From 1a7951a28c08aa60e05a1c2608c9f4149335ff7b Mon Sep 17 00:00:00 2001
From: troymc <troy@ascribe.io>
Date: Thu, 18 Aug 2016 13:41:27 +0200
Subject: [PATCH 01/22] docs: fixed link to pytest docs

---
 docs/source/dev-and-test/running-unit-tests.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/source/dev-and-test/running-unit-tests.md b/docs/source/dev-and-test/running-unit-tests.md
index 17c75256..c3347d79 100644
--- a/docs/source/dev-and-test/running-unit-tests.md
+++ b/docs/source/dev-and-test/running-unit-tests.md
@@ -16,7 +16,7 @@ then in another terminal, do:
 $ python setup.py test
 ```
 
-(Aside: How does the above command work? The documentation for [pytest-runner](https://pypi.python.org/pypi/pytest-runner) explains. We use [pytest](http://pytest.org/latest/) to write all unit tests.)
+(Aside: How does the above command work? The documentation for [pytest-runner](https://pypi.python.org/pypi/pytest-runner) explains. We use [pytest](http://docs.pytest.org/en/latest/) to write all unit tests.)
 
 
 ### Using docker-compose to Run the Tests

From 1aeddb7b575e2285350eb158e96012c051515849 Mon Sep 17 00:00:00 2001
From: troymc <troy@ascribe.io>
Date: Thu, 18 Aug 2016 13:49:28 +0200
Subject: [PATCH 02/22] docs: fixed redirecting link to boto3 docs

---
 docs/source/clusters-feds/aws-testing-cluster.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/source/clusters-feds/aws-testing-cluster.md b/docs/source/clusters-feds/aws-testing-cluster.md
index 59277ac4..d0ded938 100644
--- a/docs/source/clusters-feds/aws-testing-cluster.md
+++ b/docs/source/clusters-feds/aws-testing-cluster.md
@@ -28,7 +28,7 @@ What did you just install?
 * "[Fabric](http://www.fabfile.org/) is a Python (2.5-2.7) library and command-line tool for streamlining the use of SSH for application deployment or systems administration tasks."
 * [fabtools](https://github.com/ronnix/fabtools) are "tools for writing awesome Fabric files"
 * [requests](http://docs.python-requests.org/en/master/) is a Python package/library for sending HTTP requests
-* "[Boto](https://boto3.readthedocs.org/en/latest/) is the Amazon Web Services (AWS) SDK for Python, which allows Python developers to write software that makes use of Amazon services like S3 and EC2." (`boto3` is the name of the latest Boto package.)
+* "[Boto](https://boto3.readthedocs.io/en/latest/) is the Amazon Web Services (AWS) SDK for Python, which allows Python developers to write software that makes use of Amazon services like S3 and EC2." (`boto3` is the name of the latest Boto package.)
 * [The aws-cli package](https://pypi.python.org/pypi/awscli), which is an AWS Command Line Interface (CLI).
 
 

From 486d65cdc23d2e96413b82ae5fe26eb15348237c Mon Sep 17 00:00:00 2001
From: troymc <troy@ascribe.io>
Date: Thu, 18 Aug 2016 14:08:04 +0200
Subject: [PATCH 03/22] docs: Fixed broken link to setuptools' docs

---
 docs/source/appendices/consensus.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/source/appendices/consensus.md b/docs/source/appendices/consensus.md
index 7fe70269..72146859 100644
--- a/docs/source/appendices/consensus.md
+++ b/docs/source/appendices/consensus.md
@@ -71,7 +71,7 @@ class SillyConsensusRules(BaseConsensusRules):
 
 ## Packaging a plugin
 
-BigchainDB uses [setuptool's entry_point](https://pythonhosted.org/setuptools/setuptools.html) system to provide the plugin functionality. Any custom plugin needs to add this section to the `setup()` call in their `setup.py`:
+BigchainDB uses [setuptools](https://setuptools.readthedocs.io/en/latest/)' entry_points to provide the plugin functionality. Any custom plugin needs to add this section to the `setup()` call in their `setup.py`:
 
 ```python
 entry_points={

From 5f2d948c3f3b0f02fcd9821c66b413aef5d58da6 Mon Sep 17 00:00:00 2001
From: troymc <troy@ascribe.io>
Date: Thu, 18 Aug 2016 14:11:30 +0200
Subject: [PATCH 04/22] docs: new page about how to set up Ansible

---
 docs/source/prod-node-setup-mgmt/index.rst    |  2 +-
 .../prod-node-setup-mgmt/set-up-ansible.md    | 24 +++++++++++++++++++
 2 files changed, 25 insertions(+), 1 deletion(-)
 create mode 100644 docs/source/prod-node-setup-mgmt/set-up-ansible.md

diff --git a/docs/source/prod-node-setup-mgmt/index.rst b/docs/source/prod-node-setup-mgmt/index.rst
index 025b821e..1e8ce92f 100644
--- a/docs/source/prod-node-setup-mgmt/index.rst
+++ b/docs/source/prod-node-setup-mgmt/index.rst
@@ -5,4 +5,4 @@ Production Node Setup & Management
    :maxdepth: 1
 
    overview
-
+   set-up-ansible
diff --git a/docs/source/prod-node-setup-mgmt/set-up-ansible.md b/docs/source/prod-node-setup-mgmt/set-up-ansible.md
new file mode 100644
index 00000000..df79db64
--- /dev/null
+++ b/docs/source/prod-node-setup-mgmt/set-up-ansible.md
@@ -0,0 +1,24 @@
+# Set Up Ansible
+
+## Install Ansible
+
+The Ansible documentation has [installation instructions](https://docs.ansible.com/ansible/intro_installation.html). Note the control machine requirements. At the time of writing, the control machine had to have Python 2.6 or 2.7. (Support for Python 3 [is a goal of Ansible 2.2](https://github.com/ansible/ansible/issues/15976#issuecomment-221264089).) You can ensure you're using a supported version of Python by creating a special Python 2.x virtualenv and installing Ansible in it. For example:
+```text
+cd repos/bigchaindb/ntools
+virtualenv -p /usr/local/lib/python2.7.11/bin/python ansenv
+source ansenv/bin/activate
+pip install ansible
+```
+
+
+## Create an Ansible Inventory File
+
+An Ansible "inventory" file is a file which lists all the hosts (machines) you want to manage using Ansible. (Ansible will communicate with them via SSH.) Ansible expects the inventory file to be `/etc/ansible/hosts` by default (but you can change that). Here's an example Ansible inventory file for a one-machine BigchainDB node:
+```text
+node1 ansible_host=192.0.2.128
+```
+
+`node1` is a "host alias" (i.e. a made-up name) that you can use when referring to that host in Ansible.
+`192.0.2.128` is an example IP address (IPv4): the public IP address of the node.
+
+

From dc0a439421015f9669539f90130b0e742166c83f Mon Sep 17 00:00:00 2001
From: troymc <troy@ascribe.io>
Date: Fri, 19 Aug 2016 10:10:05 +0200
Subject: [PATCH 05/22] docs: corrected the remarks on Atlas, renamed
 set-up-ansible.md as install-ansible.md

