-
Notifications
You must be signed in to change notification settings - Fork 102
INSTALL cloud_setup
-
make a credentials repo
-
copy the knife/example-credentials directory
-
best to not live on github: use a private server and run
repo=ORGANIZATION-credentials ; repodir=/gitrepos/$repo.git ; mkdir -p $repodir ; ( GIT_DIR=$repodir git init --shared=group --bare && cd $repodir && git --bare update-server-info && chmod a+x hooks/post-update )
-
git submodule it into knife as
knife/yourorg-credentials
-
or, if somebody has added it,
git pull git submodule update --init find . -iname '*.pem' -exec chmod og-rw {} \; cp knife/${OLD_CHEF_ORGANIZATION}-credentials/knife-user-${CHEF_USER}.rb knife/${CHEF_ORGANIZATION}-credentials cp knife/${OLD_CHEF_ORGANIZATION}-credentials/${CHEF_USER}.pem knife/${CHEF_ORGANIZATION}-credentials/
-
-
create AWS account
- [sign up for AWS + credit card + password]
- make IAM users for admins
- add your IAM keys into your
{credentials}/knife-user
-
create opscode account
- download org keys, put in the credentials repo
-
create
prod
anddev
environments by usingknife environment create dev knife environment create prod knife environment from file environments/dev.json knife environment from file environments/prod.json
knife cookbook upload --all rake roles # if you have data bags, do that too
-
Start by launching the burninator cluster:
knife cluster launch --bootstrap --yes burninator-trogdor-0
- You may have to specify the template by adding this an anargument:
--template-file ${CHEF_HOMEBASE}/vendor/ironfan/lib/chef/knife/bootstrap/ubuntu10.04-ironfan.erb
- This template makes the machine auto-connect to the server upon launch and teleports the client-key into the machine.
- If this fails, bootstrap separately:
knife cluster bootstrap --yes burninator-trogdor-0
- You may have to specify the template by adding this an anargument:
-
Log into the burninator-trogdor and run the script /tmp/burn_ami_prep.sh:
sudo bash /tmp/burn_ami_prep.sh
- You will have to ssh as the ubuntu user and pass in the burninator.pem identity file.
- Review the output of this script and ensure the world we have created is sane.
-
Once the script has been run:
- Exit the machine.
- Go to AWS console.
- DO NOT stop the machine.
- Do "Create Image (EBS AMI)" from the burninator-trogdor instance (may take a while).
-
Add the AMI id to your
{credentials}/knife-org.rb
in theec2_image_info.merge!
section and create a reference name for the image (e.g ironfan-natty).- Add that reference name to the burninator-village facet in the burninator.rb cluster definition:
cloud.image_name 'ironfan_natty'
- Add that reference name to the burninator-village facet in the burninator.rb cluster definition:
-
Launch the burninator-village in order to test your newly created AMI.
- The village should launch with no problems, have the correct permissions and be able to complete a chef run:
sudo chef-client
.
- The village should launch with no problems, have the correct permissions and be able to complete a chef run:
-
If all has gone well so far, you may now stop the original burninator:
knife cluster kill burninator-trogdor
- Leave the burninator-village up and stay ssh'ed to assist with the next step.
-
Make a command/control cluster definition file with an nfs facet (see clusters/demo_cnc.rb).
- Make sure specify the
image_name
to be the AMI you've created.
- Make sure specify the
-
In the AWS console make yourself a 20GB drive.
- Make sure the availability zone matches the one specified in your cnc_cluster definition file.
- Don't choose a snapshot.
- Set the device name to
/dev/sdh
. - Attach to the burninator-village instance.
-
ssh in to burninator-village to format the nfs drive:
dev=/dev/xvdh ; name='home_drive' ; sudo umount $dev ; ls -l $dev ; sudo mkfs.xfs $dev ; sudo mkdir /mnt/$name ; sudo mount -t xfs $dev /mnt/$name ; sudo bash -c "echo 'snapshot for $name burned on `date`' > /mnt/$name/vol_info.txt "
sudo cp -rp /home/ubuntu /mnt/$name/ubuntu
sudo umount /dev/xvdh
exit
-
Back in the AWS console, snapshot the volume and name it
{org}-home_drive
. Delete the original volume as it is not needed anymore. -
Paste the snapshot id into your cnc_cluster definition file.
- ssh into the newly launched cnc_cluster-nfs.
- You should restart the machine via the AWS console (may or may not be necessary, do anyway).
-
Manipulate security groups
-
nfs_server
group should open all UDP ports and all TCP ports tonfs_client
group
-
-
Change /etc/ssh/sshd_config to be passwordful and restart the ssh service