About

  • 1
    Member
  • 0
    Followers
  • 1
    Branch
Owners
josh (Josh Eror)perforce_software (perforce_software)robert_cowham (Robert Cowham)tom_tyler (C. Thomas Tyler)
Members
perforce_software (perforce_software)
Followers
Branches
  • Main

Perforce Instance with Replica in AWS with Terraform

Requirements

  • Terraform: https://www.terraform.io/downloads.html
  • AWS Account IAM user (don't recommend you use your root account) setup with policies:
    • IAMUserChangePassword
    • STSFullAccess
    • AmazonEC2FullAccess
  • SSH Keypair
  • Ansible ("pip install ansible")

Suggest you have appropriate entries in ~/.aws/config and ~/.aws/credentials

Download or clone project

mkdir /work/sdp-cloud-deploy
p4 -u <workshop-user> clone -p public.perforce.com:1666 -f //guest/perforce_software/sdp-cloud-deploy/main/...

Initialise Terraform

In root directory of project:

terraform init

Configure values

  • env/dev/eu-west-1.tfvars - rename as appropriate and edit

  • provider.tf

    • profile - value is your AWS account
  • variables.tf

    • aws_region
    • az-subnet-mapping - make az match and specify the "profile" variable with the name of your AWS.
  • instance_1.tf

    • adjust size of volume(s) as desired
  • instance_2.tf

    • ditto for replica

Define your AWS profile and ssh key

Ensure your public key is in files/id_rsa.pub

Create the Stack

Then, provision resources with:

terraform plan -var-file=env/dev/eu-west-1.tfvars

Note it is possible to have multiple workspaces, e.g. dev and prod.

To actually create:

terraform apply -var-file=env/dev/eu-west-1.tfvars

Outputs

If you want to know the endpoints of resources created by this stack (e.g. EFS), run:

terraform output

(all outputs are defined in outputs.tf)

SSH Access

Get one of the two public DNS records via:

terraform output

And then connect via SSH:

ssh -i private/id_rsa ec2-user@[publicDnsRecord]

Please note that the SSH public keys such as files/id_rsa.pub will be used to configure the SSH access for user ec2-user on the VMs.

You can add multiple public keys to this folder as desired.

Update hosts information for Ansible

This will use "terraform output" to get IP addresses etc and will update the 2 files:

  • hosts
  • sdp/hosts.yaml
./update_hosts.py

Review Ansible configuration files

These are in the sdp directory:

  • passwords.yaml
  • mkdirs.1.cfg (as used by SDP)
  • hosts.yaml (updated as above)

The following ssh keys are installed for perforce user account on both boxes and SSH is configured to allow ssh between master and replica without password prompt. This key pair can be regenerated so you can replace these files (but must be without a password):

  • private/id_rsa
  • private/id_rsa.pub

Run Ansible to format and mount filesystems

ansible-playbook -i hosts sdp/filesystems.yaml

Run Ansible to install SDP and replica

ansible-playbook -i hosts sdp/install_sdp.yaml
ansible-playbook -i hosts sdp/create_replica.yaml

Then check you have access:

p4 -p <IPaddress-of-replica>:1666 -u perforce pull -lj

You will be prompted for password which has been created from entry in file sdp/passwords.yaml

Destroy the created Stack

Make sure the instances have been stopped. You will not be able to destroy them otherwise.

Then, run:

tf destroy -var-file env/dev/eu-west-1.tfvars