git.squeep.com Git - awsible/blob - BOOTSTRAP.txt

   1 Starting up a new AWSible environment
   2 -------------------------------------
   3
   4 * create ssh keypair as keys/management{,.pub}
   5
   6 * configure group_vars/all with:
   7   - ACCT_ID   aws acct id
   8   - DEFAULT_AMI  ami of amazon linux in chosen region
   9   - vpc variables
  10
  11 * install managed policies by hand
  12     for f in roles/aws-infrastructure/files/*-policy.json
  13     do
  14         n=$(basename "$f" .json)
  15         aws --region "{{ vpc_region }}" iam create-policy --policy-name "$n" --description "{{ get this from somewhere }}" --policy-document file://"$f"
  16     done
  17
  18 * ansible-playbook init_vpc.yml
  19
  20 * add IGW to VPC Main route table
  21
  22 * change pub-subnets to auto-assign external IPs
  23
  24 * configure group_vars/all with chosen MANAGEMENT_SUBNET
  25
  26 * ansible-playbook init_management.yml
  27
  28 * add base and management policies to management IAM role
  29
  30 * create persistant management data volume
  31     * attach and format
  32       mkfs -t ext4 -j -m 0 -L /media/data /dev/xvdf
  33     * add to /etc/fstab
  34       mkdir /media/data && chown ec2-user:ec2-user /media/data
  35       LABEL=/media/data /media/data    ext4    defaults 0   2
  36       mount -a
  37     * install AWSible repo in /data/management/
  38
  39 * bootstrap management server from external system
  40     * INVENTORY_PUBLIC=1 ansible-playbook management.yml
  41