Install aws cli and ansible modules on control machine
- check if you have aws cli installed
aws --version
if not - install it following these instructions. The simplest way is to use pip
:
pip install awscli --upgrade --user
Mac systems with homebrew installed:
brew install awscli
- Also, use
pip
to install the following python packages required by ansible:
sudo pip install boto
sudo pip install boto3
Configuring AWS account
Minimum node recommendations:
* Size: t3.medium, a larger instance is preferable.
* Storage: SSD rather than HDD (see here for more information).
-
Register (if you havenât already) and login to the AWS management console: https://aws.amazon.com/console/
-
to create credentials for cli, open IAM home https://console.aws.amazon.com/iam/home, select âUsersâ on the left hand side navigation bar and then click âAdd userâ. Pick a username, and check âProgrammatic accessâ for âAccess typeâ. NOTE: For clarity we recommend using identical usernames on your Ansible Control Station and your remote node. For example, one can create a user named âubuntuâ on both your Ansible Control Station and your remote note.
-
Click âNext: Permissionsâ - you can choose any of the available options, and âAttach existing policies directlyâ is the simplest one. In the list of policy types, search for and then check âAmazonEC2FullAccessâ. Click âNext:Reviewâ. Review your account and click âCreate userâ to proceed.
-
it is very important that you copy âAccess Key IDâ and âSecret Access Keyâ without leaving this page, because there is no other way to retrieve âSecret Access Keyâ later and you will have to start again and create another user. After copying this important information, select âCloseâ.
-
after youâve copied and saved your AWS secret keys, the next step is to upload your SSH public key. In the top left corner of the page select âServices -> EC2â. On the left sidebar select âNetwork & Securityâ -> âKey Pairsâ. Click âImport Key Pairâ. Give a name to this keypair, otherwise base name of the file will be used (by default
id_rsa
). Browse your Ansible Control Station file system for the public key. -
configure aws cli:
aws configure
provide your credentials (Access Key ID and Secret Access Key) from earlier. Choose a region for your account (e.g. us-east-2
) and output format (json
is recommended).
- check that keypair was correctly imported:
aws ec2 describe-key-pairs
you should see your keypair name in the list.
- choose available aws VPC and Subnet. Run this command to list subnets
aws ec2 describe-subnets
select any subnet with "State": "available"
and non-zero AvailableIpAddressCount
. You need to note SubnetId
and VpcId
of this subnet for later use.
- clone repository with ansible playbooks and checkout branch corresponding to Kovan:
git clone https://github.com/poanetwork/deployment-playbooks.git
cd deployment-playbooks
git checkout kovan
- go to
aws
folder
cd aws
- create configuration file
cp group_vars/all.yml.example group_vars/all.yml
- edit this file in your favorite text editor (e.g.
nano
)
nano group_vars/all.yml
and provide the following configuration parameters
access_key: "your aws access key"
secret_key: "your aws secret key"
awskeypair_name: "aws keypair name"
region: "us-east-1" # you can choose a different region
vpc_id: "your VpcId"
vpc_subnet_id: "your SubnetId"
leave other parameters unchanged
- run the playbook (run from the aws folder)
ansible-playbook validator.yml --private-key ~/.ssh/id_rsa
If the path to your private key is different, use that instead of ~/.ssh/id_rsa
. If successful, you should see a successful play recap.
-
open aws console, go to ec2 instances and check that new instance is created, note itâs IP address for later use.
-
Next you must run a second Ansible playbook from the root directory to complete the setup - Return to step III. Ansible Playbook Configuration in Kovan Node setup instructions
Troubleshooting:
[WARNING] provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match âallâ.
Make sure you are in the aws subdirectory when running the playbook (step 13).
Syntax error while loading YAML
Check that variables are tabbed properly
[ami-XXX] does not exist.
ami is tied to the aws region your chose, ie east-region-2. To find the ami, go to the ec2 console at us-east-1 region, find the AMI tab and enter the current AMI. It will show you something similar to ubuntu/images/hvm-ssd/ubuntu-xenial-16.04-amd64-server-20180205
which is the AMI name. Go to your region and enter the name at the same search string. Copy the AMI id from the output.