Add steps to clean up service provider setup (#14)
Part of [Service Provider Setup](https://www.notion.so/Service-provider-setup-a09e2207e1f34f3a847f7ce9713b7ac5) - Move user setup playbook to separate directory - Remove unneeded variables Co-authored-by: Adw8 <adwaitgharpure@gmail.com> Reviewed-on: #14
This commit is contained in:
parent
2e0fbd82f1
commit
65be098ce9
13
README.md
13
README.md
@ -36,6 +36,19 @@
|
||||
|
||||
- Reference: <https://udhayakumarc.medium.com/error-ansible-requires-the-locale-encoding-to-be-utf-8-detected-iso8859-1-6da808387f7d>
|
||||
|
||||
- Verify ansible installation by running the following command:
|
||||
|
||||
```bash
|
||||
ansible --version
|
||||
# ansible [core 2.17.2]
|
||||
```
|
||||
|
||||
- Install `sshpass` used for automating SSH password authentication
|
||||
|
||||
```bash
|
||||
sudo apt-get install sshpass
|
||||
```
|
||||
|
||||
## Playbooks
|
||||
|
||||
- [stack-orchestrator-setup](./stack-orchestrator-setup/README.md)
|
||||
|
@ -1,8 +1,10 @@
|
||||
# nitro-bridge-setup
|
||||
|
||||
## Setup Ansible
|
||||
## Prerequisites
|
||||
|
||||
To get started, follow the [installation](../README.md#installation) guide to setup ansible on your machine
|
||||
- Setup Ansible: To get started, follow the [installation](../README.md#installation) guide to setup ansible on your machine.
|
||||
|
||||
- Setup user with passwordless sudo: Follow steps from [Setup a user](../user-setup/README.md#setup-a-user) to setup a new user
|
||||
|
||||
## Setup
|
||||
|
||||
@ -40,33 +42,13 @@ The following commands have to be executed in the [`nitro-bridge-setup`](./) dir
|
||||
|
||||
## Run Nitro Bridge
|
||||
|
||||
### On Local Host
|
||||
|
||||
- To setup and run nitro bridge locally, execute the `run-nitro-bridge.yml` Ansible playbook:
|
||||
|
||||
```bash
|
||||
LANG=en_US.utf8 ansible-playbook run-nitro-bridge.yml --extra-vars='{ "target_host": "localhost"}' --user $USER -kK
|
||||
```
|
||||
|
||||
NOTE: By default, deployments are created in an `out` directory. To change this location, update the `nitro_directory` variable in the [setup-vars.yml](./setup-vars.yml) file
|
||||
|
||||
- For skipping container build, set `"skip_container_build" : true` in the `--extra-vars` parameter:
|
||||
|
||||
```bash
|
||||
LANG=en_US.utf8 ansible-playbook run-nitro-bridge.yml --extra-vars='{"target_host" : "localhost", "skip_container_build": true}' --user $USER -kK
|
||||
```
|
||||
|
||||
### On Remote Host
|
||||
|
||||
To run the playbook on a remote host:
|
||||
|
||||
- Create a new `hosts.ini` file:
|
||||
|
||||
```bash
|
||||
cp ../hosts.example.ini hosts.ini
|
||||
```
|
||||
|
||||
- Edit the [`hosts.ini`](./hosts.ini) file to run the playbook on a remote machine:
|
||||
- Edit the [`hosts.ini`](./hosts.ini) file:
|
||||
|
||||
```ini
|
||||
[<deployment_host>]
|
||||
@ -76,12 +58,12 @@ To run the playbook on a remote host:
|
||||
- Replace `<deployment_host>` with `nitro_host`
|
||||
- Replace `<host_name>` with the alias of your choice
|
||||
- Replace `<target_ip>` with the IP address or hostname of the target machine
|
||||
- Replace `<ssh_user>` with the SSH username (e.g., dev, ubuntu)
|
||||
- Replace `<ssh_user>` with the username of the user that you set up on target machine (e.g. dev, ubuntu)
|
||||
|
||||
- Verify that you are able to connect to the host using the following command
|
||||
- Verify that you are able to connect to the host using the following command:
|
||||
|
||||
```bash
|
||||
ansible all -m ping -i hosts.ini -k
|
||||
ansible all -m ping -i hosts.ini
|
||||
|
||||
# Expected output:
|
||||
|
||||
@ -94,21 +76,23 @@ To run the playbook on a remote host:
|
||||
# }
|
||||
```
|
||||
|
||||
- Execute the `run-nitro-bridge.yml` Ansible playbook for remote deployment:
|
||||
- Execute the `run-nitro-bridge.yml` Ansible playbook for deploying nitro bridge:
|
||||
|
||||
```bash
|
||||
LANG=en_US.utf8 ansible-playbook -i hosts.ini run-nitro-bridge.yml --extra-vars='{ "target_host": "nitro_host"}' --user $USER -kK
|
||||
