From 89101ee9e41d57fdac53096c35d259347d73c11f Mon Sep 17 00:00:00 2001 From: Sierra Taylor Moxon Date: Wed, 27 Nov 2024 09:39:32 -0800 Subject: [PATCH 1/3] add more terraform instructions for deleting workspaces --- provision/production/PRODUCTION_PROVISION_README.md | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/provision/production/PRODUCTION_PROVISION_README.md b/provision/production/PRODUCTION_PROVISION_README.md index 559ff71..ffc1c05 100644 --- a/provision/production/PRODUCTION_PROVISION_README.md +++ b/provision/production/PRODUCTION_PROVISION_README.md @@ -288,14 +288,17 @@ go-deploy --workspace REPLACE_ME_WITH_S3_WORKSPACE_NAME --working-directory aws ```bash # Destroy Manually -# Make sure you point to the correct workspace before destroying the stack. +# Make sure you point to the correct workspace before destroying the stack. +# You need to be "in" the workspace you want to destroy. You can use the following commands to help you. terraform -chdir=aws workspace list +terraform -chdir=aws workspace select # change to the workspace you want to destroy. terraform -chdir=aws workspace show # shows the name of the current workspace terraform -chdir=aws show # shows the state you are about to destroy terraform -chdir=aws destroy # You would need to type Yes to approve. -# Now delete the workspace. +# Now delete the workspace. You need to not be in the workspace that was deleted to do this final removal. We +# pick the default workspace. terraform -chdir=aws workspace select default # change to default workspace terraform -chdir=aws workspace delete # delete workspace. @@ -310,7 +313,7 @@ docker run --rm --name go-dev -it geneontology/go-devops-base:tools-jammy-0.4.4 ``` In the command above we used the `--rm` option which means the container will be deleted when you exit. -If that is not the intent and you want to delete it later at your own convenience. Use the following `docker run` command. +If that is not the intent, and you want to delete it later at your own convenience. Use the following `docker run` command. ```bash docker run --name go-dev -it geneontology/go-devops-base:tools-jammy-0.4.4 /bin/bash From e909c3ea841193606fc85c9ffe131a8fa64b4459 Mon Sep 17 00:00:00 2001 From: Sierra Taylor Moxon Date: Wed, 27 Nov 2024 11:36:50 -0800 Subject: [PATCH 2/3] remove non functioning destroy command --- provision/production/PRODUCTION_PROVISION_README.md | 6 ------ 1 file changed, 6 deletions(-) diff --git a/provision/production/PRODUCTION_PROVISION_README.md b/provision/production/PRODUCTION_PROVISION_README.md index ffc1c05..b3d45c6 100644 --- a/provision/production/PRODUCTION_PROVISION_README.md +++ b/provision/production/PRODUCTION_PROVISION_README.md @@ -280,12 +280,6 @@ docker inspect --format "{{json .State.Health }}" go-fastapi ## Destroy Instance and other destructive things: -```bash -# Destroy Using Tool. -# Make sure you point to the correct workspace before destroying the stack by using the -show command or the -output command -go-deploy --workspace REPLACE_ME_WITH_S3_WORKSPACE_NAME --working-directory aws -verbose -destroy -``` - ```bash # Destroy Manually # Make sure you point to the correct workspace before destroying the stack. From c44fa5bb927f202132708c1ab66610755a4b503c Mon Sep 17 00:00:00 2001 From: Sierra Taylor Moxon Date: Wed, 27 Nov 2024 11:42:53 -0800 Subject: [PATCH 3/3] remove old snip text --- .../production/PRODUCTION_PROVISION_README.md | 23 ++++++++----------- 1 file changed, 10 insertions(+), 13 deletions(-) diff --git a/provision/production/PRODUCTION_PROVISION_README.md b/provision/production/PRODUCTION_PROVISION_README.md index b3d45c6..44b5673 100644 --- a/provision/production/PRODUCTION_PROVISION_README.md +++ b/provision/production/PRODUCTION_PROVISION_README.md @@ -32,11 +32,7 @@ This guide describes the deployment of the `go-fastapi` stack to AWS using Terra #### DNS: -DNS records are used for `go-fastapi`; they