Wednesday, July 13, 2016

Terraform, consul, vault - AWS

I am in a mission to setup my AWS cluster with terraform(similar to chef and puppet) , consul (similar to etcd ,  distributed data store), vault ( a secret store )


BTW, I am on ubuntu linux ( 14.04 trusty )

AWS CLI ?

  • http://docs.aws.amazon.com/cli/latest/userguide/cli-chap-welcome.html


AWS Key-pair?

  • http://www.dowdandassociates.com/blog/content/howto-create-an-amazon-ec2-key-pair-using-the-aws-cli/
  • https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html#how-to-generate-your-own-key-and-import-it-to-aws
Terraform?
  • https://www.terraform.io

AWS and Terraform?
  • A very old dated not working example : http://awsadvent.tumblr.com/post/105835590469/aws-advent-2014-using-terraform-to-build
    • A Very hard problem at first to make terraform work
  • $aws ec2 --region us-west-2 create-key-pair --key-name terraform --output text 
    • This will create a key-pair in us-west-2 region and output will be a public key displayed
    • $aws ec2 --region us-west-2 create-key-pair --key-name terraform --output text > terraform.pem
    • Create a terraform.pem file out of this THIS DO not work either, because AWS needs only public key and not the private key
    • https://alestic.com/2010/10/ec2-ssh-keys/
  • With lots of struggle i managed to create certificate and learned a lot
  • AWS has changed the way their key-pair works to be compatible with openSSL
    • http://docs.aws.amazon.com/cli/latest/reference/ec2/import-key-pair.html
  • How to create a local key-pair using openssl and import into AWS correctly?
    • #openssl genrsa -out terraform.pem 2048 
      • This is a cert , private key
    • #openssl rsa -in terraform.pem -pubout > terraform.pub
      • Creating a public key , AWS key pair just needs this. But there is a catch this file has unwanted contents (BEGIN PUBLIC KEY , END PUBLIC KEY  etc...)and new lines
    • #tr -d '\n' < terraform.pub > terraform.pub1; mv terraform1.pub to terraform.pub
      • This is to truncate all new lines, edit it and remove other unwanted text 
  • How to load this above key-pair into AWS?
    • #aws ec2 import-key-pair --key-name terraform --public-key-material <here goes the copy paste of terraform.pub>
      • Remember always the public keys are for the client , in this case here AWS
  • How to start the terraform simple application using above key-pairs?
    • #terraform apply -var 'key_name=terraform-test' -var 'public_key_path=terraform.pub'
    • This takes a lot of time , it created instance and try to connect over SSH to setup terraform playbook.
Posted by at 2 comments:

Tuesday, July 5, 2016

go lang concurrency visually explained

i came across this good blog on concurrency on go

https://blog.codeship.com/visualizing-concurrency-go/

Posted by at No comments:
Subscribe to: Posts (Atom)

bee-social