LANG=en_US.utf8 ansible-playbook -i hosts.ini run-nitro-bridge.yml --extra-vars='{ "target_host": "nitro_host"}' --user $USER
|
||||
```
|
||||
|
||||
NOTE: By default, deployments are created in an `out` directory. To change this location, update the `nitro_directory` variable in the [setup-vars.yml](./setup-vars.yml) file
|
||||
|
||||
- For skipping container build, run with `"skip_container_build" : true` in the `--extra-vars` parameter:
|
||||
|
||||
```bash
|
||||
LANG=en_US.utf8 ansible-playbook -i hosts.ini run-nitro-bridge.yml --extra-vars='{ "target_host": "nitro_host", "skip_container_build": true }' --user $USER -kK
|
||||
LANG=en_US.utf8 ansible-playbook -i hosts.ini run-nitro-bridge.yml --extra-vars='{ "target_host": "nitro_host", "skip_container_build": true }' --user $USER
|
||||
```
|
||||
|
||||
## Check Deployment Status
|
||||
|
||||
- Run the following command in the directory where the bridge-deployment is created:
|
||||
Run the following command in the directory where the bridge-deployment is created:
|
||||
|
||||
- Check logs for deployments:
|
||||
|
||||
|
@ -1,3 +1,3 @@
|
||||
target_host: "localhost"
|
||||
target_host: "nitro_host"
|
||||
nitro_directory: out
|
||||
skip_container_build: false
|
||||
|
@ -1,8 +1,10 @@
|
||||
# nitro-contracts-setup
|
||||
|
||||
## Setup Ansible
|
||||
## Prerequisites
|
||||
|
||||
To get started, follow the [installation](../README.md#installation) guide to setup ansible on your machine
|
||||
- Setup Ansible: To get started, follow the [installation](../README.md#installation) guide to setup ansible on your machine.
|
||||
|
||||
- Setup user with passwordless sudo: Follow steps from [Setup a user](../user-setup/README.md#setup-a-user) to setup a new user with passwordless sudo
|
||||
|
||||
## Setup
|
||||
|
||||
@ -34,33 +36,13 @@ The following commands have to be executed in the [`nitro-contracts-setup`](./)
|
||||
|
||||
## Deploy Contracts
|
||||
|
||||
### On Local Host
|
||||
|
||||
- To deploy nitro contracts locally, execute the `deploy-contracts.yml` Ansible playbook:
|
||||
|
||||
```bash
|
||||
LANG=en_US.utf8 ansible-playbook deploy-contracts.yml --extra-vars='{ "target_host": "localhost"}' --user $USER -kK
|
||||
```
|
||||
|
||||
NOTE: By default, deployments are created in an `out` directory. To change this location, update the `nitro_directory` variable in the [setup-vars.yml](./setup-vars.yml) file
|
||||
|
||||
- For skipping container build, set `"skip_container_build" : true` in the `--extra-vars` parameter:
|
||||
|
||||
```bash
|
||||
LANG=en_US.utf8 ansible-playbook deploy-contracts.yml --extra-vars='{"target_host" : "localhost", "skip_container_build": true}' --user $USER -kK
|
||||
```
|
||||
|
||||
### On Remote Host
|
||||
|
||||
To run the playbook on a remote host:
|
||||
|
||||
- Create a new `hosts.ini` file:
|
||||
|
||||
```bash
|
||||
cp ../hosts.example.ini hosts.ini
|
||||
```
|
||||
|
||||
- Edit the [`hosts.ini`](./hosts.ini) file to run the playbook on a remote machine:
|
||||
- Edit the [`hosts.ini`](./hosts.ini) file:
|
||||
|
||||
```ini
|
||||
[<deployment_host>]
|
||||
@ -70,12 +52,12 @@ To run the playbook on a remote host:
|
||||
- Replace `<deployment_host>` with `nitro_host`
|
||||
- Replace `<host_name>` with the alias of your choice
|
||||
- Replace `<target_ip>` with the IP address or hostname of the target machine
|
||||
- Replace `<ssh_user>` with the SSH username (e.g., dev, ubuntu)
|
||||
- Replace `<ssh_user>` with the username of the user that you set up on target machine (e.g. dev, ubuntu)
|
||||
|
||||
- Verify that you are able to connect to the host using the following command
|
||||
|
||||
```bash
|
||||
ansible all -m ping -i hosts.ini -k
|
||||
ansible all -m ping -i hosts.ini
|
||||
|
||||
# Expected output:
|
||||
|
||||
@ -88,21 +70,23 @@ To run the playbook on a remote host:
|
||||
# }
|
||||
```
|
||||
|
||||
- Execute the `deploy-contracts.yml` Ansible playbook for remote deployment:
|
||||
- Execute the `deploy-contracts.yml` Ansible playbook to deploy nitro contracts:
