1 Starting up a new AWSible environment
2 -------------------------------------
4 * create ssh keypair as keys/management{,.pub}
6 * configure group_vars/all with:
8 - DEFAULT_AMI ami of amazon linux in chosen region
11 * install managed policies by hand
12 for f in roles/aws-infrastructure/files/*-policy.json
14 n=$(basename "$f" .json)
15 aws --region "{{ vpc_region }}" iam create-policy --policy-name "$n" --description "{{ get this from somewhere }}" --policy-document file://"$f"
18 * ansible-playbook init_vpc.yml
20 * add IGW to VPC Main route table
22 * change pub-subnets to auto-assign external IPs
24 * configure group_vars/all with chosen MANAGEMENT_SUBNET
26 * ansible-playbook init_management.yml
28 * add base and management policies to management IAM role
30 * create persistant management data volume
32 mkfs -t ext4 -j -m 0 -L /media/data /dev/xvdf
34 mkdir /media/data && chown ec2-user:ec2-user /media/data
35 LABEL=/media/data /media/data ext4 defaults 0 2
37 * install AWSible repo in /data/management/
39 * bootstrap management server from external system
40 * INVENTORY_PUBLIC=1 ansible-playbook management.yml