From 1e216d4d8b4610891bda9b55a83d08619837c6b6 Mon Sep 17 00:00:00 2001 From: Thomas Wiest Date: Tue, 28 Oct 2014 11:03:14 -0400 Subject: doc update --- README.md | 16 ++++++++++++++++ README_AWS.md | 40 ++++++++++++++++++++++++++++++++++++++++ README_GCE.md | 56 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ README_GCE.txt | 48 ------------------------------------------------ 4 files changed, 112 insertions(+), 48 deletions(-) create mode 100644 README.md create mode 100644 README_AWS.md create mode 100644 README_GCE.md delete mode 100644 README_GCE.txt diff --git a/README.md b/README.md new file mode 100644 index 000000000..8d18a390f --- /dev/null +++ b/README.md @@ -0,0 +1,16 @@ +openshift-online-ansible +======================== + +This repo houses ansible code used in OpenShift Online. + +Setup +----- +- Install base dependencies: + - Fedora: + ``` + yum install ansible rubygem-parseconfig + ``` + +- Setup for a specific cloud: + - [AWS](../blob/master/README_AWS.md) + - [GCE](../blob/master/README_GCE.md) diff --git a/README_AWS.md b/README_AWS.md new file mode 100644 index 000000000..2602f9883 --- /dev/null +++ b/README_AWS.md @@ -0,0 +1,40 @@ + +AWS Setup Instructions +====================== + +Get AWS API credentials +----------------------- +1. [AWS credentials documentation](http://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSGettingStartedGuide/AWSCredentials.html) + + +Create a credentials file +------------------------- +1. Create a credentials file (eg ~/.aws_creds) that looks something like this (variables must have have these exact names). +``` + export AWS_ACCESS_KEY_ID='AKIASTUFF' + export AWS_SECRET_ACCESS_KEY='STUFF' +``` + +1. source this file +``` + source ~/.aws_creds +``` + +1. Note: You must source this file in each shell that you want to run cloud.rb + + +Install Dependencies +-------------------- +1. Ansible requires python-boto for aws operations: +``` + yum install -y ansible python-boto +``` + + +Test The Setup +-------------- +1. cd openshift-online-ansible +1. Try to list all instances: +``` + ./cloud.rb aws list +``` diff --git a/README_GCE.md b/README_GCE.md new file mode 100644 index 000000000..343d3aedd --- /dev/null +++ b/README_GCE.md @@ -0,0 +1,56 @@ + +GCE Setup Instructions +====================== + +Get a gce service key +--------------------- +1. ask your GCE project administrator for a GCE service key + +Note: If your GCE project does not show a Service Account under /APIs & auth/Credentials, you will need to use "Create new Client ID" to create a Service Account. + + +Convert a GCE service key into a pem (for ansible) +-------------------------------------------------- +1. The gce service key looks something like this: os302gce-ef83bd90f261.p12 +.. the ef83bd90f261 part is the public hash +1. Be in the same directory as the p12 key file. +1. The commands below should be copy / paste-able +1. Run these commands: +``` + # Temporarily set hash variable + export GCE_KEY_HASH=ef83bd90f261 + + # Convert the service key (note: 'notasecret' is literally what we want here) + openssl pkcs12 -in os302gce-${GCE_KEY_HASH}.p12 -passin pass:notasecret -nodes -nocerts | openssl rsa -out os302gce-${GCE_KEY_HASH}.pem + + # Move the converted service key to the .ssh dir + mv os302gce-${GCE_KEY_HASH}.pem ~/.ssh + + # Set a sym link so it is easy to reference + ln -s ~/.ssh/os302gce-${GCE_KEY_HASH}.pem ~/.ssh/os302gce_priv_key.pem +``` + +1. Once this is done, put the original service key file (os302gce-ef83bd90f261.p12) somewhere safe, or delete it (your call, I don not know what else we will use it for, and we can always regen it if needed). + + + +Install Dependencies +-------------------- +1. Ansible requires libcloud for gce operations: +``` + yum install -y ansible python-libcloud +``` + + +Test The Setup +-------------- +1. cd li-ops/cloud +2. Try to list all instances: +``` + ./cloud.rb gce list +``` + +3. Try to create an instance: +``` + ./cloud.rb gce launch -n ${USER}-minion1 -e int --type os3-minion +``` diff --git a/README_GCE.txt b/README_GCE.txt deleted file mode 100644 index 3848778a1..000000000 --- a/README_GCE.txt +++ /dev/null @@ -1,48 +0,0 @@ - -GCE Setup Instructions - -Get a gce service key ---------------------- -1. ping twiest and ask for a GCE service key - -Note: If your GCE project doesn't show a Service Account under /APIs & auth/Credentials, you will need to use "Create new -Client ID" to create a Service Account. - - -Convert a GCE service key into a pem (for ansible) --------------------------------------------------- -1. The gce service key looks something like this: os302gce-ef83bd90f261.p12 -2. the ef83bd90f261 part is the public hash -3. Be in the same directory as the p12 key file. -4. The commands below should be copy / paste-able -5. Run these commands: - # Temporarily set hash variable - export GCE_KEY_HASH=ef83bd90f261 - - # Convert the service key (note: 'notasecret' is literally what we want here) - openssl pkcs12 -in os302gce-${GCE_KEY_HASH}.p12 -passin pass:notasecret -nodes -nocerts | openssl rsa -out os302gce-${GCE_KEY_HASH}.pem - - # Move the converted service key to the .ssh dir - mv os302gce-${GCE_KEY_HASH}.pem ~/.ssh - - # Set a sym link so it's easy to reference - ln -s ~/.ssh/os302gce-${GCE_KEY_HASH}.pem ~/.ssh/os302gce_priv_key.pem - -6. Once this is done, put the original service key file (os302gce-ef83bd90f261.p12) somewhere safe, or delete it (your call, I don't know what else we'll use it for, and we can always regen it if needed) - - - -Install Dependencies (not needed for ctl1) ------------------------------------------- -1. Ansible requires libcloud for gce operations: - yum install -y ansible python-libcloud - - -Test The Setup --------------- -1. cd li-ops/cloud -2. Try to list all instances: - ./cloud.rb gce list - -3. Try to create an instance: - ./cloud.rb gce launch -n ${USER}-minion1 -e int --type os3-minion -- cgit v1.2.3