {
		filename \"pxelinux.0\";
	}
}

host bdbdev1-controller-node-1 {
        hardware ethernet 08:00:27:06:cc:c1;
        fixed-address 192.168.100.20;
}

host bdbdev1-controller-node-2 {
        hardware ethernet 08:00:27:06:cc:c2;
        fixed-address 192.168.100.21;
}

host bdbdev1-controller-node-3 {
        hardware ethernet 08:00:27:06:cc:c3;
        fixed-address 192.168.100.22;
}

host bdbdev1-compute-node-1 {
        hardware ethernet 08:00:27:06:cc:c4;
        fixed-address 192.168.100.23;
}

host bdbdev1-compute-node-2 {
        hardware ethernet 08:00:27:06:cc:c5;
        fixed-address 192.168.100.24;
}

host bdbdev1-compute-node-3 {
        hardware ethernet 08:00:27:06:cc:c6;
        fixed-address 192.168.100.25;
}

" >${TMPFILE}
	otci_scp ${TMPFILE} /etc/dhcp/dhcpd.conf
	rm ${TMPFILE}
	otci_remote systemctl start isc-dhcp-server.service
}

setup_openstack_cluster_installer () {
	otci_remote apt-get install -y openstack-cluster-installer
	otci_remote "mysql </usr/share/openstack-cluster-installer/db.sql"
	TMPFILE=$(mktemp)
	echo "GRANT ALL PRIVILEGES ON oci.* TO 'oci'@'localhost' IDENTIFIED BY '43FAnaQHKizfIrBMksqITw';
GRANT ALL PRIVILEGES ON oci.* TO 'oci'@'%' IDENTIFIED BY '43FAnaQHKizfIrBMksqITw';" >${TMPFILE}
	otci_scp ${TMPFILE} /root/otci-grant
	otci_remote "mysql </root/otci-grant"
	otci_remote rm /root/otci-grant
	rm ${TMPFILE}
	otci_remote systemctl reload apache2
}

build_openstack_cluster_installer_live_image () {
	otci_remote "mkdir live-image && cd live-image && openstack-cluster-installer-build-live-image --debian-mirror-addr http://10.4.22.95:9999/debian --debian-security-mirror-addr http://10.4.22.95:9999/security"
}

setup_tftp_hpa_default () {
	otci_remote sed -i 's#TFTP_DIRECTORY=.*#TFTP_DIRECTORY="/var/lib/openstack-cluster-installer/tftp"#' /etc/default/tftpd-hpa
	otci_remote /etc/init.d/tftpd-hpa restart
}

write_all_vms_start_scripts () {
	echo "#!/bin/sh

set -e

" >/root/runtime/start-all-vms
	VNCPORT=2
	MACEND=1
	for i in $(ls /root/runtime/bdbdev*.qcow2) ; do
		BASENAME=$(basename ${i} | sed -e s/.qcow2//)
		echo "/usr/bin/kvm -m size=8G -smp cpus=2 -cpu host -vnc :${VNCPORT} -name ${BASENAME} -boot n \\
	-daemonize -pidfile /root/runtime/${BASENAME}.pid \\
	-drive if=virtio,file=${i},index=0,media=disk,format=qcow2 \\
	-device e1000,netdev=net0,mac=08:00:27:06:CC:C${MACEND} -netdev tap,id=net0,ifname=mytap${MACEND},script=no,downscript=no -smbios type=3,serial="$(openssl rand -hex 4)"

" >>/root/runtime/start-all-vms
		VNCPORT=$(( ${VNCPORT} + 1 ))
		MACEND=$(( ${MACEND} + 1 ))
	done

	echo "#!/bin/sh

set -e

	for i in /root/runtime/*.pid ; do
		PID=\$(cat \${i})
		kill -9 \${PID}
	done

" >/root/runtime/stop-all-vms
	chmod +x /root/runtime/start-all-vms /root/runtime/stop-all-vms
}

