Commit 5c03ce9

committed

DLE AMI (packer) for TF deployment

1 parent c8d6072 commit 5c03ce9Copy full SHA for 5c03ce9

File tree

7 files changed

+214

-0

lines changed

.gitignore
packer

7 files changed

+214

-0

lines changed

`‎.gitignore‎`

Lines changed: 1 addition & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -9,3 +9,4 @@`
`9`	`9`
`10`	`10`	`/configs/config.yml`
`11`	`11`	`/configs/run_ci.yaml`
	`12`	`+/packer/example.com.key`

`‎packer/envoy.service‎`

Lines changed: 11 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,11 @@`
	`1`	`+[Unit]`
	`2`	`+Description=Envoy`
	`3`	`+[Service]`
	`4`	`+ExecStart=/usr/bin/envoy -c /etc/envoy/envoy.yaml`
	`5`	`+Restart=always`
	`6`	`+RestartSec=5`
	`7`	`+KillMode=mixed`
	`8`	`+SyslogIdentifier=envoy`
	`9`	`+LimitNOFILE=640000`
	`10`	`+[Install]`
	`11`	`+WantedBy=multi-user.target`

`‎packer/envoy.yaml‎`

Lines changed: 95 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,95 @@`
	`1`	`+admin:`
	`2`	`+ access_log_path: /dev/null`
	`3`	`+ address:`
	`4`	`+ socket_address:`
	`5`	`+ address: 0.0.0.0`
	`6`	`+ port_value: 8000`
	`7`	`+`
	`8`	`+static_resources:`
	`9`	`+ clusters:`
	`10`	`+ - name: dle_clone_6000`
	`11`	`+ connect_timeout: 1s`
	`12`	`+ type: STRICT_DNS`
	`13`	`+ load_assignment:`
	`14`	`+ cluster_name: dle_clone_6000`
	`15`	`+ endpoints:`
	`16`	`+ - lb_endpoints:`
	`17`	`+ - endpoint:`
	`18`	`+ address:`
	`19`	`+ socket_address:`
	`20`	`+ address: 0.0.0.0`
	`21`	`+ port_value: 6000`
	`22`	`+ - name: dle_clone_6001`
	`23`	`+ connect_timeout: 1s`
	`24`	`+ type: STRICT_DNS`
	`25`	`+ load_assignment:`
	`26`	`+ cluster_name: dle_clone_6001`
	`27`	`+ endpoints:`
	`28`	`+ - lb_endpoints:`
	`29`	`+ - endpoint:`
	`30`	`+ address:`
	`31`	`+ socket_address:`
	`32`	`+ address: 0.0.0.0`
	`33`	`+ port_value: 6001`
	`34`	`+`
	`35`	`+ listeners:`
	`36`	`+ - name: dle_clone_9000_listener`
	`37`	`+ address:`
	`38`	`+ socket_address:`
	`39`	`+ address: 0.0.0.0`
	`40`	`+ port_value: 9000`
	`41`	`+ filter_chains:`
	`42`	`+ - filters:`
	`43`	`+ - name: envoy.filters.network.postgres_proxy`
	`44`	`+ typed_config:`
	`45`	`+ "@type": type.googleapis.com/envoy.extensions.filters.network.postgres_proxy.v3alpha.PostgresProxy`
	`46`	`+ stat_prefix: egress_postgres`
	`47`	`+ enable_sql_parsing: false`
	`48`	`+ terminate_ssl: true`
	`49`	`+ - name: envoy.tcp_proxy`
	`50`	`+ typed_config:`
	`51`	`+ "@type": type.googleapis.com/envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy`
	`52`	`+ stat_prefix: tcp_postgres`
	`53`	`+ cluster: dle_clone_6000`
	`54`	`+ idle_timeout: 1000s`
	`55`	`+ transport_socket:`
	`56`	`+ name: "starttls"`
	`57`	`+ typed_config:`
	`58`	`+ "@type": type.googleapis.com/envoy.extensions.transport_sockets.starttls.v3.StartTlsConfig`
	`59`	`+ tls_socket_config:`
	`60`	`+ common_tls_context:`
	`61`	`+ tls_certificates:`
	`62`	`+ certificate_chain:`
	`63`	`+ filename: "/etc/envoy/certs/fullchain1.pem"`
	`64`	`+ private_key:`
	`65`	`+ filename: "/etc/envoy/certs/privkey1.pem"`
	`66`	`+ - name: dle_clone_9001_listener`
	`67`	`+ address:`
	`68`	`+ socket_address:`
	`69`	`+ address: 0.0.0.0`
	`70`	`+ port_value: 9001`
	`71`	`+ filter_chains:`
	`72`	`+ - filters:`
	`73`	`+ - name: envoy.filters.network.postgres_proxy`
	`74`	`+ typed_config:`
	`75`	`+ "@type": type.googleapis.com/envoy.extensions.filters.network.postgres_proxy.v3alpha.PostgresProxy`
	`76`	`+ stat_prefix: egress_postgres`
	`77`	`+ enable_sql_parsing: false`
	`78`	`+ terminate_ssl: true`
	`79`	`+ - name: envoy.tcp_proxy`
	`80`	`+ typed_config:`
	`81`	`+ "@type": type.googleapis.com/envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy`
	`82`	`+ stat_prefix: tcp_postgres`
	`83`	`+ cluster: dle_clone_6001`
	`84`	`+ idle_timeout: 1000s`
	`85`	`+ transport_socket:`
	`86`	`+ name: "starttls"`
	`87`	`+ typed_config:`
	`88`	`+ "@type": type.googleapis.com/envoy.extensions.transport_sockets.starttls.v3.StartTlsConfig`
	`89`	`+ tls_socket_config:`
	`90`	`+ common_tls_context:`
	`91`	`+ tls_certificates:`
	`92`	`+ certificate_chain:`
	`93`	`+ filename: "/etc/envoy/certs/fullchain1.pem"`
	`94`	`+ private_key:`
	`95`	`+ filename: "/etc/envoy/certs/privkey1.pem"`

