From 340caa63a2ef01224c1b69db7aa63da8ec20696b Mon Sep 17 00:00:00 2001 From: Peter Amstutz Date: Tue, 28 Mar 2023 16:38:25 -0400 Subject: [PATCH] 16379: doc updates Arvados-DCO-1.1-Signed-off-by: Peter Amstutz --- doc/install/salt-multi-host.html.textile.liquid | 15 ++++++++++++--- tools/salt-install/installer.sh | 11 ++++++++++- .../local.params.example.multiple_hosts | 2 +- 3 files changed, 23 insertions(+), 5 deletions(-) diff --git a/doc/install/salt-multi-host.html.textile.liquid b/doc/install/salt-multi-host.html.textile.liquid index ae76c5b58d..ed6a20197d 100644 --- a/doc/install/salt-multi-host.html.textile.liquid +++ b/doc/install/salt-multi-host.html.textile.liquid @@ -95,7 +95,7 @@ The Terraform state files (that keep crucial infrastructure information from the h4. Terraform code configuration -Each section described above contain a @terraform.tfvars@ file with some configuration values that you should set before applying each configuration. You should set the cluster prefix and domain name in @vpc/terraform.tfvars@: +Each section described above contain a @terraform.tfvars@ file with some configuration values that you should set before applying each configuration. You should set the cluster prefix and domain name in @terraform/vpc/terraform.tfvars@: 
region_name = "us-east-1"
 # cluster_name = "xarv1"
@@ -105,6 +105,15 @@ If you don't set the variables @vpc/terraform.tfvars@ file, you will be asked to
 
 The @data-storage/terraform.tfvars@ and @services/terraform.tfvars@ let you configure the location of your ssh public key (default @~/.ssh/id_rsa.pub@) and the instance type to use (default @m5a.large@).
 
+h4. Set credentials
+
+You will need an AWS access key and secret key to create the infrastructure.
+
+

+$ export AWS_ACCESS_KEY_ID="anaccesskey"
+$ export AWS_SECRET_ACCESS_KEY="asecretkey"
+

+
 h4. Create the infrastructure
 
 Build the infrastructure by running @./installer.sh terraform@.  The last stage will output the information needed to set up the cluster's domain and continue with the installer. for example:
@@ -253,8 +262,8 @@ This can be found wherever you choose to initialize the install files (@~/setup-
 # Set @CLUSTER@ to the 5-character cluster identifier (e.g "xarv1")
 # Set @DOMAIN@ to the base DNS domain of the environment, e.g. "example.com"
 # Set the @*_INT_IP@ variables with the internal (private) IP addresses of each host. Since services share hosts, some hosts are the same.  See "note about /etc/hosts":#etchosts
-# Edit @CLUSTER_INT_CIDR@, this should be the CIDR of the private network that Arvados is running on, e.g. the VPC.
-CIDR stands for "Classless Inter-Domain Routing" and describes which portion of the IP address that refers to the network.  For example 192.168.3.0/24 means that the first 24 bits are the network (192.168.3) and the last 8 bits are a specific host on that network.
+# Edit @CLUSTER_INT_CIDR@, this should be the CIDR of the private network that Arvados is running on, e.g. the VPC.  If you used terraform, this is emitted as @vpc_cidr@.
+_CIDR stands for "Classless Inter-Domain Routing" and describes which portion of the IP address that refers to the network.  For example 192.168.3.0/24 means that the first 24 bits are the network (192.168.3) and the last 8 bits are a specific host on that network._
 _AWS Specific: Go to the AWS console and into the VPC service, there is a column in this table view of the VPCs that gives the CIDR for the VPC (IPv4 CIDR)._
 # Set @INITIAL_USER_EMAIL@ to your email address, as you will be the first admin user of the system.
 # Set each @KEY@ / @TOKEN@ / @PASSWORD@ to a random string.  You can use @installer.sh generate-tokens@
diff --git a/tools/salt-install/installer.sh b/tools/salt-install/installer.sh
index 000ed32929..e5aff213ee 100755
--- a/tools/salt-install/installer.sh
+++ b/tools/salt-install/installer.sh
@@ -202,11 +202,12 @@ case "$subcmd" in
 	if [[ -n "$TERRAFORM" ]] ; then
 	    mkdir $SETUPDIR/terraform
 	    cp -r $TERRAFORM/* $SETUPDIR/terraform/
-		cp $TERRAFORM/.gitignore $SETUPDIR/terraform/
 	fi
 
 	cd $SETUPDIR
 	echo '*.log' > .gitignore
+	echo '**/.terraform' >> .gitignore
+	echo '**/.infracost' >> .gitignore
 
 	if [[ -n "$TERRAFORM" ]] ; then
 		git add terraform
@@ -235,6 +236,13 @@ case "$subcmd" in
 	(cd terraform/services && echo -n 'letsencrypt_iam_secret_access_key = ' && terraform output letsencrypt_iam_secret_access_key) 2>&1 | tee -a $logfile
 	;;
 
+    terraform-destroy)
+	logfile=terraform-$(date -Iseconds).log
+	(cd terraform/services && terraform destroy) 2>&1 | tee -a $logfile
+	(cd terraform/data-storage && terraform destroy) 2>&1 | tee -a $logfile
+	(cd terraform/vpc && terraform destroy) 2>&1 | tee -a $logfile
+	;;
+
     generate-tokens)
 	for i in BLOB_SIGNING_KEY MANAGEMENT_TOKEN SYSTEM_ROOT_TOKEN ANONYMOUS_USER_TOKEN WORKBENCH_SECRET_KEY DATABASE_PASSWORD; do
 	    echo ${i}=$(tr -dc A-Za-z0-9