217 lines
6.9 KiB
Bash
Executable File
217 lines
6.9 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
# Creates a server, installs Docker, runs the screenshots job, tears down the server.
|
|
#
|
|
# This will take several hours. For a complete, clean run it is required to leave the
|
|
# terminal running the script open. Otherwise the server won't be deleted properly
|
|
# which will result in extra cost.
|
|
#
|
|
# When stopping the script at any point (Ctrl+C), please make sure that the server
|
|
# gets deleted afterwards.
|
|
#
|
|
# Requirements:
|
|
#
|
|
# - curl
|
|
# - jq (https://stedolan.github.io/jq/)
|
|
# - ssh
|
|
# - SSH key referenced in the server details ("ssh_keys")
|
|
# - Service account with write permission for Storage and Datastore in
|
|
# secrets/datastore-writer.json
|
|
|
|
|
|
DOCKERIMAGE="quay.io/netzbegruenung/green-spider:latest"
|
|
|
|
RESULTS_ENTITY_KIND="spider-results"
|
|
|
|
API_TOKEN_SECRET="secrets/hetzner-api-token.sh"
|
|
test -f $API_TOKEN_SECRET || { echo >&2 "File $API_TOKEN_SECRET does not exist."; exit 1; }
|
|
source $API_TOKEN_SECRET
|
|
|
|
|
|
if [[ "$1" = "" ]]; then
|
|
echo "No argument given. Please use 'screenshotter' or 'spider' as arguments."
|
|
exit 1
|
|
fi
|
|
|
|
SERVERNAME="$1-$(date | md5 | cut -c1-3)"
|
|
|
|
# possible values: cx11 (1 core 2 GB), cx21 (2 cores, 4 GB), cx31 (2 cores, 8 GB)
|
|
SERVERTYPE="cx21"
|
|
|
|
function create_server()
|
|
{
|
|
echo "Creating server $SERVERNAME"
|
|
|
|
# server_type 'cx11' is the smallest, cheapest category.
|
|
# location 'nbg1' is Nürnberg/Nuremberg, Germany.
|
|
# image 'debian-9' is a plain Debian stretch.
|
|
# ssh_keys ['Marian'] adds Marian's public key to the server and can be extended.
|
|
# user_data: Ensures that we can detect when the cloud-init setup is done.
|
|
#
|
|
CREATE_RESPONSE=$(curl -s -X POST https://api.hetzner.cloud/v1/servers \
|
|
-H "Content-Type: application/json" \
|
|
-H "Authorization: Bearer $API_TOKEN" \
|
|
-d "{
|
|
\"name\": \"$SERVERNAME\",
|
|
\"server_type\": \"$SERVERTYPE\",
|
|
\"location\": \"nbg1\",
|
|
\"start_after_create\": true,
|
|
\"image\": \"debian-9\",
|
|
\"ssh_keys\": [
|
|
\"Marian\"
|
|
],
|
|
\"user_data\": \"#cloud-config\nruncmd:\n - touch /cloud-init-done\n\"
|
|
}")
|
|
|
|
# Get ID:
|
|
SERVER_ID=$(echo $CREATE_RESPONSE | jq -r .server.id)
|
|
|
|
# Get IP:
|
|
SERVER_IP=$(echo $CREATE_RESPONSE | jq -r .server.public_net.ipv4.ip)
|
|
|
|
if [ "$SERVER_ID" = "null" ]; then
|
|
echo "No server created."
|
|
echo $CREATE_RESPONSE | jq .
|
|
exit 1
|
|
fi
|
|
|
|
echo "Created server $SERVERNAME with ID $SERVER_ID and IP $SERVER_IP"
|
|
}
|
|
|
|
|
|
function wait_for_server()
|
|
{
|
|
echo -n "Waiting for the server to be reachable via SSH "
|
|
|
|
sleep 30
|
|
|
|
STATUS="255"
|
|
while [ "$STATUS" != "0" ]; do
|
|
echo -n "."
|
|
sleep 5
|
|
ssh -o StrictHostKeyChecking=no -q root@$SERVER_IP ls /cloud-init-done &> /dev/null
|
|
STATUS=$?
|
|
done
|
|
|
|
echo ""
|
|
}
|
|
|
|
|
|
create_server $1
|
|
wait_for_server
|
|
|
|
echo "Executing remote commands..."