---
 .../{set-up-ansible.md => install-ansible.md}                | 0
 docs/source/prod-node-setup-mgmt/install-terraform.md        | 5 ++++-
 2 files changed, 4 insertions(+), 1 deletion(-)
 rename docs/source/prod-node-setup-mgmt/{set-up-ansible.md => install-ansible.md} (100%)

diff --git a/docs/source/prod-node-setup-mgmt/set-up-ansible.md b/docs/source/prod-node-setup-mgmt/install-ansible.md
similarity index 100%
rename from docs/source/prod-node-setup-mgmt/set-up-ansible.md
rename to docs/source/prod-node-setup-mgmt/install-ansible.md
diff --git a/docs/source/prod-node-setup-mgmt/install-terraform.md b/docs/source/prod-node-setup-mgmt/install-terraform.md
index db8fce3a..5382b6fa 100644
--- a/docs/source/prod-node-setup-mgmt/install-terraform.md
+++ b/docs/source/prod-node-setup-mgmt/install-terraform.md
@@ -2,7 +2,10 @@
 
 The [Terraform documentation has installation instructions](https://www.terraform.io/intro/getting-started/install.html) for all common operating systems.
 
-Note: Hashicorp (the company behind Terraform) will try to convince you that running Terraform on their servers (inside Atlas) would be great. **While that might be true for many, it is not true for BigchainDB.** BigchainDB federations are supposed to be decentralized, and if everyone used Atlas, that would be a point of centralization. If you don't want to run Terraform on your local machine, you could install it on a cloud machine under your control (e.g. on AWS).
+If you don't want to run Terraform on your local machine, you could install it on a cloud machine under your control (e.g. on AWS).
+
+Note: Hashicorp has an enterprise version of Terraform called "Terraform Enterprise." It's part of Atlas, which includes other things. You can use that if you like, but be sure to install it on your own hosting (i.e. "on premise"), not on the hosting provided by Hashicorp. The reason is that BigchainDB clusters are supposed to be decentralized. If everyone used Hashicorp's hosted Atlas, then that would be a point of centralization.
+
 
 ## Ubuntu Installation Tips
 

From 241c52ba234f6193e1a11a2aaedcaaa5d552cc48 Mon Sep 17 00:00:00 2001
From: troymc <troy@ascribe.io>
Date: Fri, 19 Aug 2016 12:03:08 +0200
Subject: [PATCH 06/22] docs: placeholder for prov-one-m-azure.md

---
 docs/source/prod-node-setup-mgmt/prov-one-m-azure.md | 3 +++
 1 file changed, 3 insertions(+)
 create mode 100644 docs/source/prod-node-setup-mgmt/prov-one-m-azure.md

diff --git a/docs/source/prod-node-setup-mgmt/prov-one-m-azure.md b/docs/source/prod-node-setup-mgmt/prov-one-m-azure.md
new file mode 100644
index 00000000..a53fcf73
--- /dev/null
+++ b/docs/source/prod-node-setup-mgmt/prov-one-m-azure.md
@@ -0,0 +1,3 @@
+# Provision a One-Machine Node on Azure
+
+This is just a placeholder so you can see the future structure of these docs.

From 48a6cccf57fca3982051075748279189622b0aa7 Mon Sep 17 00:00:00 2001
From: troymc <troy@ascribe.io>
Date: Fri, 19 Aug 2016 12:05:34 +0200
Subject: [PATCH 07/22] docs: revised install-ansible.md, moved inventory file
 setup to new page

---
 .../prod-node-setup-mgmt/install-ansible.md   | 19 +++----------------
 1 file changed, 3 insertions(+), 16 deletions(-)

diff --git a/docs/source/prod-node-setup-mgmt/install-ansible.md b/docs/source/prod-node-setup-mgmt/install-ansible.md
index df79db64..568bc99e 100644
--- a/docs/source/prod-node-setup-mgmt/install-ansible.md
+++ b/docs/source/prod-node-setup-mgmt/install-ansible.md
@@ -1,24 +1,11 @@
-# Set Up Ansible
+# Install Ansible
 
-## Install Ansible
+The Ansible documentation has [installation instructions](https://docs.ansible.com/ansible/intro_installation.html). Note the control machine requirements: at the time of writing, Ansible required Python 2.6 or 2.7. (Support for Python 3 [is a goal of Ansible 2.2](https://github.com/ansible/ansible/issues/15976#issuecomment-221264089).)
 
-The Ansible documentation has [installation instructions](https://docs.ansible.com/ansible/intro_installation.html). Note the control machine requirements. At the time of writing, the control machine had to have Python 2.6 or 2.7. (Support for Python 3 [is a goal of Ansible 2.2](https://github.com/ansible/ansible/issues/15976#issuecomment-221264089).) You can ensure you're using a supported version of Python by creating a special Python 2.x virtualenv and installing Ansible in it. For example:
+For example, you could create a special Python 2.x virtualenv named `ansenv` and then install Ansible in it:
 ```text
 cd repos/bigchaindb/ntools
 virtualenv -p /usr/local/lib/python2.7.11/bin/python ansenv
 source ansenv/bin/activate
 pip install ansible
 ```
-
-
-## Create an Ansible Inventory File
-
-An Ansible "inventory" file is a file which lists all the hosts (machines) you want to manage using Ansible. (Ansible will communicate with them via SSH.) Ansible expects the inventory file to be `/etc/ansible/hosts` by default (but you can change that). Here's an example Ansible inventory file for a one-machine BigchainDB node:
-```text
-node1 ansible_host=192.0.2.128
-```
-
-`node1` is a "host alias" (i.e. a made-up name) that you can use when referring to that host in Ansible.
-`192.0.2.128` is an example IP address (IPv4): the public IP address of the node.
-
-

From 92636d4e0f3d90cbd088e7efc41291a23cee649b Mon Sep 17 00:00:00 2001
From: troymc <troy@ascribe.io>
Date: Fri, 19 Aug 2016 12:06:51 +0200
Subject: [PATCH 08/22] docs: started config-one-m page, updated index to
 include it