`‎packer/install-dblabcli.sh‎`

Lines changed: 12 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,12 @@`
	`1`	`+#/!bin/bash`
	`2`	`+`
	`3`	`+set -x`
	`4`	`+mkdir ~/.dblab`
	`5`	`+curl https://gitlab.com/postgres-ai/database-lab/-/raw/$dle_version/scripts/cli_install.sh \| bash`
	`6`	`+sudo mv ~/.dblab/dblab /usr/local/bin/dblab`
	`7`	`+echo $dle_version > ~/.dblab/dle_version`
	`8`	`+sudo curl https://gitlab.com/postgres-ai/database-lab/-/raw/$dle_version/configs/config.example.logical_generic.yml --output ~/.dblab/config.example.logical_generic.yml`
	`9`	`+sudo curl https://gitlab.com/postgres-ai/database-lab/-/raw/$dle_version/configs/config.example.logical_rds_iam.yml --output ~/.dblab/config.example.logical_rds_iam.yml`
	`10`	`+sudo curl https://gitlab.com/postgres-ai/database-lab/-/raw/$dle_version/configs/config.example.physical_generic.yml --output ~/.dblab/config.example.physical_generic.yml`
	`11`	`+sudo curl https://gitlab.com/postgres-ai/database-lab/-/raw/$dle_version/configs/config.example.physical_walg.yml --output ~/.dblab/config.example.physical_walg.yml`
	`12`	`+`

`‎packer/install-envoy.sh‎`

Lines changed: 9 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,9 @@`
	`1`	`+#/!bin/bash`
	`2`	`+`
	`3`	`+sudo mkdir -p /etc/envoy/certs`
	`4`	`+`
	`5`	`+sudo chown root.root /home/ubuntu/envoy.service`
	`6`	`+sudo mv /home/ubuntu/envoy.service /etc/systemd/system/envoy.service`
	`7`	`+sudo chown root.root /home/ubuntu/envoy.yaml`
	`8`	`+sudo mv /home/ubuntu/envoy.yaml /etc/envoy/envoy.yaml`
	`9`	`+`