|
|
|
|
ssh -o StrictHostKeyChecking=no -q root@$SERVER_IP << EOF
|
|
DEBIAN_FRONTEND=noninteractive
|
|
|
|
echo ""
|
|
echo "Update package sources"
|
|
apt-get update -q
|
|
|
|
echo ""
|
|
echo "Install dependencies"
|
|
apt-get install -y curl apt-transport-https gnupg2 software-properties-common
|
|
|
|
echo ""
|
|
echo "Add docker repo key"
|
|
curl -fsSL https://download.docker.com/linux/debian/gpg | apt-key add -
|
|
|
|
echo ""
|
|
echo "Add repo"
|
|
add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/debian stretch stable"
|
|
|
|
echo ""
|
|
echo "Update package sources again"
|
|
apt-get update -q
|
|
|
|
echo ""
|
|
echo "Install docker"
|
|
apt-get install -y docker-ce docker-compose
|
|
|
|
mkdir /root/secrets
|
|
EOF
|
|
|
|
if [[ $1 == "screenshotter" ]]; then
|
|
### screenshotter
|
|
|
|
# Copy service account secret to server
|
|
echo "Copying secret to /root/secrets/service-account.json"
|
|
scp -o StrictHostKeyChecking=no -q secrets/datastore-writer.json root@$SERVER_IP:/root/secrets/service-account.json
|
|
scp -o StrictHostKeyChecking=no -q secrets/screenshots-uploader.json root@$SERVER_IP:/root/secrets/screenshots-uploader.json
|
|
scp -o StrictHostKeyChecking=no -q secrets/datastore-writer.json root@$SERVER_IP:/root/secrets/datastore-writer.json
|
|
|
|
# Run docker job
|
|
echo "Starting Docker Job"
|
|
ssh -o StrictHostKeyChecking=no -q root@$SERVER_IP docker run -t \
|
|
-v /root/secrets:/secrets \
|
|
quay.io/netzbegruenung/green-spider-screenshotter
|
|
|
|
elif [[ $1 == "spider-new" ]]
|
|
then
|
|
# Some dependencies specific to this task
|
|
ssh -o StrictHostKeyChecking=no -q root@$SERVER_IP apt-get install -y python3-pip build-essential
|
|
|
|
# Upload some files
|
|
scp -o StrictHostKeyChecking=no -q secrets/datastore-writer.json root@$SERVER_IP:/root/secrets/datastore-writer.json
|
|
scp -o StrictHostKeyChecking=no -q docker-compose.yaml root@$SERVER_IP:/root/docker-compose.yaml
|
|
scp -o StrictHostKeyChecking=no -q requirements.txt root@$SERVER_IP:/root/requirements.txt
|
|
scp -o StrictHostKeyChecking=no -q job.py root@$SERVER_IP:/root/job.py
|
|
|
|
ssh -o StrictHostKeyChecking=no -q root@$SERVER_IP pip3 install -r requirements.txt
|
|
|
|
# Bring up redis for the queue
|
|
ssh -o StrictHostKeyChecking=no -q root@$SERVER_IP docker-compose pull redis
|
|
ssh -o StrictHostKeyChecking=no -q root@$SERVER_IP docker-compose up -d redis
|
|
sleep 5
|
|
|
|
# Bring up queue manager
|
|
ssh -o StrictHostKeyChecking=no -q root@$SERVER_IP docker-compose pull manager
|
|
ssh -o StrictHostKeyChecking=no -q root@$SERVER_IP docker-compose up manager
|
|
|
|
ssh -o StrictHostKeyChecking=no -q root@$SERVER_IP rq info --url redis://localhost:6379/0
|
|
|
|
# Start worker and work off the queue once
|
|
ssh -o StrictHostKeyChecking=no -q root@$SERVER_IP rq worker --burst high default low --url redis://localhost:6379/0
|
|
|
|
# Re-queue failed jobs once, then re-execute.
|
|
ssh -o StrictHostKeyChecking=no -q root@$SERVER_IP rq requeue --queue low -u redis://localhost:6379 --all
|
|
ssh -o StrictHostKeyChecking=no -q root@$SERVER_IP rq info --url redis://localhost:6379/0
|
|
|
|
ssh -o StrictHostKeyChecking=no -q root@$SERVER_IP rq worker --burst high default low --url redis://localhost:6379/0
|
|
|
|
echo "Done with queued jobs."
|
|
|
|
else
|
|
### spider
|
|
|
|
# Copy service account secret to server
|
|
echo "Copying secret to /root/secrets/datastore-writer.json"
|
|
scp -o StrictHostKeyChecking=no -q secrets/datastore-writer.json root@$SERVER_IP:/root/secrets/datastore-writer.json
|
|
|
|
# Run docker job
|
|
echo "Starting Docker Job"
|
|
#ssh -o StrictHostKeyChecking=no -q root@$SERVER_IP docker run -t \
|
|
# -v /root/secrets:/secrets \
|
|
# quay.io/netzbegruenung/green-spider spider.py \
|
|
# --credentials-path /secrets/datastore-writer.json \
|
|
# jobs
|
|
|
|
#ssh -o StrictHostKeyChecking=no -q root@$SERVER_IP mkdir -p /dev-shm
|
|
ssh -o StrictHostKeyChecking=no -q root@$SERVER_IP docker run -t \
|
|
--shm-size=2g \
|
|
-v /dev/shm:/dev/shm \
|
|
-v /root/secrets:/secrets \
|
|
$DOCKERIMAGE \
|
|
--credentials-path /secrets/datastore-writer.json \
|
|
--loglevel info \
|
|
spider --kind $RESULTS_ENTITY_KIND
|
|
|
|
fi
|
|
|
|
# Delete the box
|
|
echo "Deleting server $SERVERNAME with ID $SERVER_ID"
|
|
curl -s -X DELETE -H "Content-Type: application/json" \
|
|
-H "Authorization: Bearer $API_TOKEN" \
|
|
https://api.hetzner.cloud/v1/servers/$SERVER_ID
|