---
 .../prod-node-setup-mgmt/config-one-m.md      | 38 +++++++++++++++++++
 docs/source/prod-node-setup-mgmt/index.rst    |  4 +-
 2 files changed, 41 insertions(+), 1 deletion(-)
 create mode 100644 docs/source/prod-node-setup-mgmt/config-one-m.md

diff --git a/docs/source/prod-node-setup-mgmt/config-one-m.md b/docs/source/prod-node-setup-mgmt/config-one-m.md
new file mode 100644
index 00000000..4391cae6
--- /dev/null
+++ b/docs/source/prod-node-setup-mgmt/config-one-m.md
@@ -0,0 +1,38 @@
+# Configure a One-Machine Node
+
+In this step, we will install and configure all the software necessary to run BigchainDB, all on one machine.
+
+
+## Create an Ansible Inventory File
+
+An Ansible "inventory" file is a file which lists all the hosts (machines) you want to manage using Ansible. (Ansible will communicate with them via SSH.) Right now, we only want to manage one host.
+
+First, determine the public IP address of the host (i.e. something like `192.0.2.128`). Below we refer to it as `<ip_address>`.
+
+Create a one-line text file named `hosts` using this command (with `<ip_address>` replaced):
+```text
+echo "node1 ansible_host=<ip_address>" > hosts
+```
+
+`node1` is a "host alias" (i.e. a made-up name) that you can use when referring to that host in Ansible. Move `hosts` to `/etc/ansible/` because that's the default place where Ansible looks for it:
+```text
+sudo mkdir -p /etc/ansible/
+sudo mv hosts /etc/ansible/
+```
+
+
+## Tell Ansible the Location of the SSH Key File
+
+Ansible uses SSH to connect to the remote host, so it needs to know the location of the SSH (private) key file. (The corresponding public key should already be on the host you provisioned earler.) Normally, Ansible will ask for the location of the SSH key file as-needed. You can make it stop asking by putting the location in an [Ansible configuration file](https://docs.ansible.com/ansible/intro_configuration.html) (config file). (If you prefer, you could use [ssh-agent](https://en.wikipedia.org/wiki/Ssh-agent) instead.)
+
+The following command will do that (overwriting any existing file named `ansible.cfg`):
+```text
+# cd to the .../bigchaindb/ntools/one-m/ansible directory
+echo "private_key_file=$HOME/.ssh/<key-name>" > ansible.cfg
+```
+
+where `<key-name>` must be replaced by the actual name of the SSH private key file.
+
+
+
+
diff --git a/docs/source/prod-node-setup-mgmt/index.rst b/docs/source/prod-node-setup-mgmt/index.rst
index 4d10d314..8b1fe66c 100644
--- a/docs/source/prod-node-setup-mgmt/index.rst
+++ b/docs/source/prod-node-setup-mgmt/index.rst
@@ -6,5 +6,7 @@ Production Node Setup & Management
 
    overview
    install-terraform
+   install-ansible
    prov-one-m-aws
-   set-up-ansible
+   prov-one-m-azure
+   config-one-m

From 84bee04e4d8eb70acae0d17dcbd48a34a7faa831 Mon Sep 17 00:00:00 2001
From: troymc <troy@ascribe.io>
Date: Fri, 19 Aug 2016 14:20:29 +0200
Subject: [PATCH 09/22] Added placeholder file for Ansible group_vars/all

---
 ntools/one-m/ansible/group_vars/all | 4 ++++
 1 file changed, 4 insertions(+)
 create mode 100644 ntools/one-m/ansible/group_vars/all

diff --git a/ntools/one-m/ansible/group_vars/all b/ntools/one-m/ansible/group_vars/all
new file mode 100644
index 00000000..356589dd
--- /dev/null
+++ b/ntools/one-m/ansible/group_vars/all
@@ -0,0 +1,4 @@
+---
+# Variables here are for all host groups
+
+example_var: 23
\ No newline at end of file

From 05ec422d5db5539dc5c31d6a1d0da5abaf0563e3 Mon Sep 17 00:00:00 2001
From: troymc <troy@ascribe.io>
Date: Sat, 20 Aug 2016 16:08:28 +0200
Subject: [PATCH 10/22] docs: one can license Terraform Enterprise by itself

---
 docs/source/prod-node-setup-mgmt/install-terraform.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs/source/prod-node-setup-mgmt/install-terraform.md b/docs/source/prod-node-setup-mgmt/install-terraform.md
index 5382b6fa..d0342348 100644
--- a/docs/source/prod-node-setup-mgmt/install-terraform.md
+++ b/docs/source/prod-node-setup-mgmt/install-terraform.md
@@ -2,9 +2,9 @@
 
 The [Terraform documentation has installation instructions](https://www.terraform.io/intro/getting-started/install.html) for all common operating systems.
 
-If you don't want to run Terraform on your local machine, you could install it on a cloud machine under your control (e.g. on AWS).
+If you don't want to run Terraform on your local machine, you can install it on a cloud machine under your control (e.g. on AWS).
 
-Note: Hashicorp has an enterprise version of Terraform called "Terraform Enterprise." It's part of Atlas, which includes other things. You can use that if you like, but be sure to install it on your own hosting (i.e. "on premise"), not on the hosting provided by Hashicorp. The reason is that BigchainDB clusters are supposed to be decentralized. If everyone used Hashicorp's hosted Atlas, then that would be a point of centralization.
+Note: Hashicorp has an enterprise version of Terraform called "Terraform Enterprise." You can license it by itself or get it as part of Atlas. If you decide to license Terraform Enterprise or Atlas, be sure to install it on your own hosting (i.e. "on premise"), not on the hosting provided by Hashicorp. The reason is that BigchainDB clusters are supposed to be decentralized. If everyone used Hashicorp's hosted Atlas, then that would be a point of centralization.
 
 
 ## Ubuntu Installation Tips

From 4cd0311bc2a2066fc2fe72db6927e561db078608 Mon Sep 17 00:00:00 2001
From: troymc <troy@ascribe.io>
Date: Mon, 22 Aug 2016 13:43:56 +0200
Subject: [PATCH 11/22] docs: Note how we use Terraform/Ansible as an example

---
 docs/source/prod-node-setup-mgmt/overview.md        |  6 +++++-
 ntools/one-m/ansible/one-m-node.yml                 |  9 +++++++++
 ntools/one-m/ansible/roles/common/handlers/main.yml | 10 ++++++++++
 3 files changed, 24 insertions(+), 1 deletion(-)
 create mode 100644 ntools/one-m/ansible/one-m-node.yml
 create mode 100644 ntools/one-m/ansible/roles/common/handlers/main.yml

diff --git a/docs/source/prod-node-setup-mgmt/overview.md b/docs/source/prod-node-setup-mgmt/overview.md
index 35072f26..bea41b51 100644
--- a/docs/source/prod-node-setup-mgmt/overview.md
+++ b/docs/source/prod-node-setup-mgmt/overview.md
@@ -7,7 +7,11 @@ Deploying and managing a production BigchainDB node is much more involved than w
 * Production nodes need monitoring
 * Production nodes need maintenance, e.g. software upgrades, scaling
 
-Thankfully, there are tools to help! We use:
+Thankfully, there are tools that can help (e.g. provisioning tools and configuration management tools). You can use whatever tools you prefer.
+
+As an example, we provide documentation and code showing how to use Terraform and Ansible (together).
 
