This repository is no longer maintained. It was used for an alpha project by the Government PaaS team. You can follow what we're doing now at alphagov/paas-cf.
You need Terraform >= 0.5.0, e.g. brew install terraform.
You need an SSH key. The private key needs to be chmod to 600.
You need the cloud provider credentials. These will be entered on the command line.
The terraform provider for GCE requires access to an 'account.json' file - this is available from GCE's web interface in the 'credentials' section.
Please note, for our team this is currently shared as it's not clear that we can create multiple accounts. If you are on the team please obtain the credentials from someone else. There is a story in our backlog to address this.
The terraform provider for AWS will read the standard AWS credentials environment variables. You must have these variables exported:
AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY
You can get the credentials from the AWS console.
Before doing anything you will need prepare some files for Terraform:
make prep
If you don't, you will get this error:
* file: open ETCD_CLUSTER_ID: no such file or directory in:
${file("ETCD_CLUSTER_ID")}
In order to provision a test environment:
- Go to the desired platform directory:
cd awsorcd gce - run
terraform apply -var env=<env-name-prefix> -var force_destroy=true
IMPORTANT: The option -var force_destroy=true will mark all the resources,
including datastores, to be deleted when destroying the environment.
This is OK in test environment, but dangerous in production ones.
When you destroy the infrastructure, you will get an error if you try to
delete a non empty GCS or S3 bucket if the option force_destroy=true was
not initially set.
To force the destruction of the bucket content you need to reapply terraform
to update the state (file terraform.tfstate). Limit the scope of apply to
the bucket with -target to avoid recreating all the other resources:
# On AWS:
terraform apply -var env=<env-name-prefix> -var force_destroy=true -target=aws_s3_bucket.registry-s3
terraform taint aws_instance.tsuru-db # Required due to [bug in Terraform detaching EBS Volumes](https://github.com/hashicorp/terraform/issues/2957)
terraform destroy -var env=<env-name-prefix> -var force_destroy=true
# On GCE:
terraform apply -var env=<env-name-prefix> -var force_destroy=true -target=google_storage_bucket.registry-gcs
terraform destroy -var env=<env-name-prefix> -var force_destroy=true
Change into one of the provider sub-directories before executing terraform commands.
For usage, refer to the Terraform CLI doc.
To create your own environment, you need to pass a variable of the name you want to give it, e.g. terraform apply -var env=my-new-environment.
This should be enough to create a fresh environment. However, sometimes we make changes that mean you'll need to make other adjustments if you've previously created an environment. The file upgrade_compatibility shows some of the errors you might see, and their solutions.