-
Notifications
You must be signed in to change notification settings - Fork 7
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[#130102001] Bootstrap bosh and concourse #1
Conversation
The MIT License (MIT) Copyright (c) 2015 Crown Copyright (Government Digital Service)
Contains global variables used in all terraform runs and across all environments. Contains dev and CI specific environment variables. See https://github.com/alphagov/paas-cf/tree/master/terraform for commit history.
Create the bucket that will receive bosh-init state, manifests, secrets, keys, etc used in the whole pipeline. See https://github.com/alphagov/paas-cf/tree/master/terraform for commit history.
Create the AWS VPC, subnets and the default SSH security group. See https://github.com/alphagov/paas-cf/tree/master/terraform for commit history.
I'm in general happy with the PR, waiting to test it. |
@saliceti can you hook this with travis? Shall we include the |
0ed0f2a
to
b48f7f8
Compare
Travis enabled, thanks.
|
b48f7f8
to
ee7464f
Compare
- | | ||
if [ -z "$(tar -tvzf existing-bosh-CA/bosh-CA.tar.gz)" ] ; then | ||
certstrap init --passphrase "" --common-name bosh-CA | ||
( cd out && tar -cvzf generated-bosh-CA/bosh-CA.tar.gz bosh-CA.* ) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This won't work:
$ git diff
diff --git a/concourse/pipelines/create.yml b/concourse/pipelines/create.yml
index 38d5385..3df7f97 100644
--- a/concourse/pipelines/create.yml
+++ b/concourse/pipelines/create.yml
@@ -284,7 +284,7 @@ jobs:
- |
if [ -z "$(tar -tvzf existing-bosh-CA/bosh-CA.tar.gz)" ] ; then
certstrap init --passphrase "" --common-name bosh-CA
- ( cd out && tar -cvzf generated-bosh-CA/bosh-CA.tar.gz bosh-CA.* )
+ ( cd out && tar -cvzf ../generated-bosh-CA/bosh-CA.tar.gz bosh-CA.* )
else
echo "The CA cert already exists, skipping generation..."
cp existing-bosh-CA/bosh-CA.tar.gz generated-bosh-CA/bosh-CA.tar.gz
Looks good to me, waiting for https://github.gds/government-paas/aws-account-wide-terraform/pull/58 to merge |
Create the AWS configuration required to install bosh. It includes security groups, key pairs, elastic IP and DNS, S3 bucket for blobstore and RDS database. See https://github.com/alphagov/paas-cf/tree/master/terraform for commit history.
Create the configuration required to install concourse. Includes security groups, elastic IP, ELB, git repository, ssh keys. See https://github.com/alphagov/paas-cf/tree/master/terraform for commit history.
Some tests run are written and ruby and require these dependencies. See https://github.com/alphagov/paas-cf/blob/master/Gemfile for commit history.
Common tools to generate and test bosh manifests. They are used for bosh and concourse manifests. See https://github.com/alphagov/paas-cf/tree/master/manifests for commit history.
Manifest used with bosh-init to install bosh. Contains manifests that will be merged with spruce and tests to check the validity of the generated manifest. See https://github.com/alphagov/paas-cf/tree/master/manifests for commit history.
Manifest used with bosh to deploy concourse. It is merged with other data files by spruce to produce the final manifest. Contains test to check the validity of the final manifest. See https://github.com/alphagov/paas-cf/tree/master/manifests for commit history.
Required to run aws commands and run yaml liniting tests. See https://github.com/alphagov/paas-cf/blob/master/requirements.txt for commit history.
The scripts connect to concourse with fly. Fly is downloaded from concourse and is run from inside the bin directory. It must be created beforehand. See alphagov/paas-cf@02c331e.
Used to seed the state bucket with valid but empty files. There is a variety of files depending of the application using them: bosh-init, terraform, etc. See https://github.com/alphagov/paas-cf/tree/master/concourse/init_files for commit history.
Main pipeline to bootstrap a VPC containing running bosh and concourse. Contains a pipeline to create the environment, and another one to destroy it. See https://github.com/alphagov/paas-cf/tree/master/concourse/pipelines for commit history.
Pipeline to automatically terminate concourse lite vagrant VM after 8pm. See https://github.com/alphagov/paas-cf/commits/master/concourse/pipelines/concourse-lite-self-terminate.yml for commit history.
Utility scripts to configure environment variables, deploy pipelines, extract variables, login to concourse, login to bosh, etc. See https://github.com/alphagov/paas-cf/tree/master/concourse/scripts for commit history.
Create a concourse lite in AWS using vagrant and automatically upload the bootstrap pipelines. See https://github.com/alphagov/paas-cf/tree/master/vagrant for commit history.
Configures travis to automatically run the tests when a commit is pushed to github. See https://github.com/alphagov/paas-cf/blob/master/.travis.yml for commit history.
Useful commands to manage the environment. Also used to configure variables specific to each environment. See https://github.com/alphagov/paas-cf/blob/master/Makefile for commit history.
Ignore files that should not be under version control. See https://github.com/alphagov/paas-cf/blob/master/.gitignore for commit history.
See https://github.com/alphagov/paas-cf/blob/master/README.md for commit history.
ee7464f
to
78ed9c6
Compare
After discussion with @saliceti and @bleach it was decided we would rename the buckets to have a prefix of I have changed the state bucket to |
Just to keep record of it, I got this error while deploying in
Rerunning solved the issue. I guess it takes some time to get the Server Certificate ready to be used. It is fine, as rerunning solves the issue and it is one-off. |
We had this in the past, I hope it's not a regression in Terraform:
This is not directly related to this PR. |
I merge this after https://github.gds/government-paas/aws-account-wide-terraform/pull/58 has been merged. |
Ruby 2.2 reached EOL on 2018-03-31 (#1), so we decided to migrate to the latest stable version.
Ruby 2.2 reached EOL on 2018-03-31 (#1), so we decided to migrate to the latest stable version.
Ruby 2.2 reached EOL on 2018-03-31 (#1), so we decided to migrate to the latest stable version.
Ruby 2.2 reached EOL on 2018-03-31 (#1), so we decided to migrate to the latest stable version.
Ruby 2.2 reached EOL on 2018-03-31 (#1), so we decided to migrate to the latest stable version.
Ruby 2.2 reached EOL on 2018-03-31 (#1), so we decided to migrate to the latest stable version.
What
Story: Create custom release concourse
We need a new concourse that will be used to build bosh releases. It was decided to take the opportunity and deploy this concourse with bosh instead of bosh-init. The main reasons are:
This is now a generic concourse that we will use to build bosh releases, but eventually paas-cf may be migrated to use it for its bootstrap. We created a new repository that uses a lot of the paas-cf code so most is already known. The main changes are:
We have made other smaller changes:
How to review
localhost:8080
and startcreate
pipelinehttps://concourse.testabcd.dev.cloudpipeline.digital
make test
passes successfullyCreate the build CI
localhost:8080
and startcreate
pipelinehttps://concourse.build.ci.cloudpipeline.digital
Who can review
Anyone but @henrytk or myself