 * [Terraform](https://www.terraform.io/) to provision infrastructure such as AWS instances, storage and security groups
 * [Ansible](https://www.ansible.com/) to manage the software installed on that infrastructure (configuration management)
+
+You can use those as-described or as a reference for setting up your preferred tools. If you notice something that could be done better, let us know (e.g. by creating an issue on GitHub).
diff --git a/ntools/one-m/ansible/one-m-node.yml b/ntools/one-m/ansible/one-m-node.yml
new file mode 100644
index 00000000..8d28c781
--- /dev/null
+++ b/ntools/one-m/ansible/one-m-node.yml
@@ -0,0 +1,9 @@
+---
+# This playbook deploys a BigchainDB node in one machine (one-m).
+
+- name: deploy all software and configure it
+  hosts: all
+  remote_user: root
+
+  roles:
+    - common
\ No newline at end of file
diff --git a/ntools/one-m/ansible/roles/common/handlers/main.yml b/ntools/one-m/ansible/roles/common/handlers/main.yml
new file mode 100644
index 00000000..cd79d40f
--- /dev/null
+++ b/ntools/one-m/ansible/roles/common/handlers/main.yml
@@ -0,0 +1,10 @@
+---
+# This file should be in roles - common - handlers
+# Handler to handle common notifications. Handlers are called by other plays.
+# See http://docs.ansible.com/playbooks_intro.html for more information about handlers.
+
+- name: restart ntp
+  service: name=ntpd state=restarted
+
+- name: restart iptables
+  service: name=iptables state=restarted
\ No newline at end of file

From d8a36019aec47db38c3f0601e26eb7f830036fa2 Mon Sep 17 00:00:00 2001
From: troymc <troy@ascribe.io>
Date: Mon, 22 Aug 2016 14:28:58 +0200
Subject: [PATCH 12/22] docs: say where to change the default ssh_key_name:
 variables.tf

---
 docs/source/prod-node-setup-mgmt/prov-one-m-aws.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/source/prod-node-setup-mgmt/prov-one-m-aws.md b/docs/source/prod-node-setup-mgmt/prov-one-m-aws.md
index 294fdd59..3884fa4f 100644
--- a/docs/source/prod-node-setup-mgmt/prov-one-m-aws.md
+++ b/docs/source/prod-node-setup-mgmt/prov-one-m-aws.md
@@ -19,7 +19,7 @@ It should ask you the value of `ssh_key_name`.
 
 It figured out the plan by reading all the `.tf` Terraform files in the directory.
 
-If you don't want to be asked for the `ssh_key_name`, you can change the default value of `ssh_key_name` or [you can set an environmen variable](https://www.terraform.io/docs/configuration/variables.html) named `TF_VAR_ssh_key_name`.
+If you don't want to be asked for the `ssh_key_name`, you can change the default value of `ssh_key_name` (in the file `variables.tf`) or [you can set an environmen variable](https://www.terraform.io/docs/configuration/variables.html) named `TF_VAR_ssh_key_name`.
 
 
 ## Provision

From bcde21a2a3fbc72c0d27417f8c7979878bbaa2cb Mon Sep 17 00:00:00 2001
From: troymc <troy@ascribe.io>
Date: Mon, 22 Aug 2016 15:23:14 +0200
Subject: [PATCH 13/22] docs: minor edit to overview of prod node setup

---
 docs/source/prod-node-setup-mgmt/overview.md  |  2 +-
 .../one-m/ansible/roles/common/tasks/main.yml | 31 +++++++++++++++++++
 2 files changed, 32 insertions(+), 1 deletion(-)
 create mode 100644 ntools/one-m/ansible/roles/common/tasks/main.yml

diff --git a/docs/source/prod-node-setup-mgmt/overview.md b/docs/source/prod-node-setup-mgmt/overview.md
index bea41b51..b592dd6e 100644
--- a/docs/source/prod-node-setup-mgmt/overview.md
+++ b/docs/source/prod-node-setup-mgmt/overview.md
@@ -9,7 +9,7 @@ Deploying and managing a production BigchainDB node is much more involved than w
 
 Thankfully, there are tools that can help (e.g. provisioning tools and configuration management tools). You can use whatever tools you prefer.
 
-As an example, we provide documentation and code showing how to use Terraform and Ansible (together).
+As an example, we provide documentation and code showing how to use Terraform and Ansible (together). We use:
 
 * [Terraform](https://www.terraform.io/) to provision infrastructure such as AWS instances, storage and security groups
 * [Ansible](https://www.ansible.com/) to manage the software installed on that infrastructure (configuration management)
diff --git a/ntools/one-m/ansible/roles/common/tasks/main.yml b/ntools/one-m/ansible/roles/common/tasks/main.yml
new file mode 100644
index 00000000..8a8786b5
--- /dev/null
+++ b/ntools/one-m/ansible/roles/common/tasks/main.yml
@@ -0,0 +1,31 @@
+---
+# ansible/roles/common/tasks/main.yml
+
+- name: Do the equivalent of apt-get update
+  apt: update_cache=yes
+
+- name: Uninstall ntpdate (deprecated)
+  apt: name=ntpdate state=absent
+  tags: ntp
+
+- name: Update all installed packages to their latest versions
+  apt: upgrade=dist
+
+- name: Install ntp
+  apt: name=ntp state=latest update_cache=yes
+  tags: ntp
+
+#- name: Configure ntp file
+#  template: src=ntp.conf.j2 dest=/etc/ntp.conf
+#  tags: ntp
+  # "restart ntp" is the name of a handler (in common/handlers/main.yml)
+#  notify: restart ntp
+
+- name: Start the ntp service
+  service: name=ntpd state=started enabled=yes
+  tags: ntp
+
+#- name: test to see if selinux is running
+#  command: getenforce
+#  register: sestatus
+#  changed_when: false

From 5c6a3b745782e346140824d626194fb062dc0f3c Mon Sep 17 00:00:00 2001
From: troymc <troy@ascribe.io>
Date: Mon, 22 Aug 2016 17:15:14 +0200
Subject: [PATCH 14/22] docs: renamed config-one-m to start-one-m-node

---
 docs/source/prod-node-setup-mgmt/index.rst                      | 2 +-
 .../{config-one-m.md => start-one-m-node.md}                    | 0
 2 files changed, 1 insertion(+), 1 deletion(-)
 rename docs/source/prod-node-setup-mgmt/{config-one-m.md => start-one-m-node.md} (100%)

diff --git a/docs/source/prod-node-setup-mgmt/index.rst b/docs/source/prod-node-setup-mgmt/index.rst
index 8b1fe66c..069164f4 100644
--- a/docs/source/prod-node-setup-mgmt/index.rst
+++ b/docs/source/prod-node-setup-mgmt/index.rst
@@ -9,4 +9,4 @@ Production Node Setup & Management
    install-ansible
    prov-one-m-aws
    prov-one-m-azure
-   config-one-m
+   start-one-m-node
diff --git a/docs/source/prod-node-setup-mgmt/config-one-m.md b/docs/source/prod-node-setup-mgmt/start-one-m-node.md
similarity index 100%
rename from docs/source/prod-node-setup-mgmt/config-one-m.md
rename to docs/source/prod-node-setup-mgmt/start-one-m-node.md

From 6e5975dadc3388977c394b1aee9aeddec8d3bf9f Mon Sep 17 00:00:00 2001
From: troymc <troy@ascribe.io>
Date: Mon, 22 Aug 2016 17:25:30 +0200
Subject: [PATCH 15/22] First working Ansible playbook file set

---
 ntools/one-m/ansible/group_vars/all                 |  3 ++-
 ntools/one-m/ansible/one-m-node.yml                 |  4 ++--
 ntools/one-m/ansible/roles/common/handlers/main.yml |  7 +++----
 ntools/one-m/ansible/roles/common/tasks/main.yml    | 11 +++++++++--
 4 files changed, 16 insertions(+), 9 deletions(-)

diff --git a/ntools/one-m/ansible/group_vars/all b/ntools/one-m/ansible/group_vars/all
index 356589dd..1a3ad5b5 100644
--- a/ntools/one-m/ansible/group_vars/all
+++ b/ntools/one-m/ansible/group_vars/all
@@ -1,4 +1,5 @@
 ---
-# Variables here are for all host groups
+# ansible/group_vars/all
+# Variables in this file are for *all* host groups (i.e. all hosts)
 
 example_var: 23
\ No newline at end of file
diff --git a/ntools/one-m/ansible/one-m-node.yml b/ntools/one-m/ansible/one-m-node.yml
index 8d28c781..e6691184 100644
--- a/ntools/one-m/ansible/one-m-node.yml
+++ b/ntools/one-m/ansible/one-m-node.yml
@@ -1,9 +1,9 @@
 ---
 # This playbook deploys a BigchainDB node in one machine (one-m).
 