launch_start_all_vms () {
	echo "Todo !"
}

start_os_install () {
	curl "http://192.168.100.2/oci/?hostname=bdbdev1-controller-node-1.infomaniak.ch&action=install_os&ipaddr=192.168.100.20"
	curl "http://192.168.100.2/oci/?hostname=bdbdev1-controller-node-2.infomaniak.ch&action=install_os&ipaddr=192.168.100.21"
	curl "http://192.168.100.2/oci/?hostname=bdbdev1-controller-node-3.infomaniak.ch&action=install_os&ipaddr=192.168.100.22"

	curl "http://192.168.100.2/oci/?hostname=bdbdev1-compute-node-1.infomaniak.ch&action=install_os&ipaddr=192.168.100.23"
	curl "http://192.168.100.2/oci/?hostname=bdbdev1-compute-node-2.infomaniak.ch&action=install_os&ipaddr=192.168.100.24"
	curl "http://192.168.100.2/oci/?hostname=bdbdev1-compute-node-3.infomaniak.ch&action=install_os&ipaddr=192.168.100.25"
}

wait_until_all_installed () {
#	curl "http://192.168.100.2/oci/api.php?action=get_status&ipaddr=192.168.100.20"
	COUNT=0
	NLOOP=120
	ALL_INSTALLED=no
	while [ "${NLOOP}" != 0 ] && [ "${ALL_INSTALLED}" = "no" ] ; do
		echo -n "Install count: ${COUNT}. "
		echo -n "Statuses: "
		CHECK_ALL_INSTALLED=yes
		for i in ${ALL_SLAVE_IPS} ; do
			TMPFILE=$(mktemp)
			curl -s "http://192.168.100.2/oci/api.php?action=get_machine_status&ipaddr=${i}" >${TMPFILE}
			API_STATUS=$(cat ${TMPFILE} | jq --raw-output '.["status"]')
			if [ "${API_STATUS}" = "error" ] ; then
				STATUS="api-error"
				COLOR=${RED}
			else
				STATUS=$(curl -s "http://192.168.100.2/oci/api.php?action=get_machine_status&ipaddr=${i}" | jq --raw-output '.["data"]["status"]')
			fi
			if [ ${STATUS} = "installed" ] ; then
				COLOR=${GREEN}
			else
				CHECK_ALL_INSTALLED=no
			fi
			if [ ${STATUS} = "live" ] ; then
				COLOR=${BROWN}
			fi
			if [ ${STATUS} = "firstboot" ] ; then
				COLOR=${BLUE}
			fi
			if [ ${STATUS} = "installing" ] ; then
				COLOR=${YELLOW}
			fi
			echo -n "${i}:${COLOR}${STATUS}${NO_COL} "
			rm ${TMPFILE}
		done
		echo ""
		ALL_INSTALLED=${CHECK_ALL_INSTALLED}

		COUNT=$(( ${COUNT} + 1 ))
		NLOOP=$(( ${NLOOP} - 1 ))
		if [ "${ALL_INSTALLED}" = no ] ; then
			sleep 2
		fi
	done
	if [ "${ALL_INSTALLED}" = no ] ; then
		echo "Couldn't install all OSes: exiting!"
		exit 1
	fi
}

remove_all_nodes_from_known_hosts () {
	for i in ${ALL_SLAVE_IPS} ; do
		ssh-keygen -f "/root/.ssh/known_hosts" -R ${i}
	done
}

setup_all_nodes () {
	TMPHOSTFILE=$(mktemp)
	echo "
192.168.100.2	cloud-puppet-1.infomaniak.ch           cloud-puppet-1
192.168.100.20	bdbdev1-controller-node-1.infomaniak.ch bdbdev1-controller-node-1
192.168.100.21	bdbdev1-controller-node-2.infomaniak.ch bdbdev1-controller-node-2
192.168.100.22	bdbdev1-controller-node-3.infomaniak.ch bdbdev1-controller-node-3
192.168.100.23	bdbdev1-compute-node-1.infomaniak.ch   bdbdev1-compute-node-1
192.168.100.24	bdbdev1-compute-node-2.infomaniak.ch   bdbdev1-compute-node-2
192.168.100.25	bdbdev1-compute-node-3.infomaniak.ch   bdbdev1-compute-node-3
" >${TMPHOSTFILE}
	echo "#!/bin/sh
set -e

