Prerequisites¶
The installation procedure exploits Ansible to deploy all the INDIGO services.
A Virtual Machine with ansible is mandatory for this purpose, which we will refer to as control machine in the following. This VM will be used to run the installation procedure of each INDIGO component on the remote VMs.
Here, we will exploit the same VM we will use to deploy the Proxy Server.
VM configuration¶
OS | Ubuntu 16.04 |
vCPUs | 2 |
RAM | 4 GB |
Network | Public and private IP address. |
This VM will be used as control machine
VM to run Ansible and will also serve as host for the proxy server.
Warning
All the command will be run on this control machine
VM!
Ansible installation¶
Ansible can be easily installed following the documentation.
We tested the whole procedure using Ansible 2.8.3
with Ubuntu 16.04.
Configuration¶
- Clone the indigopaas-deploy repository, the collection of recipes to install INDIGO-DataCloud PaaS micro-services
# git clone -b v1.0 https://github.com/indigo-dc/indigopaas-deploy.git # cd indigopaas-deploy # mkdir ansible/inventory
Create the file
indigopaas-deploy/ansible/inventory/inventory
and set the IP of the virtual machines for each service as shown in the following:[iam] <iam_vm_public_ip> [im] <im_vm_private_ip> [cmdb] <cmdb_vm_private_ip> [cpr] <cpr_vm_private_ip> [slam] <slam_vm_public_ip> [proxy] <proxy_vm_private_ip> [orchestrator] <orchestrator_vm_private_ip> [vault] <vault_vm_public_ip> [orchestrator-dashboard] <dashboard_vm_public_ip>
Warning
CMDB and CPR will be host on the same Virtual Machine in this guide.
Warning
Vault and the Orchestrator Dashboard will be host on the same Virtual Machine in this guide.
Create the
group_vars
directory inindigopaas-deploy/ansible/inventory/
# cd indigopaas-deploy/ansible/inventory # mkdir group_vars
This directory will be populated with the YAML files with the configuration variables for each indigo component, with the following structure:
group_vars/├── cmdb.yml├── iam.yaml├── im.yaml├── orchestrator.yaml├── proxy.yaml└── slam.yaml
SSH key pair configuration¶
To run Ansible on remote hosts we need to configure an SSH connection on each VM.
You can create a new SSH key
# ssh-keygen -t rsa -b 4096
The default vaules should be ok.
Then you can distribute your new key copying and pasting the public key, i.e. the content of the file .ssh/id_rsa.pub
, to /root/.ssh/authorized_keys
on each virtual machine allowing ansible to to execute indigopaas-deploy roles.
Warning
The Ansible roles will install all the services over HTTPS protocol using Let’s Eencrypt certificates.