-- name: deploy all software and configure it
+- name: install + configure + start all software
   hosts: all
-  remote_user: root
+  remote_user: ubuntu
 
   roles:
     - common
\ No newline at end of file
diff --git a/ntools/one-m/ansible/roles/common/handlers/main.yml b/ntools/one-m/ansible/roles/common/handlers/main.yml
index cd79d40f..a7ccf7ff 100644
--- a/ntools/one-m/ansible/roles/common/handlers/main.yml
+++ b/ntools/one-m/ansible/roles/common/handlers/main.yml
@@ -1,10 +1,9 @@
 ---
-# This file should be in roles - common - handlers
-# Handler to handle common notifications. Handlers are called by other plays.
+# ansible/roles/common/handlers/main.yml
 # See http://docs.ansible.com/playbooks_intro.html for more information about handlers.
 
 - name: restart ntp
   service: name=ntpd state=restarted
 
-- name: restart iptables
-  service: name=iptables state=restarted
\ No newline at end of file
+#- name: restart iptables
+#  service: name=iptables state=restarted
\ No newline at end of file
diff --git a/ntools/one-m/ansible/roles/common/tasks/main.yml b/ntools/one-m/ansible/roles/common/tasks/main.yml
index 8a8786b5..1b543e75 100644
--- a/ntools/one-m/ansible/roles/common/tasks/main.yml
+++ b/ntools/one-m/ansible/roles/common/tasks/main.yml
@@ -1,18 +1,24 @@
 ---
 # ansible/roles/common/tasks/main.yml
+# Note: "become: true" basically means "become root user for this task" i.e. sudo <cmd>
+# See https://docs.ansible.com/ansible/become.html
 
-- name: Do the equivalent of apt-get update
+- name: Do the equivalent of "sudo apt-get update"
   apt: update_cache=yes
+  become: true
 
 - name: Uninstall ntpdate (deprecated)
   apt: name=ntpdate state=absent
+  become: true
   tags: ntp
 
 - name: Update all installed packages to their latest versions
   apt: upgrade=dist
+  become: true
 
 - name: Install ntp
   apt: name=ntp state=latest update_cache=yes
+  become: true
   tags: ntp
 
 #- name: Configure ntp file
@@ -22,7 +28,8 @@
 #  notify: restart ntp
 
 - name: Start the ntp service
-  service: name=ntpd state=started enabled=yes
+  service: name=ntp state=started enabled=yes
+  become: true
   tags: ntp
 
 #- name: test to see if selinux is running

From cd391815d8d71bf0727ce09c58cdb484da56f3ec Mon Sep 17 00:00:00 2001
From: troymc <troy@ascribe.io>
Date: Mon, 22 Aug 2016 17:26:37 +0200
Subject: [PATCH 16/22] docs: how to run Ansible playbook

---
 .../prod-node-setup-mgmt/start-one-m-node.md  | 41 +++++++++++--------
 1 file changed, 23 insertions(+), 18 deletions(-)

diff --git a/docs/source/prod-node-setup-mgmt/start-one-m-node.md b/docs/source/prod-node-setup-mgmt/start-one-m-node.md
index 4391cae6..94b445aa 100644
--- a/docs/source/prod-node-setup-mgmt/start-one-m-node.md
+++ b/docs/source/prod-node-setup-mgmt/start-one-m-node.md
@@ -1,38 +1,43 @@
-# Configure a One-Machine Node
+# Start a One-Machine Node
 
-In this step, we will install and configure all the software necessary to run BigchainDB, all on one machine.
+In this step, we will install, configure and run all the software necessary to run BigchainDB, all on one machine.
 
 
 ## Create an Ansible Inventory File
 
 An Ansible "inventory" file is a file which lists all the hosts (machines) you want to manage using Ansible. (Ansible will communicate with them via SSH.) Right now, we only want to manage one host.
 
-First, determine the public IP address of the host (i.e. something like `192.0.2.128`). Below we refer to it as `<ip_address>`.
+First, determine the public IP address of the host (i.e. something like `192.0.2.128`).
 
-Create a one-line text file named `hosts` using this command (with `<ip_address>` replaced):
+Then create a one-line text file named `hosts` by doing this:
 ```text
-echo "node1 ansible_host=<ip_address>" > hosts
+# cd to the directory .../bigchaindb/ntools/one-m/ansible
+echo "192.0.2.128" > hosts
 ```
 
-`node1` is a "host alias" (i.e. a made-up name) that you can use when referring to that host in Ansible. Move `hosts` to `/etc/ansible/` because that's the default place where Ansible looks for it:
+but replace `192.0.2.128` with the IP address of the host.
+
+
+## Run the Ansible Playbook
+
+The next step is to run the Ansible playbook `one-m-node.yml`. It installs all the software necessary in a one-machine BigchainDB node, configures it, and starts it. Here's how to run that playbook:
 ```text
-sudo mkdir -p /etc/ansible/
-sudo mv hosts /etc/ansible/
+# cd to the directory .../bigchaindb/ntools/one-m/ansible
+ansible-playbook -i hosts --private-key ~/.ssh/<key-name> one-m-node.yml
 ```
 
+where `<key-name>` should be replaced by the name of the SSH private key you created earlier (for SSHing to the host machine at your cloud hosting provider).
 
-## Tell Ansible the Location of the SSH Key File
+Note: At the time of writing, the playbook only installs and runs an NTP daemon, but more is coming soon.
 
-Ansible uses SSH to connect to the remote host, so it needs to know the location of the SSH (private) key file. (The corresponding public key should already be on the host you provisioned earler.) Normally, Ansible will ask for the location of the SSH key file as-needed. You can make it stop asking by putting the location in an [Ansible configuration file](https://docs.ansible.com/ansible/intro_configuration.html) (config file). (If you prefer, you could use [ssh-agent](https://en.wikipedia.org/wiki/Ssh-agent) instead.)
 