`‎packer/install-prereqs.sh‎`

Lines changed: 34 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,34 @@`
	`1`	`+#/!bin/bash`
	`2`	`+`
	`3`	`+set -euxo pipefail`
	`4`	`+`
	`5`	`+sudo apt update -y`
	`6`	`+sudo apt upgrade -y`
	`7`	`+sudo apt full-upgrade`
	`8`	`+`
	`9`	`+sudo apt-get update && sudo apt-get install -y \`
	`10`	`+ apt-transport-https \`
	`11`	`+ ca-certificates \`
	`12`	`+ gnupg-agent \`
	`13`	`+ python3-software-properties \`
	`14`	`+ software-properties-common \`
	`15`	`+ curl \`
	`16`	`+ gnupg2 \`
	`17`	`+ zfsutils-linux`
	`18`	`+`
	`19`	`+sudo docker pull postgresai/dblab-server:$dle_version`
	`20`	`+`
	`21`	`+#install postgres client`
	`22`	`+wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc \| sudo apt-key add -`
	`23`	+echo "deb http://apt.postgresql.org/pub/repos/apt/ `lsb_release -cs`-pgdg main" \|sudo tee /etc/apt/sources.list.d/pgdg.list
	`24`	`+sudo apt-get update && sudo apt-get install -y postgresql-client-13`
	`25`	`+`
	`26`	`+#install certbot`
	`27`	`+sudo snap install certbot --classic`
	`28`	`+sudo ln -s /snap/bin/certbot /usr/bin/certbot`
	`29`	`+`
	`30`	`+#install envoy`
	`31`	`+curl -sL 'https://getenvoy.io/gpg' \| sudo apt-key add -`
	`32`	`+sudo add-apt-repository "deb [arch=amd64] https://dl.bintray.com/tetrate/getenvoy-deb $(lsb_release -cs) stable"`
	`33`	`+sudo apt update && sudo apt-get install -y getenvoy-envoy`
	`34`	`+`

`‎packer/template.json.pkr.hcl‎`

Lines changed: 52 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,52 @@`
	`1`	`+variable "ami_name_prefix" {`
	`2`	`+ type = string`
	`3`	`+ default = "${env("AMI_NAME_PREFIX")}"`
	`4`	`+}`
	`5`	`+`
	`6`	`+variable "dle_version" {`
	`7`	`+ type = string`
	`8`	`+ default = "${env("DLE_VERSION")}"`
	`9`	`+}`
	`10`	`+`
	`11`	`+data "amazon-ami" "base" {`
	`12`	`+ filters = {`
	`13`	`+ architecture = "x86_64"`
	`14`	`+ "block-device-mapping.volume-type" = "gp2"`
	`15`	`+ name = "ubuntu-focal-20.04-amd64-server-"`
	`16`	`+ root-device-type = "ebs"`
	`17`	`+ virtualization-type = "hvm"`
	`18`	`+ }`
	`19`	`+ most_recent = true`
	`20`	`+ owners = ["099720109477"]`
	`21`	`+}`
	`22`	`+`
	`23`	`+source "amazon-ebs" "base" {`
	`24`	`+ ami_description = "Installed AMI with Ubuntu 20.04, ZFS, Docker, Envoy proxy and Database Lab Engine 2.0 with client CLI."`
	`25`	`+ ami_name = "${var.ami_name_prefix}-${var.dle_version}-${formatdate("YYYY-MM-DD", timestamp())}-${uuidv4()}"`
	`26`	`+ instance_type = "t2.large"`
	`27`	`+ source_ami = "${data.amazon-ami.base.id}"`
	`28`	`+ ssh_username = "ubuntu"`
	`29`	`+}`
	`30`	`+`
	`31`	`+build {`
	`32`	`+ sources = ["source.amazon-ebs.base"]`
	`33`	`+`
	`34`	`+ provisioner "shell" {`
	`35`	`+ inline = ["echo 'Sleeping for 45 seconds to give Ubuntu enough time to initialize (otherwise, packages might fail to install).'", "sleep 45", "sudo apt-get update"]`
	`36`	`+ }`
	`37`	`+`
	`38`	`+ provisioner "file"{`
	`39`	`+ source = "envoy.service"`
	`40`	`+ destination = "/home/ubuntu/envoy.service"`
	`41`	`+ }`
	`42`	`+ provisioner "file"{`
	`43`	`+ source = "envoy.yaml"`
	`44`	`+ destination = "/home/ubuntu/envoy.yaml"`
	`45`	`+ }`
	`46`	`+`
	`47`	`+ provisioner "shell" {`
	`48`	`+ environment_vars = ["dle_version=${var.dle_version}"]`
	`49`	`+ scripts = ["${path.root}/install-prereqs.sh", "${path.root}/install-dblabcli.sh","${path.root}/install-envoy.sh"]`
	`50`	`+ }`
	`51`	`+`
	`52`	`+}`

0 commit comments

Comments

(0)

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit 5c03ce9

File tree

7 files changed

7 files changed

`‎.gitignore‎`

`‎packer/envoy.service‎`

`‎packer/envoy.yaml‎`

`‎packer/install-dblabcli.sh‎`

`‎packer/install-envoy.sh‎`

`‎packer/install-prereqs.sh‎`

`‎packer/template.json.pkr.hcl‎`

0 commit comments