. /usr/share/openstack-pkg-tools/pkgos_func

pkgos_remove_section /etc/puppet/puppet.conf master

echo \"[agent]
server = cloud-puppet-1.infomaniak.ch
\" >>/etc/puppet/puppet.conf

" >fixup-puppet
	chmod +x fixup-puppet
	for i in ${ALL_SLAVE_IPS} ; do
		echo "${BLUE}Setting-up ${i}...${NO_COL}"
		scp -o "StrictHostKeyChecking no" ${TMPHOSTFILE} ${i}:${TMPHOSTFILE}
		ssh -o "StrictHostKeyChecking no" ${i} "cat ${TMPHOSTFILE} >>/etc/hosts"

		# Add stretch-queens repo
		echo "deb http://stretch-queens.debian.net/debian stretch-queens-backports main
deb-src http://stretch-queens.debian.net/debian stretch-queens-backports main
" >debian-openstack-backports.list
		otci_scp --host ${i} debian-openstack-backports.list /etc/apt/sources.list.d/debian-openstack-backports.list

		echo "deb http://stretch-queens.debian.net/debian stretch-queens-backports-nochange main
deb-src http://stretch-queens.debian.net/debian stretch-queens-backports-nochange main
" >debian-openstack-backports-nochange.list
		otci_scp --host ${i} debian-openstack-backports-nochange.list /etc/apt/sources.list.d/debian-openstack-backports-nochange.list

		otci_remote --host ${i} apt-get update
		otci_remote --host ${i} apt-get -y --allow-unauthenticated install openstack-backports-archive-keyring

		# Add Ceph repo
		echo "deb http://10.4.22.95:9999/ceph stretch main
">ceph.list
		otci_scp --host ${i} ceph.list /etc/apt/sources.list.d/ceph.list
echo "-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1

mQINBFX4hgkBEADLqn6O+UFp+ZuwccNldwvh5PzEwKUPlXKPLjQfXlQRig1flpCH
E0HJ5wgGlCtYd3Ol9f9+qU24kDNzfbs5bud58BeE7zFaZ4s0JMOMuVm7p8JhsvkU
C/Lo/7NFh25e4kgJpjvnwua7c2YrA44ggRb1QT19ueOZLK5wCQ1mR+0GdrcHRCLr
7Sdw1d7aLxMT+5nvqfzsmbDullsWOD6RnMdcqhOxZZvpay8OeuK+yb8FVQ4sOIzB
FiNi5cNOFFHg+8dZQoDrK3BpwNxYdGHsYIwU9u6DWWqXybBnB9jd2pve9PlzQUbO
eHEa4Z+jPqxY829f4ldaql7ig8e6BaInTfs2wPnHJ+606g2UH86QUmrVAjVzlLCm
nqoGymoAPGA4ObHu9X3kO8viMBId9FzooVqR8a9En7ZE0Dm9O7puzXR7A1f5sHoz
JdYHnr32I+B8iOixhDUtxIY4GA8biGATNaPd8XR2Ca1hPuZRVuIiGG9HDqUEtXhV
fY5qjTjaThIVKtYgEkWMT+Wet3DPPiWT3ftNOE907e6EWEBCHgsEuuZnAbku1GgD
LBH4/a/yo9bNvGZKRaTUM/1TXhM5XgVKjd07B4cChgKypAVHvef3HKfCG2U/DkyA
LjteHt/V807MtSlQyYaXUTGtDCrQPSlMK5TjmqUnDwy6Qdq8dtWN3DtBWQARAQAB
tCpDZXBoLmNvbSAocmVsZWFzZSBrZXkpIDxzZWN1cml0eUBjZXBoLmNvbT6JAjgE
EwECACIFAlX4hgkCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEOhKwsBG
DzmUXdIQAI8YPcZMBWdv489q8CzxlfRIRZ3Gv/G/8CH+EOExcmkVZ89mVHngCdAP
DOYCl8twWXC1lwJuLDBtkUOHXNuR5+Jcl5zFOUyldq1Hv8u03vjnGT7lLJkJoqpG
l9QD8nBqRvBU7EM+CU7kP8+09b+088pULil+8x46PwgXkvOQwfVKSOr740Q4J4nm
/nUOyTNtToYntmt2fAVWDTIuyPpAqA6jcqSOC7Xoz9cYxkVWnYMLBUySXmSS0uxl
3p+wK0lMG0my/gb+alke5PAQjcE5dtXYzCn+8Lj0uSfCk8Gy0ZOK2oiUjaCGYN6D
u72qDRFBnR3jaoFqi03bGBIMnglGuAPyBZiI7LJgzuT9xumjKTJW3kN4YJxMNYu1
FzmIyFZpyvZ7930vB2UpCOiIaRdZiX4Z6ZN2frD3a/vBxBNqiNh/BO+Dex+PDfI4
TqwF8zlcjt4XZ2teQ8nNMR/D8oiYTUW8hwR4laEmDy7ASxe0p5aijmUApWq5UTsF
+s/QbwugccU0iR5orksM5u9MZH4J/mFGKzOltfGXNLYI6D5Mtwrnyi0BsF5eY0u6
vkdivtdqrq2DXY+ftuqLOQ7b+t1RctbcMHGPptlxFuN9ufP5TiTWSpfqDwmHCLsT
k2vFiMwcHdLpQ1IH8ORVRgPPsiBnBOJ/kIiXG2SxPUTjjEGOVgeA
=/Tod
-----END PGP PUBLIC KEY BLOCK-----" >ceph-key.asc
		otci_scp --host ${i} ceph-key.asc /root/ceph-key.asc
		otci_remote --host ${i} "apt-key add /root/ceph-key.asc"
		otci_remote --host ${i} apt-get update