-The following command will do that (overwriting any existing file named `ansible.cfg`):
+## Optional: Create an Ansible Config File
+
+The above command (`ansible-playbook -i ...`) is fairly long. You can omit the optional arguments if you put their values in an [Ansible configuration file](https://docs.ansible.com/ansible/intro_configuration.html) (config file) instead. There are many places where you can put a config file, but to make one specifically for the "one-m" case, you should put it in `.../bigchaindb/ntools/one-m/ansible/`. In that directory, create a file named `ansible.cfg` with the following contents:
 ```text
-# cd to the .../bigchaindb/ntools/one-m/ansible directory
-echo "private_key_file=$HOME/.ssh/<key-name>" > ansible.cfg
+[defaults]
+private_key_file = $HOME/.ssh/<key-name>
+inventory = hosts
 ```
 
-where `<key-name>` must be replaced by the actual name of the SSH private key file.
-
-
-
-
+where, as before, `<key-name>` must be replaced.

From 460e1c3fba59b24cbb437a4bce9416639ae5c387 Mon Sep 17 00:00:00 2001
From: troymc <troy@ascribe.io>
Date: Mon, 22 Aug 2016 17:27:09 +0200
Subject: [PATCH 17/22] Added Ansible-specific files to .gitignore

---
 .gitignore | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/.gitignore b/.gitignore
index 8005b32c..ad82db58 100644
--- a/.gitignore
+++ b/.gitignore
@@ -73,3 +73,7 @@ deploy-cluster-aws/hostlist.py
 deploy-cluster-aws/ssh_key.py
 benchmarking-tests/hostlist.py
 benchmarking-tests/ssh_key.py
+
+# Ansible-specific files
+ntools/one-m/ansible/hosts
+ntools/one-m/ansible/ansible.cfg

From a5a6e8ad4d0ea54c6d2e5fd4914746c7443c6efd Mon Sep 17 00:00:00 2001
From: troymc <troy@ascribe.io>
Date: Tue, 23 Aug 2016 17:17:26 +0200
Subject: [PATCH 18/22] split 'common' Ansible role into bcdb_base & ntp,
 modified those a bit

---
 .../prod-node-setup-mgmt/start-one-m-node.md  |  6 ++-
 ntools/one-m/ansible/one-m-node.yml           |  6 ++-
 .../ansible/roles/bcdb_base/tasks/main.yml    | 25 ++++++++++++
 .../ansible/roles/common/handlers/main.yml    |  9 -----
 .../one-m/ansible/roles/common/tasks/main.yml | 38 -------------------
 .../one-m/ansible/roles/ntp/handlers/main.yml |  5 +++
 ntools/one-m/ansible/roles/ntp/tasks/main.yml | 24 ++++++++++++
 7 files changed, 62 insertions(+), 51 deletions(-)
 create mode 100644 ntools/one-m/ansible/roles/bcdb_base/tasks/main.yml
 delete mode 100644 ntools/one-m/ansible/roles/common/handlers/main.yml
 delete mode 100644 ntools/one-m/ansible/roles/common/tasks/main.yml
 create mode 100644 ntools/one-m/ansible/roles/ntp/handlers/main.yml
 create mode 100644 ntools/one-m/ansible/roles/ntp/tasks/main.yml

diff --git a/docs/source/prod-node-setup-mgmt/start-one-m-node.md b/docs/source/prod-node-setup-mgmt/start-one-m-node.md
index 94b445aa..fab89289 100644
--- a/docs/source/prod-node-setup-mgmt/start-one-m-node.md
+++ b/docs/source/prod-node-setup-mgmt/start-one-m-node.md
@@ -20,7 +20,7 @@ but replace `192.0.2.128` with the IP address of the host.
 
