Skip to content

kelshmo/scicomp-infra

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

346 Commits
config/prod
config/prod
 
 
hooks
hooks
 
 
scripts
scripts
 
 
templates
templates
 
 
.gitignore
.gitignore
 
 
.travis.yml
.travis.yml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Overview

Install, configure and manage the AWS scicomp account.

Instructions to create or update CF stacks

need to redo this..

# Update CF stacks with sceptre:
# sceptre launch-stack prod <stack_name>

The above should setup resources for the AWS account. Once the infrastructure for the account has been setup you can access and view the account using the AWS console.

Note - This project depends on CF templates from other accounts.

Scicomp

Provision EC2 instances

aws --profile scicomp --region us-east-1 \
cloudformation create-stack --stack-name khai-instance1 \
--capabilities CAPABILITY_NAMED_IAM \
--template-url https://s3.amazonaws.com/bootstrap-awss3cloudformationbucket-114n2ojlbvj21/scicomp-infra/master/accounts.yaml \
--parameters \
ParameterKey=InstanceType,ParameterValue="t2.nano" \
ParameterKey=JcServiceApiKey,ParameterValue="abcd111122223333aaaabbbbccccddddeeeeffff" \
ParameterKey=JcSystemsGroupId,ParameterValue="1eabd8df45bf6d7d2a32d4ff" \
ParameterKey=JcConnectKey,ParameterValue="0123456789abcdef0123456789abcdef01234567" \
ParameterKey=KeyName,ParameterValue="scicomp" \
ParameterKey=VpcName,ParameterValue="computevpc" \
ParameterKey=VpcSubnet,ParameterValue="PrivateSubnet"

Note - check default parameters in the template

The above should create an EC2 instance and join the instance to a Sage Jumpcloud "system group" identified by $JcSystemsGroupId. Jumpcloud "User groups" that have access to $JcSystemsGroupId will have access to this instance.

Jumpcloud System Groups

Find system groups by using the Jumpcloud API

curl -X GET https://console.jumpcloud.com/api/v2/systemgroups \
  -H 'Accept: application/json' \
  -H 'Content-Type: application/json' \
  -H 'x-api-key: abcd111122223333aaaabbbbccccddddeeeeffff'

Jumpcloud Systems

Find systems by using the Jumpcloud API

curl -X GET https://console.jumpcloud.com/api/systems \
  -H 'Accept: application/json' \
  -H 'Content-Type: application/json' \
  -H 'x-api-key: abcd111122223333aaaabbbbccccddddeeeeffff'

Workflow

This is how EC2 provisioning works for this account.

  1. Create the EC2 instance with the above command.
  2. Locate the IP address of the newly provisioned EC2 instance.
  3. Login to the Sage VPN. (only required if the instance is in a private subnet)
  4. ssh to the ip address with a jumpcloud user account and ssh key (i.e. ssh jsmith@10.5.67.102)

Delete EC2 instances

Steps required to delete an instance.

  1. Delete the stack from AWS.
aws --profile scicomp --region us-east-1 \
cloudformation delete-stack --stack-name khai-instance1

The above should delete the EC2 instance that was provisioned in the Provision EC2 instance step

  1. Delete EC2 from Jumpcloud
curl -X DELETE https://console.jumpcloud.com/api/systems/5aabfa45f626352a235780a8 \
  -H 'Accept: application/json' \
  -H 'Content-Type: application/json' \
  -H 'x-api-key: abcd111122223333aaaabbbbccccddddeeeeffff'

Continuous Integration

We have configured Travis to deploy CF template updates. Travis deploys using sceptre

Contributions

Issues

Builds

Secrets

  • We use the AWS SSM to store secrets for this project. Sceptre retrieves the secrets using a sceptre ssm resolver and passes them to the cloudformation stack on deployment.

About

No description, website, or topics provided.

Resources

Readme

License

Apache-2.0 license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 96.4%
  • Shell 3.6%