|
||||
|
||||
```bash
|
||||
LANG=en_US.utf8 ansible-playbook -i hosts.ini deploy-contracts.yml --extra-vars='{ "target_host": "nitro_host"}' --user $USER -kK
|
||||
LANG=en_US.utf8 ansible-playbook -i hosts.ini deploy-contracts.yml --extra-vars='{ "target_host": "nitro_host"}' --user $USER
|
||||
```
|
||||
|
||||
NOTE: By default, deployments are created in an `out` directory. To change this location, update the `nitro_directory` variable in the [setup-vars.yml](./setup-vars.yml) file
|
||||
|
||||
- For skipping container build, run with `"skip_container_build" : true` in the `--extra-vars` parameter:
|
||||
|
||||
```bash
|
||||
LANG=en_US.utf8 ansible-playbook -i hosts.ini deploy-contracts.yml --extra-vars='{ "target_host": "nitro_host", "skip_container_build": true }' --user $USER -kK
|
||||
LANG=en_US.utf8 ansible-playbook -i hosts.ini deploy-contracts.yml --extra-vars='{ "target_host": "nitro_host", "skip_container_build": true }' --user $USER
|
||||
```
|
||||
|
||||
## Check Deployment Status
|
||||
|
||||
- Run the following command in the directory where the nitro-contracts-deployment is created:
|
||||
Run the following command in the directory where the nitro-contracts-deployment is created:
|
||||
|
||||
- Check logs for deployments:
|
||||
|
||||
@ -113,7 +97,7 @@ To run the playbook on a remote host:
|
||||
|
||||
## Get Contract Addresses
|
||||
|
||||
- Run the following commands in the directory where the deployments are created:
|
||||
Run the following commands in the directory where the deployments are created:
|
||||
|
||||
- Get addresses of L1 nitro contracts:
|
||||
|
||||
|
@ -1,3 +1,3 @@
|
||||
target_host: "localhost"
|
||||
target_host: "nitro_host"
|
||||
nitro_directory: out
|
||||
skip_container_build: false
|
||||
|
@ -1,8 +1,10 @@
|
||||
# nitro-nodes-setup
|
||||
|
||||
## Setup Ansible
|
||||
## Prerequisites
|
||||
|
||||
To get started, follow the [installation](../README.md#installation) guide to setup ansible on your machine
|
||||
- Setup Ansible: To get started, follow the [installation](../README.md#installation) guide to setup ansible on your machine.
|
||||
|
||||
- Setup user with passwordless sudo: Follow steps from [Setup a user](../user-setup/README.md#setup-a-user) to setup a new user with passwordless sudo
|
||||
|
||||
## Setup
|
||||
|
||||
@ -52,33 +54,13 @@ The following commands have to be executed in [`nitro-nodes-setup`](./) director
|
||||
|
||||
## Run Nitro Node
|
||||
|
||||
### On Local Host
|
||||
|
||||
- To run a nitro node, execute the `run-nitro-nodes.yml` Ansible playbook by running the following command:
|
||||
|
||||
```bash
|
||||
LANG=en_US.utf8 ansible-playbook run-nitro-nodes.yml --extra-vars='{ "target_host": "localhost"}' --user $USER -kK
|
||||
```
|
||||
|
||||
NOTE: By default, deployments are created in a `out` directory. To change this location, update the `nitro_directory` variable in the [setup-vars.yml](./setup-vars.yml) file
|
||||
|
||||
- For skipping container build, run with `"skip_container_build" : true` in the `--extra-vars` parameter:
|
||||
|
||||
```bash
|
||||
LANG=en_US.utf8 ansible-playbook -i hosts.ini run-nitro-nodes.yml --extra-vars='{ "target_host": "localhost", "skip_container_build": true }' --user $USER -kK
|
||||
```
|
||||
|
||||
### On Remote Host
|
||||
|
||||
To run the playbook on a remote host:
|
||||
|
||||
- Create a new `hosts.ini` file:
|
||||
|
||||
```bash
|
||||
cp ../hosts.example.ini hosts.ini
|
||||
```
|
||||
|
||||
- Edit the [`hosts.ini`](./hosts.ini) file to run the playbook on a remote machine:
|
||||
- Edit the [`hosts.ini`](./hosts.ini) file:
|
||||
|
||||
```ini
|
||||
[<deployment_host>]
|
||||
@ -88,12 +70,12 @@ To run the playbook on a remote host:
|
||||
- Replace `<deployment_host>` with `nitro_host`
|
||||
- Replace `<host_name>` with the alias of your choice
|
||||
- Replace `<target_ip>` with the IP address or hostname of the target machine
|
||||
- Replace `<ssh_user>` with the SSH username (e.g., dev, ubuntu)
|
||||