 ## Run the Ansible Playbook
 
-The next step is to run the Ansible playbook `one-m-node.yml`. It installs all the software necessary in a one-machine BigchainDB node, configures it, and starts it. Here's how to run that playbook:
+The next step is to run the Ansible playbook `one-m-node.yml`:
 ```text
 # cd to the directory .../bigchaindb/ntools/one-m/ansible
 ansible-playbook -i hosts --private-key ~/.ssh/<key-name> one-m-node.yml
@@ -28,7 +28,9 @@ ansible-playbook -i hosts --private-key ~/.ssh/<key-name> one-m-node.yml
 
 where `<key-name>` should be replaced by the name of the SSH private key you created earlier (for SSHing to the host machine at your cloud hosting provider).
 
-Note: At the time of writing, the playbook only installs and runs an NTP daemon, but more is coming soon.
+What did you just do? Running that playbook ensures all the software necessary for a one-machine BigchainDB node is installed, configured, and running properly. You can run that playbook on a regular schedule to ensure that the system stays properly configured. If something is okay, it does nothing; it only takes action when something is not as-desired.
+
+Note: At the time of writing, the playbook only installs, configures and runs an NTP daemon, but more is coming soon.
 
 
 ## Optional: Create an Ansible Config File
diff --git a/ntools/one-m/ansible/one-m-node.yml b/ntools/one-m/ansible/one-m-node.yml
index e6691184..8f76fdfa 100644
--- a/ntools/one-m/ansible/one-m-node.yml
+++ b/ntools/one-m/ansible/one-m-node.yml
@@ -1,9 +1,11 @@
 ---
 # This playbook deploys a BigchainDB node in one machine (one-m).
 
-- name: install + configure + start all software
+- name: Ensure a one-machine BigchainDB node is configured properly
   hosts: all
   remote_user: ubuntu
 
   roles:
-    - common
\ No newline at end of file
+    - bcdb_base
+    - ntp
+    # TODO: upgrade pip and setuptools, see https://github.com/bobbyrenwick/ansible-pip 
diff --git a/ntools/one-m/ansible/roles/bcdb_base/tasks/main.yml b/ntools/one-m/ansible/roles/bcdb_base/tasks/main.yml
new file mode 100644
index 00000000..d281c7d8
--- /dev/null
+++ b/ntools/one-m/ansible/roles/bcdb_base/tasks/main.yml
@@ -0,0 +1,25 @@
+---
+# ansible/roles/bcdb_base/tasks/main.yml
+
+# Note: "become: true" basically means "become root user for this task" i.e. sudo <cmd>
+# See https://docs.ansible.com/ansible/become.html
+
+- name: Do the equivalent of "sudo apt-get update"
+  apt: update_cache=yes
+  become: true
+
+- name: Configure all unpacked but unconfigured packages
+  shell: /usr/bin/dpkg --configure -a
+  become: true
+
+- name: Attempt to correct a system with broken dependencies in place
+  shell: /usr/bin/apt-get -y -f install
+  become: true
+
+- name: Ensure the LATEST git g++ python3-dev are installed
+  apt: name={{item}} state=latest
+  become: true
+  with_items:
+    - git
+    - g++
+    - python3-dev
diff --git a/ntools/one-m/ansible/roles/common/handlers/main.yml b/ntools/one-m/ansible/roles/common/handlers/main.yml
deleted file mode 100644
index a7ccf7ff..00000000
--- a/ntools/one-m/ansible/roles/common/handlers/main.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-# ansible/roles/common/handlers/main.yml
-# See http://docs.ansible.com/playbooks_intro.html for more information about handlers.
-
-- name: restart ntp
-  service: name=ntpd state=restarted
-
-#- name: restart iptables
-#  service: name=iptables state=restarted
\ No newline at end of file
diff --git a/ntools/one-m/ansible/roles/common/tasks/main.yml b/ntools/one-m/ansible/roles/common/tasks/main.yml
deleted file mode 100644
index 1b543e75..00000000
--- a/ntools/one-m/ansible/roles/common/tasks/main.yml
+++ /dev/null
@@ -1,38 +0,0 @@
----
-# ansible/roles/common/tasks/main.yml
-# Note: "become: true" basically means "become root user for this task" i.e. sudo <cmd>
-# See https://docs.ansible.com/ansible/become.html
-
-- name: Do the equivalent of "sudo apt-get update"
-  apt: update_cache=yes
-  become: true
-
-- name: Uninstall ntpdate (deprecated)
-  apt: name=ntpdate state=absent
-  become: true
-  tags: ntp
-
-- name: Update all installed packages to their latest versions
-  apt: upgrade=dist
-  become: true
-
-- name: Install ntp
-  apt: name=ntp state=latest update_cache=yes
-  become: true
-  tags: ntp
-
-#- name: Configure ntp file
-#  template: src=ntp.conf.j2 dest=/etc/ntp.conf
-#  tags: ntp
-  # "restart ntp" is the name of a handler (in common/handlers/main.yml)
-#  notify: restart ntp
-
-- name: Start the ntp service
-  service: name=ntp state=started enabled=yes
-  become: true
-  tags: ntp
-
-#- name: test to see if selinux is running
-#  command: getenforce
-#  register: sestatus
-#  changed_when: false
diff --git a/ntools/one-m/ansible/roles/ntp/handlers/main.yml b/ntools/one-m/ansible/roles/ntp/handlers/main.yml
new file mode 100644
index 00000000..503a25c3
--- /dev/null
+++ b/ntools/one-m/ansible/roles/ntp/handlers/main.yml
@@ -0,0 +1,5 @@
+---
+# ansible/roles/common/handlers/main.yml
+
+- name: restart ntp
+  service: name=ntpd state=restarted
diff --git a/ntools/one-m/ansible/roles/ntp/tasks/main.yml b/ntools/one-m/ansible/roles/ntp/tasks/main.yml
new file mode 100644
index 00000000..001681ce
--- /dev/null
+++ b/ntools/one-m/ansible/roles/ntp/tasks/main.yml
@@ -0,0 +1,24 @@
+---
+# ansible/roles/ntp/tasks/main.yml
+
+- name: Ensure ntpdate is not installed (and uninstall it if necessary)
+  apt: name=ntpdate state=absent
+  become: true
+
+- name: Ensure the LATEST ntp is installed and do "sudo apt-get update" 
+  apt: name=ntp state=latest update_cache=yes
+  become: true
+
+- name: Retrieve facts about the file /etc/ntp.conf
+  stat: path=/etc/ntp.conf
+  register: ntp_conf_file
+
+- name: Fail when /etc/ntp.conf doesn't exist
+  fail: msg="The NTP config file /etc/ntp.conf doesn't exist'"
+  when: ntp_conf_file.stat.exists == False
+
+# For now, we assume the default /etc/ntp.conf file is okay
+
+- name: Ensure the ntp service is now started and should start on boot (enabled=yes)
+  service: name=ntp state=started enabled=yes
+  become: true

From 922f541c81930157eacdbb5fc323df1d5adc8a11 Mon Sep 17 00:00:00 2001
From: troymc <troy@ascribe.io>
Date: Tue, 23 Aug 2016 17:38:35 +0200
Subject: [PATCH 19/22] docs: changed title to 'Production Node Deployment
 Template'

---
 docs/source/prod-node-setup-mgmt/index.rst | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs/source/prod-node-setup-mgmt/index.rst b/docs/source/prod-node-setup-mgmt/index.rst
index 069164f4..abfeca24 100644
--- a/docs/source/prod-node-setup-mgmt/index.rst
+++ b/docs/source/prod-node-setup-mgmt/index.rst
@@ -1,5 +1,5 @@
-Production Node Setup & Management
-==================================
+Production Node Deployment Template
+===================================
 
 .. toctree::
    :maxdepth: 1

From 028dcb310e3b0807ff2fbb92f5ca3afdfb24bf0d Mon Sep 17 00:00:00 2001
From: troymc <troy@ascribe.io>
Date: Tue, 23 Aug 2016 17:46:27 +0200
Subject: [PATCH 20/22] docs: fixed broken links to prod-node-depl-tplt section

---
 docs/source/clusters-feds/set-up-a-federation.md                | 2 +-
 docs/source/index.rst                                           | 2 +-
 docs/source/nodes/setup-run-node.md                             | 2 +-
 .../{prod-node-setup-mgmt => prod-node-depl-tplt}/index.rst     | 0
 .../install-ansible.md                                          | 0
 .../install-terraform.md                                        | 0
 .../{prod-node-setup-mgmt => prod-node-depl-tplt}/overview.md   | 0
 .../prov-one-m-aws.md                                           | 0
 .../prov-one-m-azure.md                                         | 0
 .../start-one-m-node.md                                         | 0
 10 files changed, 3 insertions(+), 3 deletions(-)
 rename docs/source/{prod-node-setup-mgmt => prod-node-depl-tplt}/index.rst (100%)
 rename docs/source/{prod-node-setup-mgmt => prod-node-depl-tplt}/install-ansible.md (100%)
 rename docs/source/{prod-node-setup-mgmt => prod-node-depl-tplt}/install-terraform.md (100%)
 rename docs/source/{prod-node-setup-mgmt => prod-node-depl-tplt}/overview.md (100%)
 rename docs/source/{prod-node-setup-mgmt => prod-node-depl-tplt}/prov-one-m-aws.md (100%)
