Getting started on AWS

Prerequisites

Clone repos

mkdir ~/caravan
cd ~/caravan
git clone git@github.com:bitrockteam/caravan-baking.git
git clone git@github.com:bitrockteam/caravan-infra-aws.git
git clone git@github.com:bitrockteam/caravan-platform.git
git clone git@github.com:bitrockteam/caravan-application-support.git

Install and configure AWS CLI

Please refer to AWS User Guide for installing and configuring AWS CLI.

Build VM images

cd ~/caravan/caravan-baking/terraform

cat <<EOF > aws.tfvars
build_on_aws      = true
build_image_name  = "caravan-centos-image"
aws_access_key    = "YOUR-ACCESS-KEY"
aws_secret_key    = "YOUR-SECRET-KEY"
aws_region        = "eu-central-1"
aws_instance_type = "t3.small"
EOF

terraform init
terraform apply -var-file aws.tfvars

Build infrastructure

# NAME the prefix to be used for resources
# REGION where to create resources
# PROFILE the profile name in ~/.aws/credentials to use

cd ~/caravan/caravan-infra-aws
./project-setup.sh NAME REGION PROFILE

The script will provision resources needed for Terraform run: - S3 Bucket for state store - DynamoDB Table for state locking

This will also create aws.tfvars and backend.tf in the current directory. You can further edit aws.tvars to modify the variables if needed. For example, you might be interested in setting use_le_staging=true to use Let’s Encrypt staging endpoint and avoid being rate limited if you are going to run certificate requests too often initially.

You need to have an already existing route53 zone to use and configure it with external_domain var in aws.tvars.

The two helper scripts run.sh and destroy.sh can be used to fully automate the provisioning and destroy of the entire stack, providing a one-click experience.

To start the provisioning run:

./run.sh

or

terraform init -reconfigure -upgrade
terraform apply -var-file aws.tfvars

Configure the platform

cd ~/caravan/caravan-platform
export PREFIX=your-prefix # replace with your prefix
export EXTERNAL_DOMAIN=my-real-domain.io # replace with your external_domain
mv $PREFIX-aws-backend.tf.bak backend.tf
terraform init -upgrade -reconfigure
export VAULT_ADDR=https://vault.$PREFIX.$EXTERNAL_DOMAIN
export VAULT_TOKEN="$(cat "../caravan-infra-aws/.$PREFIX-root_token")"
export NOMAD_TOKEN=$(vault read -tls-skip-verify -format=json nomad/creds/token-manager | jq -r .data.secret_id)
terraform apply -var-file $PREFIX-aws.tfvars

Deploy platform applications

cd ~/caravan/caravan-application-support
# repeat as per caravan-platform

Teardown

Destroy resources in all projects via terraform destroy -var-file aws.tfvars.

Alternatively you can use destroy.sh to automate the entire process.

Delete the resources created via project-setup.sh script

# NAME the prefix to be used for resources
# REGION where to create resources
# PROFILE the profile name in ~/.aws/credentials to use

cd ~/caravan/caravan-infra-aws
./project-cleanup.sh NAME REGION PROFILE