- Replace `<ssh_user>` with the username of the user that you set up on target machine (e.g. dev, ubuntu)
|
||||
|
||||
- Verify that you are able to connect to the host using the following command
|
||||
|
||||
```bash
|
||||
ansible all -m ping -i hosts.ini -k
|
||||
ansible all -m ping -i hosts.ini
|
||||
|
||||
# Expected output:
|
||||
|
||||
@ -108,22 +90,23 @@ To run the playbook on a remote host:
|
||||
|
||||
- Copy and edit the [`nitro-vars.yml`](./nitro-vars.yml) file as described in the [local setup](./README.md#run-nitro-node-on-local-host) section
|
||||
|
||||
- Execute the `run-nitro-nodes.yml` Ansible playbook for remote deployment:
|
||||
- Execute the `run-nitro-nodes.yml` Ansible playbook to deploy nitro nodes:
|
||||
|
||||
```bash
|
||||
LANG=en_US.utf8 ansible-playbook -i hosts.ini run-nitro-nodes.yml --extra-vars='{ "target_host": "nitro_host"}' --user $USER -kK
|
||||
LANG=en_US.utf8 ansible-playbook -i hosts.ini run-nitro-nodes.yml --extra-vars='{ "target_host": "nitro_host"}' --user $USER
|
||||
```
|
||||
|
||||
NOTE: By default, deployments are created in a `out` directory. To change this location, update the `nitro_directory` variable in the [setup-vars.yml](./setup-vars.yml) file
|
||||
|
||||
- For skipping container build, run with `"skip_container_build" : true` in the `--extra-vars` parameter:
|
||||
|
||||
```bash
|
||||
LANG=en_US.utf8 ansible-playbook -i hosts.ini run-nitro-nodes.yml --extra-vars='{ "target_host": "nitro_host", "skip_container_build": true }' --user $USER -kK
|
||||
LANG=en_US.utf8 ansible-playbook -i hosts.ini run-nitro-nodes.yml --extra-vars='{ "target_host": "nitro_host", "skip_container_build": true }' --user $USER
|
||||
```
|
||||
|
||||
|
||||
## Check Deployment Status
|
||||
|
||||
- Run the following command in the directory where the deployments are created
|
||||
Run the following command in the directory where the deployments are created
|
||||
|
||||
- Check L1 nitro node logs:
|
||||
|
||||
|
@ -1,3 +1,3 @@
|
||||
target_host: "localhost"
|
||||
target_host: "nitro_host"
|
||||
nitro_directory: out
|
||||
skip_container_build: false
|
||||
|
@ -1,76 +1,16 @@
|
||||
# service-provider-setup
|
||||
|
||||
## Setup Ansible
|
||||
|
||||
To get started, follow the [installation](../README.md#installation) guide to setup ansible on your machine
|
||||
|
||||
## Prerequisites
|
||||
|
||||
- Setup Ansible: follow the [installation](../README.md#installation) guide to setup ansible on your machine
|
||||
|
||||
- Set up a DigitalOcean Droplet with passwordless SSH access
|
||||
|
||||
- Buy a domain and configure [nameservers pointing to DigitalOcean](https://docs.digitalocean.com/products/networking/dns/getting-started/dns-registrars/)
|
||||
|
||||
- Generate a DigitalOcean access token, used for API authentication and managing cloud resources
|
||||
|
||||
## Setup a new User
|
||||
|
||||
- Create a new `hosts.ini` file:
|
||||
|
||||
```bash
|
||||
cp ../hosts.example.ini hosts.ini
|
||||
```
|
||||
|
||||
- Edit the [`hosts.ini`](./hosts.ini) file to run the playbook on a remote machine:
|
||||
|
||||
```ini
|
||||
[root_host]
|
||||
<host_name> ansible_host=<target_ip> ansible_user=<ssh_user> ansible_ssh_common_args='-o ForwardAgent=yes'
|
||||
```
|
||||
|
||||
- Replace `<host_name>` with the desired `hostname` of the remote machine
|
||||
- Replace `<target_ip>` with the IP address or hostname of the target machine
|
||||
- Replace `<ssh_user>` with `root`
|
||||
|
||||
- Verify that you are able to connect to the host using the following command:
|
||||
|
||||
```bash
|
||||
ansible all -m ping -i hosts.ini
|
||||
|
||||
# Expected output:
|
||||
|
||||
# <host_name> | SUCCESS => {
|
||||
# "ansible_facts": {
|
||||
# "discovered_interpreter_python": "/usr/bin/python3.10"
|
||||
# },
|
||||
# "changed": false,
|
||||
# "ping": "pong"
|
||||
# }
|
||||
```
|
||||
|
||||
- Setup `user-vars.yml` using the example file
|
||||
|
||||
```bash
|
||||
cp vars/user-vars.example.yml vars/user-vars.yml
|
||||
```
|
||||
|
||||
- Edit the `user-vars.yml` file:
|
||||
|
||||
```bash
|
||||
# name of the user you want to setup on the target host
|
||||
username: ""
|
||||
|
||||
# password of the user you want to setup on the target host
|
||||
password: ""
|
||||
|
||||
# path to the ssh key on your machine, eg: "/home/user/.ssh/id_rsa.pub"
|
||||
path_to_ssh_key: ""
|
||||
```
|
||||
|
||||
- Execute the `setup-user.yml` Ansible playbook to create a user with passwordless sudo permissions:
|
||||
|
||||
```bash
|
||||
LANG=en_US.utf8 ansible-playbook setup-user.yml -i hosts.ini --extra-vars='{ "target_host": "deployment_host" }'
|
||||
```
|
||||
- Setup a user: Follow steps from [Setup a user](../user-setup/README.md#setup-a-user) to setup a new user with passwordless sudo
|
||||
|
||||
## Become a Service Provider
|
||||
|
||||
@ -94,7 +34,6 @@ To get started, follow the [installation](../README.md#installation) guide to se
|
||||
```bash
|
||||
# vars/dns-vars.yml
|
||||
full_domain: "" # eg: laconic.com
|
||||
subdomain_prefix: "" # eg: lcn-cad
|
||||
service_provider_ip: "" # eg: 23.111.78.179
|
||||
do_api_token: "" # DigitalOcean access token that you generated, eg: dop_v1...
|
||||
|
||||
@ -104,10 +43,8 @@ To get started, follow the [installation](../README.md#installation) guide to se
|
||||
gpg_passphrase: "" # passphrase for securing the GPG key
|
||||
|
||||
# vars/k8s-vars.yml
|
||||
target_host: "deployment_host"
|
||||
org_id: "" # eg: lcn
|
||||
location_id: "" # eg: cad
|
||||
base_domain: "" # eg: laconic
|
||||
support_email: "" # eg: support@laconic.com
|
||||
|
||||
# vars/container-vars.yml
|
||||
@ -118,22 +55,25 @@ To get started, follow the [installation](../README.md#installation) guide to se
|
||||
chain_id: "" # chain id to use for the Laconic chain
|
||||
|
||||
# vars/webapp-vars.yml
|
||||
authority_name: "" # eg: my-org-name
|
||||
cpu_reservation: "" # minimum number of cpu cores to be used, eg: 2
|
||||
memory_reservation: "" # minimum amount of memory in GB to be used, eg: 4G
|
||||
cpu_limit: "" # maximum number of cpu cores to be used, eg: 6
|
||||
memory_limit: "" # maximum amount of memory in GB to be used, eg: 8G
|
||||
authority_name: "" # eg: laconic-authority
|
||||
cpu_reservation: "1" # minimum number of cpu cores to be used, eg: 2
|
||||
memory_reservation: "2G" # minimum amount of memory in GB to be used, eg: 4G
|
||||
cpu_limit: "6" # maximum number of cpu cores to be used, eg: 6
|
||||
memory_limit: "8G" # maximum amount of memory in GB to be used, eg: 8G
|
||||
deployer_gpg_passphrase: "" # passphrase for creating GPG key used by webapp-deployer, eg: SECRET
|
||||
handle_auction_requests: "" # whether the webapp deployer should handle deployment auction requests, eg: true
|
||||
auction_bid_amount: "" # bid amount for deployment auctions in alnt, eg: 500000
|
||||
handle_auction_requests: "true" # whether the webapp deployer should handle deployment auction requests, eg: true
|
||||
auction_bid_amount: "500000" # bid amount for deployment auctions in alnt, eg: 500000
|
||||
```
|
||||
|
||||
- Update the [`hosts.ini`](./hosts.ini) file:
|
||||
- Create a new `hosts.ini` file:
|
||||
|
||||
```bash
|
||||
cp ../hosts.example.ini hosts.ini
|
||||
```
|
||||
|
||||
- Edit the [`hosts.ini`](./hosts.ini) file:
|
||||
|
||||
```ini
|
||||
[root_host]
|
||||
<host_name> ansible_host=<target_ip> ansible_user=root ansible_ssh_common_args='-o ForwardAgent=yes'
|
||||
|
||||
[deployment_host]
|
||||
<host_name> ansible_host=<target_ip> ansible_user=<new_username> ansible_ssh_common_args='-o ForwardAgent=yes'
|
||||
```
|
||||
@ -178,3 +118,82 @@ After the playbook finishes executing, the following services will be deployed (
|
||||
- laconic console: <http://lcn-console.laconic.com:8080/registry>
|
||||
- webapp deployer API: <https://webapp-deployer-api.pwa.laconic.com>
|
||||
- webapp deployer UI: <https://webapp-deployer-ui.pwa.laconic.com>
|
||||
|
||||
## Cleanup
|
||||
|
||||
Run the following steps on the target machine to stop the webapp-deployer, container-registry, fixturenet-laconicd and laconic-console-deployment, undeploy k8s, remove GPG keys and DNS records
