# Perforce Instance with Replica in AWS with Terraform

## Requirements

* Terraform: https://www.terraform.io/downloads.html
* AWS Account IAM user (don't recommend you use your root account) setup with policies:
  * IAMUserChangePassword
  * STSFullAccess
  * AmazonEC2FullAccess
* SSH Keypair
* Ansible ("pip install ansible")

Suggest you have appropriate entries in ~/.aws/config and ~/.aws/credentials

## Download or clone project

```bash
mkdir /work/sdp-cloud-deploy
p4 -u <workshop-user> clone -p public.perforce.com:1666 -f //guest/perforce_software/sdp-cloud-deploy/main/...
```

## Initialise Terraform

In root directory of project:

```bash
terraform init
```

## Configure values

* env/dev/eu-west-1.tfvars - rename as appropriate and edit

* provider.tf
  * profile - value is your AWS account
* variables.tf
  * aws_region
  * az-subnet-mapping - make az match
  and specify the "profile" variable with the name of your AWS.
* instance_1.tf
  * adjust size of volume(s) as desired
* instance_2.tf
  * ditto for replica

## Define your AWS profile and ssh key

Ensure your public key is in files/id_rsa.pub

## Create the Stack

Then, provision resources with:

```bash
terraform plan -var-file=env/dev/eu-west-1.tfvars
```

Note it is possible to have multiple workspaces, e.g. dev and prod.

To actually create:

```bash
terraform apply -var-file=env/dev/eu-west-1.tfvars
```


## Outputs

If you want to know the endpoints of resources created by this stack (e.g. EFS), run:

```bash
terraform output
```

(all outputs are defined in outputs.tf)

## SSH Access

Get one of the two public DNS records via:

```bash
terraform output
```

And then connect via SSH:

```bash
ssh -i private/id_rsa ec2-user@[publicDnsRecord]
```

Please note that the SSH public keys such as files/id_rsa.pub will be used to configure the SSH access for user ec2-user on the VMs.

You can add multiple public keys to this folder as desired.

## Update hosts information for Ansible

This will use "terraform output" to get IP addresses etc and will update the 2 files:

- hosts
- sdp/hosts.yaml

```bash
./update_hosts.py
```

## Review Ansible configuration files

These are in the sdp directory:

* passwords.yaml
* mkdirs.1.cfg (as used by SDP)
* hosts.yaml (updated as above)

The following ssh keys are installed for perforce user account on both boxes and SSH is configured to allow ssh between master and replica without password prompt. This key pair can be regenerated so you can replace these files (but must be without a password):

* private/id_rsa
* private/id_rsa.pub

## Run Ansible to format and mount filesystems

```bash
ansible-playbook -i hosts sdp/filesystems.yaml
```

## Run Ansible to install SDP and replica

```bash
ansible-playbook -i hosts sdp/install_sdp.yaml
ansible-playbook -i hosts sdp/create_replica.yaml
```

Then check you have access:

```bash
p4 -p <IPaddress-of-replica>:1666 -u perforce pull -lj
```

You will be prompted for password which has been created from entry in file sdp/passwords.yaml

## Destroy the created Stack

Make sure the instances have been stopped. You will not be able to destroy them otherwise.

Then, run:

```bash
tf destroy -var-file env/dev/eu-west-1.tfvars
```