are typically the "production" record and the dev/testing record. Yhe go-deploy tool allows for creating DNS records (type A) that would be populated by the public ip addresses of the aws instance. If you don't use this option, you would need to point this record to the elastic IP of the VM. For testing purposes, you can use: `aes-test-go-fastapi.geneontology.org` or any other record that you create in Route 53. - -**NOTE**: If using cloudflare, you would need to point the cloudflare dns record to the elastic IP. - -# BREAK FOR NEW DOC # +**NOTE**: For production, API routing is configured via cloudflare, you point the cloudflare dns record to the elastic IP generated with this procedure. ## Configuring and deploying EC2 _instances_: @@ -44,13 +40,16 @@ This is all completed in a dockerized development environment (all commands take 1. Prepare _your_ AWS credentials: -Your (personal developer) AWS credentials are used by Terraform to provision the AWS instance and by the provisioned instance to access the certificate store and the S3 buckets used to store Apache logs. These are your personal AWS credentials and should have been appropriately created to give you these permissions. +Your (personal developer) AWS credentials are used by Terraform to provision the AWS instance and by the provisioned +instance to access the certificate store and the S3 buckets used to store Apache logs. These are your personal AWS +credentials and should have been appropriately created to give you these permissions. -**NOTE**: specifically, you will need to supply an `aws_access_key_id` and `aws_secret_access_key`. These will be marked with `REPLACE_ME` in the `go-aws-credentials.sample` file farther down. +**NOTE**: specifically, you will need to supply an `aws_access_key_id` and `aws_secret_access_key`. +These will be marked with `REPLACE_ME` in the `go-aws-credentials.sample` file farther down. 2. SSH Keys -The keys we'll be using can be found in the shared SpderOak store. If you don't know what this is, ask @kltm. +The keys we'll be using can be found in the shared SpiderOak store. If you don't know what this is, ask @kltm. For testing purposes you can use your own ssh keys. But for production please ask for the go ssh keys. /tmp/go-ssh.pub @@ -172,7 +171,8 @@ Finally, just show the IP address of the AWS instance: go-deploy --workspace REPLACE_ME_WITH_S3_WORKSPACE_NAME --working-directory aws -verbose -output ``` -**NOTE**: write down the IP address of the AWS instance that is created. This can also be found in `REPLACE_ME_WITH_S3_WORKSPACE_NAME.cfg` (e.g. go-api-production-YYYY-MM-DD.cfg). +**NOTE**: write down the IP address of the AWS instance that is created. +This can also be found in `REPLACE_ME_WITH_S3_WORKSPACE_NAME.cfg` (e.g. go-api-production-YYYY-MM-DD.cfg). Useful details for troubleshooting: These commands will produce an IP address in the resulting `inventory.json` file. @@ -201,8 +201,6 @@ terraform -chdir=aws output # shows public ip of aws instance These commands continue to be run in the dockerized development environment. -**POSSIBLE CUT START** -```bash * replace "REPLACE_ME" values in config-instance.yaml for dns_record_name and dns_zone_id, dns_zone_id should be "Z04640331A23NHVPCC784" and dns_record_name is the FQDN plus the REPLACE_ME_WITH_TERRAFORM_BACKEND, eg. api-production-2024-08-21.geneontology.org * Location of SSH keys may need to be replaced after copying config-stack.yaml.sample @@ -210,9 +208,8 @@ dns_zone_id should be "Z04640331A23NHVPCC784" and dns_record_name is the FQDN pl * S3 uri if SSL is enabled. Location of SSL certs/key * QoS mitigation if QoS is enabled * Use the same workspace name as in the previous step -**POSSIBLE CUT END** -Let's ready the the instance, starting by editing the config: +Let's ready the instance, starting by editing the config: ```bash cp ./production/config-stack.yaml.sample ./config-stack.yaml emacs ./config-stack.yaml