|
||||
- Stop deployments
|
||||
|
||||
```
|
||||
$ laconic-so deployment --dir webapp-ui stop
|
||||
$ laconic-so deployment --dir webapp-deployer
|
||||
$ laconic-so deployment --dir container-registry stop
|
||||
$ laconic-so deployment --dir laconic-console-deployment stop --delete-volumes
|
||||
$ laconic-so deployment --dir fixturenet-laconicd-deployment stop --delete-volumes
|
||||
```
|
||||
|
||||
- Remove deployment directories
|
||||
```
|
||||
sudo rm -rf webapp-ui
|
||||
sudo rm -rf webapp-deployer
|
||||
sudo rm -rf container-registry
|
||||
sudo rm -rf laconic-console-deployment
|
||||
sudo rm -rf fixturenet-laconicd-deployment
|
||||
```
|
||||
|
||||
- Remove spec files
|
||||
|
||||
```
|
||||
rm webapp-deployer.spec
|
||||
rm container-registry.spec
|
||||
rm laconic-console-spec.yml
|
||||
rm fixturenet-laconicd-spec.yml
|
||||
```
|
||||
|
||||
- Undeploy the k8s
|
||||
|
||||
```
|
||||
$ cd service-provider-template
|
||||
$ export VAULT_KEY=<gpg_passphrase>
|
||||
$ bash .vault/vault-rekey.sh
|
||||
$ ansible-playbook -i hosts site.yml --tags=k8s --limit=<org_id>_<location_id> --user <user> --extra-vars 'k8s_action=destroy'
|
||||
```
|
||||
|
||||
- Remove service-provider-template repo
|
||||
```
|
||||
$ rm -rf service-provider-template
|
||||
```
|
||||
|
||||
- Remove any existing GPG keys
|
||||
```
|
||||
$ rm -rf gpg-keys/
|
||||
$ gpg --list-secret-keys --keyid-format=long
|
||||
/home/dev/.gnupg/pubring.kbx
|
||||
----------------------------
|
||||
sec rsa4096/DA9E3D638930A699 2024-10-15 [SCEA]
|
||||
69A3200727091E72B773BBEBDA9E3D638930A699
|
||||
uid [ultimate] deepstack <support@deepstacksoft.com>
|
||||
ssb rsa3072/2B5D80CF44753EFD 2024-10-15 [SEA]
|
||||
|
||||
sec rsa3072/2449A62C838440AB 2024-10-15 [SC]
|
||||
646A42164F978DC1415C11F12449A62C838440AB
|
||||
uid [ultimate] webapp-deployer-api.deepstack.com
|
||||
ssb rsa3072/67576558A2F2FE91 2024-10-15 [E]
|
||||
|
||||
$ gpg --delete-secret-key 69A3200727091E72B773BBEBDA9E3D638930A699
|
||||
$ gpg --delete-key 69A3200727091E72B773BBEBDA9E3D638930A699
|
||||
$ gpg --delete-secret-key 646A42164F978DC1415C11F12449A62C838440AB
|
||||
$ gpg --delete-key 646A42164F978DC1415C11F12449A62C838440AB
|
||||
```
|
||||
- Remove the user if required
|
||||
|
||||
```bash
|
||||
$ userdel <user>
|
||||
|
||||
# If required, kill process that is using the user
|
||||
# userdel: user <user> is currently used by process 1639
|
||||
# $ kill -9 1639
|
||||
```
|
||||
|
||||
- Remove DNS records using DigitalOcean's API:
|
||||
- <https://docs.digitalocean.com/reference/api/api-try-it-now/#/Domain%20Records/domains_delete_record>
|
||||
|
@ -66,6 +66,7 @@
|
||||
command: gpg-agent --daemon
|
||||
ignore_errors: yes
|
||||
|
||||
# Cache GPG passphrase by signing a dummy string to avoid passphrase prompts in later steps
|
||||
- name: Sign a dummy string using gpg-key
|
||||
shell: echo "This is a dummy string." | gpg --batch --yes --local-user "{{ gpg_key_id }}" --passphrase "{{ vault_passphrase }}" --pinentry-mode loopback --sign -
|
||||
|
||||
@ -124,10 +125,10 @@
|
||||
src: ./templates/k8s.yml.j2
|
||||
dest: "{{ ansible_env.HOME }}/service-provider-template/group_vars/{{ org_id }}_{{ location_id }}/k8s.yml"
|
||||
|
||||
- name: Copy wildcard-pwa-{{ base_domain }}.yaml to the remote VM
|
||||
- name: Copy wildcard template to the remote VM
|
||||
template:
|
||||
src: ./templates/wildcard-pwa-example.yml.j2
|
||||
dest: "{{ ansible_env.HOME }}/service-provider-template/files/manifests/wildcard-pwa-{{ base_domain }}.yaml"
|
||||
dest: "{{ ansible_env.HOME }}/service-provider-template/files/manifests/wildcard-pwa-{{ full_domain | replace('.', '-') }}.yaml"
|
||||
|
||||
- name: Delete old wildcard-pwa file
|
||||
file:
|
||||
|
@ -52,4 +52,4 @@ k8s_manifests:
|
||||
# initiate wildcard cert
|
||||
- name: pwa.{{ full_domain }}
|
||||
type: file
|
||||
source: wildcard-pwa-{{ base_domain }}.yaml
|
||||
source: wildcard-pwa-{{ full_domain | replace('.', '-') }}.yaml