 rename docs/source/{prod-node-setup-mgmt => prod-node-depl-tplt}/prov-one-m-azure.md (100%)
 rename docs/source/{prod-node-setup-mgmt => prod-node-depl-tplt}/start-one-m-node.md (100%)

diff --git a/docs/source/clusters-feds/set-up-a-federation.md b/docs/source/clusters-feds/set-up-a-federation.md
index 401fae43..ed1ddd1a 100644
--- a/docs/source/clusters-feds/set-up-a-federation.md
+++ b/docs/source/clusters-feds/set-up-a-federation.md
@@ -19,7 +19,7 @@ The federation must decide some things before setting up the initial cluster (in
 2. What will the replication factor be? (It must be 3 or more for [RethinkDB failover](https://rethinkdb.com/docs/failover/) to work.)
 3. Which node will be responsible for sending the commands to configure the RethinkDB database?
 
-Once those things have been decided, each node operator can begin [setting up their BigchainDB (production) node](../prod-node-setup-mgmt/index.html).
+Once those things have been decided, each node operator can begin setting up their BigchainDB (production) node.
 
 Each node operator will eventually need two pieces of information from all other nodes in the federation:
 
diff --git a/docs/source/index.rst b/docs/source/index.rst
index df70a80b..5e8d5e0c 100644
--- a/docs/source/index.rst
+++ b/docs/source/index.rst
@@ -12,7 +12,7 @@ Table of Contents
    node-cluster-fed
    nodes/index
    dev-and-test/index
-   prod-node-setup-mgmt/index
+   prod-node-depl-tplt/index
    server-reference/index
    drivers-clients/index
    clusters-feds/index
diff --git a/docs/source/nodes/setup-run-node.md b/docs/source/nodes/setup-run-node.md
index 962adfba..e0fb2394 100644
--- a/docs/source/nodes/setup-run-node.md
+++ b/docs/source/nodes/setup-run-node.md
@@ -2,7 +2,7 @@
 
 If you want to set up a BigchainDB node that's intended to be one of the nodes in a BigchainDB cluster (i.e. where each node is operated by a different member of a federation), then this page is for you, otherwise see [elsewhere](../introduction.html).
 
-This is a page of general guidelines for setting up a node. It says nothing about how to upgrade software, storage, processing, etc. or other details of node management. That will be added in the future, in [the section on production node setup & management](../prod-node-setup-mgmt/index.html). Once that section is more complete, this page will probably be deleted.
+This is a page of general guidelines for setting up a node. It says nothing about how to upgrade software, storage, processing, etc. or other details of node management. That will be added in the future, in [the section on production node setup & management](../prod-node-depl-tplt/index.html). Once that section is more complete, this page will probably be deleted.
 
 
 ## Get a Server
diff --git a/docs/source/prod-node-setup-mgmt/index.rst b/docs/source/prod-node-depl-tplt/index.rst
similarity index 100%
rename from docs/source/prod-node-setup-mgmt/index.rst
rename to docs/source/prod-node-depl-tplt/index.rst
diff --git a/docs/source/prod-node-setup-mgmt/install-ansible.md b/docs/source/prod-node-depl-tplt/install-ansible.md
similarity index 100%
rename from docs/source/prod-node-setup-mgmt/install-ansible.md
rename to docs/source/prod-node-depl-tplt/install-ansible.md
diff --git a/docs/source/prod-node-setup-mgmt/install-terraform.md b/docs/source/prod-node-depl-tplt/install-terraform.md
similarity index 100%
rename from docs/source/prod-node-setup-mgmt/install-terraform.md
rename to docs/source/prod-node-depl-tplt/install-terraform.md
diff --git a/docs/source/prod-node-setup-mgmt/overview.md b/docs/source/prod-node-depl-tplt/overview.md
similarity index 100%
rename from docs/source/prod-node-setup-mgmt/overview.md
rename to docs/source/prod-node-depl-tplt/overview.md
diff --git a/docs/source/prod-node-setup-mgmt/prov-one-m-aws.md b/docs/source/prod-node-depl-tplt/prov-one-m-aws.md
similarity index 100%
rename from docs/source/prod-node-setup-mgmt/prov-one-m-aws.md
rename to docs/source/prod-node-depl-tplt/prov-one-m-aws.md
diff --git a/docs/source/prod-node-setup-mgmt/prov-one-m-azure.md b/docs/source/prod-node-depl-tplt/prov-one-m-azure.md
similarity index 100%
rename from docs/source/prod-node-setup-mgmt/prov-one-m-azure.md
rename to docs/source/prod-node-depl-tplt/prov-one-m-azure.md
diff --git a/docs/source/prod-node-setup-mgmt/start-one-m-node.md b/docs/source/prod-node-depl-tplt/start-one-m-node.md
similarity index 100%
rename from docs/source/prod-node-setup-mgmt/start-one-m-node.md
rename to docs/source/prod-node-depl-tplt/start-one-m-node.md

From 28a6fdd3d327453e515c23439057837288d2b84d Mon Sep 17 00:00:00 2001
From: troymc <troy@ascribe.io>
Date: Tue, 23 Aug 2016 18:09:56 +0200
Subject: [PATCH 21/22] docs: emphasize that the terraform/ansible stuff is
 just an example

---
 docs/source/prod-node-depl-tplt/overview.md | 17 +++++++----------
 1 file changed, 7 insertions(+), 10 deletions(-)

diff --git a/docs/source/prod-node-depl-tplt/overview.md b/docs/source/prod-node-depl-tplt/overview.md
index b592dd6e..a2062bc4 100644
--- a/docs/source/prod-node-depl-tplt/overview.md
+++ b/docs/source/prod-node-depl-tplt/overview.md
@@ -1,17 +1,14 @@
 # Overview
 
-Deploying and managing a production BigchainDB node is much more involved than working with a dev/test node:
+A BigchainDB production node has more components and requirements than a dev/test node. Those are outlined in the [BigchainDB Nodes](../nodes/index.html) section.
 
-* There are more components in a production node; see [the page about node components](../nodes/node-components.html)
-* Production nodes need more security
-* Production nodes need monitoring
-* Production nodes need maintenance, e.g. software upgrades, scaling
+You can provision and deploy a production node (to meet the requirments) using whatever tools you prefer.
 
-Thankfully, there are tools that can help (e.g. provisioning tools and configuration management tools). You can use whatever tools you prefer.
+This section documents a template (example), showing how one could use certain tools to provision and deploy a prodution node. Feel free to ignore this section or use it to help you with your preferred tools.
 
-As an example, we provide documentation and code showing how to use Terraform and Ansible (together). We use:
+In this section, we use:
 
-* [Terraform](https://www.terraform.io/) to provision infrastructure such as AWS instances, storage and security groups
-* [Ansible](https://www.ansible.com/) to manage the software installed on that infrastructure (configuration management)
+* [Terraform](https://www.terraform.io/) to provision infrastructure such as AWS instances, storage and security groups, and
+* [Ansible](https://www.ansible.com/) to manage the software and files on that infrastructure (configuration management).
 
-You can use those as-described or as a reference for setting up your preferred tools. If you notice something that could be done better, let us know (e.g. by creating an issue on GitHub).
+If you notice something that could be done better, let us know (e.g. by creating an issue on GitHub).

From 4ca14391be7f9ed2aeed08d405cc1c840ccfcc11 Mon Sep 17 00:00:00 2001
From: troymc <troy@ascribe.io>
Date: Tue, 23 Aug 2016 18:10:56 +0200
Subject: [PATCH 22/22] docs: minor edit: (Optional) --> Optional:

---
 docs/source/prod-node-depl-tplt/prov-one-m-aws.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/source/prod-node-depl-tplt/prov-one-m-aws.md b/docs/source/prod-node-depl-tplt/prov-one-m-aws.md
index 3884fa4f..15d4b502 100644
--- a/docs/source/prod-node-depl-tplt/prov-one-m-aws.md
+++ b/docs/source/prod-node-depl-tplt/prov-one-m-aws.md
@@ -34,7 +34,7 @@ Terraform will report its progress as it provisions all the resources. Once it's
 At this point, there is no software installed on the instance except for Ubuntu 14.04 and whatever else came with the Amazon Machine Image (AMI) specified in the configuration. The next step is to use Ansible to install and configure all the necessary software.
 
 
-## (Optional) "Destroy"
+## Optional: "Destroy"
 
 If you want to shut down all the resources just provisioned, you must first disable termination protection on the instance: