From 7050d6fc06f03b706d2be7190c48407954b8b627 Mon Sep 17 00:00:00 2001 From: troymc Date: Wed, 10 Aug 2016 10:25:10 +0200 Subject: [PATCH] docs: moved testing-cluster-specific AWS setup instructions from Appendices to the page about deploying a testing cluster on AWS --- docs/source/appendices/aws-setup.md | 38 +------------------ .../clusters-feds/aws-testing-cluster.md | 32 +++++++++++++++- .../setup-chef-server-aws.md | 2 +- 3 files changed, 33 insertions(+), 39 deletions(-) diff --git a/docs/source/appendices/aws-setup.md b/docs/source/appendices/aws-setup.md index caae7339..8b7dcd6c 100644 --- a/docs/source/appendices/aws-setup.md +++ b/docs/source/appendices/aws-setup.md @@ -1,6 +1,6 @@ -# AWS Setup +# Basic AWS Setup -Before you can deploy a BigchainDB node or cluster on AWS, you must do a few things. +Before you can deploy anything on AWS, you must do a few things. ## Get an AWS Account @@ -36,37 +36,3 @@ Default output format [None]: [Press Enter] ``` This writes two files: `~/.aws/credentials` and `~/.aws/config`. AWS tools and packages look for those files. - - -## Get Enough Amazon Elastic IP Addresses - -You can skip this if you're deploying a single node. - -Our AWS cluster deployment scripts use elastic IP addresses (although that may change in the future). By default, AWS accounts get five elastic IP addresses. If you want to deploy a cluster with more than five nodes, then you will need more than five elastic IP addresses; you may have to apply for those; see [the AWS documentation on elastic IP addresses](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html). - - -## Create an Amazon EC2 Key Pair - -Go to the AWS EC2 Console and select "Key Pairs" in the left sidebar. Click the "Create Key Pair" button. Give it the name `bigchaindb`. You should be prompted to save a file named `bigchaindb.pem`. That file contains the RSA private key. (You can get the public key from the private key, so there's no need to send it separately.) - -If you're deploying a cluster, save the file in `bigchaindb/deploy-cluster-aws/pem/bigchaindb.pem`. - -If you're deploying a single node, save the file in `bigchaindb/deploy-node-aws/pem/bigchaindb.pem`. - -**You should not share your private key.** - - -## Create an Amazon EC2 Security Group - -Go to the AWS EC2 Console and select "Security Groups" in the left sidebar. Click the "Create Security Group" button. If you're deploying a cluster, give it the name `bigchaindb`, otherwise you can name it whatever you like. The description probably doesn't matter but we also put `bigchaindb` for that. - -If you're deploying a test cluster, then add these rules for Inbound traffic: - -* Type = All TCP, Protocol = TCP, Port Range = 0-65535, Source = 0.0.0.0/0 -* Type = SSH, Protocol = SSH, Port Range = 22, Source = 0.0.0.0/0 -* Type = All UDP, Protocol = UDP, Port Range = 0-65535, Source = 0.0.0.0/0 -* Type = All ICMP, Protocol = ICMP, Port Range = 0-65535, Source = 0.0.0.0/0 - -**Note: These rules are extremely lax! They're meant to make testing easy.** For example, Source = 0.0.0.0/0 is [CIDR notation](https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) for "allow this traffic to come from _any_ IP address." - -If you're deploying a single node, then see [the BigchainDB Notes for Firewall Setup](firewall-notes.html) and [the AWS documentation about security groups](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html). diff --git a/docs/source/clusters-feds/aws-testing-cluster.md b/docs/source/clusters-feds/aws-testing-cluster.md index bfc4ddca..59277ac4 100644 --- a/docs/source/clusters-feds/aws-testing-cluster.md +++ b/docs/source/clusters-feds/aws-testing-cluster.md @@ -32,9 +32,37 @@ What did you just install? * [The aws-cli package](https://pypi.python.org/pypi/awscli), which is an AWS Command Line Interface (CLI). -## AWS Setup +## Basic AWS Setup -See the page about [AWS Setup](../appendices/aws-setup.html) in the Appendices. +See the page about [basic AWS Setup](../appendices/aws-setup.html) in the Appendices. + + +## Get Enough Amazon Elastic IP Addresses + +The AWS cluster deployment scripts use elastic IP addresses (although that may change in the future). By default, AWS accounts get five elastic IP addresses. If you want to deploy a cluster with more than five nodes, then you will need more than five elastic IP addresses; you may have to apply for those; see [the AWS documentation on elastic IP addresses](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html). + + +## Create an Amazon EC2 Key Pair + +Go to the AWS EC2 Console and select "Key Pairs" in the left sidebar. Click the "Create Key Pair" button. Give it the name `bigchaindb`. You should be prompted to save a file named `bigchaindb.pem`. That file contains the RSA private key. (You can get the public key from the private key, so there's no need to send it separately.) + +Save the file in `bigchaindb/deploy-cluster-aws/pem/bigchaindb.pem`. + +**You should not share your private key.** + + +## Create an Amazon EC2 Security Group + +Go to the AWS EC2 Console and select "Security Groups" in the left sidebar. Click the "Create Security Group" button. Name it `bigchaindb`. The description probably doesn't matter; you can also put `bigchaindb` for that. + +Add these rules for Inbound traffic: + +* Type = All TCP, Protocol = TCP, Port Range = 0-65535, Source = 0.0.0.0/0 +* Type = SSH, Protocol = SSH, Port Range = 22, Source = 0.0.0.0/0 +* Type = All UDP, Protocol = UDP, Port Range = 0-65535, Source = 0.0.0.0/0 +* Type = All ICMP, Protocol = ICMP, Port Range = 0-65535, Source = 0.0.0.0/0 + +**Note: These rules are extremely lax! They're meant to make testing easy.** For example, Source = 0.0.0.0/0 is [CIDR notation](https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) for "allow this traffic to come from _any_ IP address." ## Deploy a BigchainDB Monitor diff --git a/docs/source/prod-node-setup-mgmt/setup-chef-server-aws.md b/docs/source/prod-node-setup-mgmt/setup-chef-server-aws.md index 7bd01e8d..498fbff4 100644 --- a/docs/source/prod-node-setup-mgmt/setup-chef-server-aws.md +++ b/docs/source/prod-node-setup-mgmt/setup-chef-server-aws.md @@ -1,6 +1,6 @@ # Set Up Chef Server on AWS -First, you need to get set up on AWS. See [the page about AWS Setup in the Appendices](../appendices/aws-setup.html). +First, you need to get set up on AWS. See the page about [basic AWS Setup](../appendices/aws-setup.html) in the Appendices. Chef Software, Inc. provides an official Chef Server AMI (Amazon Machine Image) on the AWS Marketplace. They also wrote [documentation about it](https://docs.chef.io/aws_marketplace.html).