|
||||
|
@ -1,5 +1,5 @@
|
||||
full_domain: ""
|
||||
subdomain_prefix: ""
|
||||
subdomain_prefix: "{{ org_id }}-{{ location_id }}"
|
||||
subdomain_cluster_control: "{{ subdomain_prefix }}-cluster-control"
|
||||
service_provider_ip: ""
|
||||
do_api_token: ""
|
||||
|
@ -2,6 +2,5 @@ gpg_key_id: "{{ sec_key_id }}"
|
||||
vault_passphrase: "{{ gpg_passphrase }}"
|
||||
org_id: ""
|
||||
location_id: ""
|
||||
base_domain: ""
|
||||
support_email: ""
|
||||
ansible_ssh_extra_args: '-o StrictHostKeyChecking=no'
|
||||
|
@ -1,10 +1,10 @@
|
||||
ALICE_PK: "{{ ALICE_PK }}"
|
||||
BOND_ID: "{{ BOND_ID }}"
|
||||
authority_name: ""
|
||||
cpu_reservation: ""
|
||||
memory_reservation: ""
|
||||
cpu_reservation: "1"
|
||||
memory_reservation: "2G"
|
||||
cpu_limit: "6"
|
||||
memory_limit: "8G"
|
||||
deployer_gpg_passphrase: ""
|
||||
handle_auction_requests: "false"
|
||||
auction_bid_amount: "0"
|
||||
handle_auction_requests: "true"
|
||||
auction_bid_amount: "500000"
|
||||
|
@ -1,8 +1,10 @@
|
||||
# stack-orchestrator-setup
|
||||
|
||||
## Setup Ansible
|
||||
## Prerequisites
|
||||
|
||||
To get started, follow the [installation](../README.md#installation) guide to setup ansible on your machine.
|
||||
- Setup Ansible: To get started, follow the [installation](../README.md#installation) guide to setup ansible on your machine.
|
||||
|
||||
- Setup user with passwordless sudo: Follow steps from [Setup a user](../user-setup/README.md#setup-a-user) to setup a new user with passwordless sudo
|
||||
|
||||
## Setup Stack Orchestrator
|
||||
|
||||
@ -10,18 +12,6 @@ This playbook will install Docker and Stack Orchestrator (laconic-so) on the mac
|
||||
|
||||
Run the following commands in the [`stack-orchestrator-setup`](./) directory.
|
||||
|
||||
### On Local Host
|
||||
|
||||
To setup stack orchestrator and docker locally, execute the `setup-laconic-so.yml` Ansible playbook:
|
||||
|
||||
```bash
|
||||
LANG=en_US.utf8 ansible-playbook setup-laconic-so.yml --user $USER -kK
|
||||
```
|
||||
|
||||
### On Remote Host
|
||||
|
||||
To run the playbook on a remote host:
|
||||
|
||||
- Create a new `hosts.ini` file:
|
||||
|
||||
```bash
|
||||
@ -37,12 +27,12 @@ To run the playbook on a remote host:
|
||||
|
||||
- Replace `<host_name>` with the alias of your choice
|
||||
- Replace `<target_ip>` with the IP address or hostname of the target machine
|
||||
- Replace `<ssh_user>` with the SSH username (e.g., dev, ubuntu)
|
||||
- Replace `<ssh_user>` with the username of the user that you set up on target machine (e.g. dev, ubuntu)
|
||||
|
||||
- Verify that you are able to connect to the host using the following command
|
||||
|
||||
```bash
|
||||
ansible all -m ping -i hosts.ini -k
|
||||
ansible all -m ping -i hosts.ini
|
||||
|
||||
# Expected output:
|
||||
|
||||
@ -55,22 +45,24 @@ To run the playbook on a remote host:
|
||||
# }
|
||||
```
|
||||
|
||||
- Execute the `setup-laconic-so.yml` Ansible playbook for setting up stack orchestrator and docker on a remote machine:
|
||||
- Execute the `setup-laconic-so.yml` Ansible playbook for setting up stack orchestrator and docker on the target machine:
|
||||
|
||||
```bash
|
||||
LANG=en_US.utf8 ansible-playbook setup-laconic-so.yml -i hosts.ini --extra-vars='{ "target_host": "deployment_host"}' --user $USER -kK
|
||||
LANG=en_US.utf8 ansible-playbook setup-laconic-so.yml -i hosts.ini --extra-vars='{ "target_host": "deployment_host"}' --user $USER
|
||||
```
|
||||
|
||||
## Verify Installation
|
||||
|
||||
- After the installation is complete, verify if `$HOME/bin` is already included in your PATH by running:
|
||||
Run the following commands on your target machine:
|
||||
|
||||
- After the installation is complete, verify if `$HOME/bin` is already included in the `PATH` by running:
|
||||
|
||||
```bash
|
||||
echo $PATH | grep -q "$HOME/bin" && echo "$HOME/bin is already in PATH" || echo "$HOME/bin is not in PATH"
|
||||
```
|
||||
If the command outputs `"$HOME/bin is not in PATH"`, you'll need to add it to your `PATH`.
|
||||
|
||||
- To add `$HOME/bin` to your PATH, run the following command:
|
||||
- To add `$HOME/bin` to your `PATH`, run the following command:
|
||||
|
||||
```bash
|
||||
export PATH="$HOME/bin:$PATH"
|
||||
|
1
user-setup/.gitignore
vendored
Normal file
1
user-setup/.gitignore
vendored
Normal file
@ -0,0 +1 @@
|
||||
user-vars.yml
|
74
user-setup/README.md
Normal file
74
user-setup/README.md
Normal file
@ -0,0 +1,74 @@
|
||||
# user-setup
|
||||
|
||||
## Prerequisites
|
||||
|
||||
- Setup Ansible: follow the [installation](../README.md#installation) guide to setup ansible on your machine.
|
||||
|
||||
- Setup a remote machine with passwordless SSH login for the root user
|
||||
|
||||
- Install `passlib` used for handling encrypted passwords when setting up a user
|
||||
|
||||
```bash
|
||||
pip install passlib
|
||||
```
|
||||
|
||||
## Setup a user
|
||||
|
||||
- Create a new `hosts.ini` file:
|
||||
|
||||
```bash
|
||||
cd user-setup/
|
||||
cp ../hosts.example.ini hosts.ini
|
||||
```
|
||||
|
||||
- Edit the [`hosts.ini`](./hosts.ini) file:
|
||||
|
||||
```ini
|
||||
[deployment_host]
|
||||
<host_name> ansible_host=<target_ip> ansible_user=<ssh_user> ansible_ssh_common_args='-o ForwardAgent=yes'
|
||||
```
|
||||
|
||||
- Replace `<host_name>` with the desired `hostname` of the remote machine
|
||||
- Replace `<target_ip>` with the IP address or hostname of the target machine
|
||||
- Replace `<ssh_user>` with `root`
|
||||
|
||||
- Verify that you are able to connect to the host using the following command:
|
||||
|
||||
```bash
|
||||
ansible all -m ping -i hosts.ini
|
||||
|
||||
# Expected output:
|
||||
|
||||
# <host_name> | SUCCESS => {
|
||||
# "ansible_facts": {
|
||||
# "discovered_interpreter_python": "/usr/bin/python3.10"
|
||||
# },
|
||||
# "changed": false,
|
||||
# "ping": "pong"
|
||||
# }
|
||||
```
|
||||
|
||||
- Setup `user-vars.yml` using the example file
|
||||
|
||||
```bash
|
||||
cp user-vars.example.yml user-vars.yml
|
||||
```
|
||||
|
||||
- Edit the `user-vars.yml` file:
|
||||
|
||||
```bash
|
||||
# name of the user you want to setup on the target host
|
||||
username: ""
|
||||
|
||||
# password of the user you want to setup on the target host
|
||||
password: ""
|
||||
|
||||
# path to the ssh key on your machine, eg: "/home/user/.ssh/id_rsa.pub"
|
||||
path_to_ssh_key: ""
|
||||
```
|
||||
|
||||
- Execute the `setup-user.yml` Ansible playbook to create a user with passwordless sudo permissions:
|
||||
|
||||
```bash
|
||||
LANG=en_US.utf8 ansible-playbook setup-user.yml -i hosts.ini
|
||||
```
|
@ -1,9 +1,9 @@
|
||||
- name: Configure system
|
||||
hosts: root_host
|
||||
hosts: deployment_host
|
||||
become: yes
|
||||
|
||||
vars_files:
|
||||
- vars/user-vars.yml
|
||||
- user-vars.yml
|
||||
|
||||
tasks:
|
||||
- name: Create a user
|
Loading…
Reference in New Issue
Block a user