		# Install some stuff, including puppet, and
		# puppet-module-openstacklib that contains the os_service_default fact.
		otci_remote --host ${i} apt-get install -y openstack-pkg-tools puppet joe puppet-module-openstacklib ssl-cert
		# Set puppet agent to point to the master
		otci_scp --host ${i} fixup-puppet /root/fixup-puppet
		otci_remote --host ${i} /root/fixup-puppet
		otci_remote --host ${i} /etc/init.d/puppet start
	done
	rm fixup-puppet
	rm ${TMPHOSTFILE}
}

sign_all_client_certs () {
	for i in ${ALL_SLAVE_NODES} ; do
		otci_remote puppet cert sign $i
	done
}

copy_all_cert_to_nodes () {
	mkdir -p certs
	cd certs
	for i in ${ALL_SLAVE_IPS} ; do
		echo "${BLUE}Copying certs from ${i}...${NO_COL}"
		NODE_HOSTNAME=$(ssh -o "StrictHostKeyChecking no" ${i} hostname --fqdn)
		scp -o "StrictHostKeyChecking no" ${i}:/etc/ssl/certs/ssl-cert-snakeoil.pem .
		mv ssl-cert-snakeoil.pem ${NODE_HOSTNAME}.pem
	done
	for i in ${ALL_SLAVE_IPS} ; do
		echo "${BLUE}Copying all certs to ${i}...${NO_COL}"
		scp -o "StrictHostKeyChecking no" *.pem ${i}:/etc/ssl/certs
		ssh -o "StrictHostKeyChecking no" ${i} /usr/sbin/update-ca-certificates -f
	done
	cd ..
	rm -rf certs
}

#install_deb_repos_and_pkg
#install_fake_networking
#rm -rf ~/img
#make_vm_image_puppet_master
#make_vm_image_slave_node
#install_puppet_node_startup
#install_runtime_vms
#start_puppet_node
#wait_for_ssh
#setup_puppet_vm
#setup_puppet_vm_puppet_master
#setup_dhcp_server
#setup_openstack_cluster_installer
#build_openstack_cluster_installer_live_image
#setup_tftp_hpa_default
#write_all_vms_start_scripts
#launch_start_all_vms

###################################
##### Start of install of VMs #####
###################################

start_os_install
wait_until_all_installed
set -x
remove_all_nodes_from_known_hosts
setup_all_nodes
sign_all_client_certs
copy_all_cert_to_nodes
