Set the AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY environment variables
create a environments/foo.yml file (‘foo’ can be anything)
a) see environments/EXAMPLE.yml for a base reference
b) it is recommended that you set values for owner and reaper_spare_me
run make foo
After the cloudformation stacks has been created, cloud-init will run an
initial ansible playbook to set up the box. A cronjob run every 10 minutes
will pick up changes as needed. The logs for the initial playbook run are in
/var/log/cloud-init-output.log. If the cloudformation was created OK, but
the services do not come up, check that log output for why.
SSH
You can ssh into the EC2 instance with ssh ec2-user@meta-{{ whatever you configured in foo.yml }}.
Custom Docker tags
By default, the latest tag will be used. This can be adjusted
to use other image tags by setting any of {auth_docker_tag, authdb_docker_tag, content_docker_tag, customs_docker_tag, oauth_docker_tag, profile_docker_tag, rp_docker_tag} in
your environments/foo.yml configuration file.
NOTE: you must commit and push changes to that file to affect an existing EC2 instance.
Docker stopped|started:
By default, all docker containers are ‘started’. If
you want to selectively keep a service ‘stopped’, you can set any of
{auth_docker_state, authdb_docker_state, basket_docker_state, content_docker_state, customs_docker_state, oauth_docker_state, profile_docker_state, rp_docker_state} in
your environments/foo.yml configuration file.
NOTE: you must commit and push changes to that file to affect an existing EC2 instance.
Custom fxa-dev branch
You can control the branch of fxa-dev for each environment by changing the {fxadev_git_version} value in the environment configuration file.
Layout Notes
fxa sources are in /data/fxa-dev.
node processes are run by docker
config is setup by ansible docker_container module (e.g., roles/auth/tasks/main.yml)
run docker ps; docker images for info
ansible will do a docker pull, and restart the container if the image, or configuration, has changed.
nginx is the web frontend
config in /etc/nginx/conf.d
node process logs are available with, e.g., docker logs auth-server.
About using docker_container and quoting of environment values
docker_container (>=2.8) now insists that environment values be quoted. However, when evaluating "{{ foo }}", those quotes are removed. So use the to_json jinja2 filter to ensure that the value is quoted. Note: I use to_json instead of quote because quote will not quote Boolean values true and false.
If not quoted, the error will look like "Non-string value found for env option. Ambiguous env options must be wrapped in quotes to avoid them being interpreted. Key: ENV_VAR_NAME". If you see this error, add a to_json in your templates and try again.
AWS Ansible-based docker development environment for Firefox Accounts
Prerequisites
macOS
Use:
brew install ansible && pip install boto3Usage
To run on AWS change directory to
awsAWS_ACCESS_KEY_IDandAWS_SECRET_ACCESS_KEYenvironment variablesenvironments/foo.ymlfile (‘foo’ can be anything) a) seeenvironments/EXAMPLE.ymlfor a base reference b) it is recommended that you set values forownerandreaper_spare_memake fooAfter the cloudformation stacks has been created,
cloud-initwill run an initialansibleplaybook to set up the box. A cronjob run every 10 minutes will pick up changes as needed. The logs for the initial playbook run are in/var/log/cloud-init-output.log. If the cloudformation was created OK, but the services do not come up, check that log output for why.SSH
You can ssh into the EC2 instance with
ssh ec2-user@meta-{{ whatever you configured in foo.yml }}.Custom Docker tags
By default, the
latesttag will be used. This can be adjusted to use other image tags by setting any of{auth_docker_tag, authdb_docker_tag, content_docker_tag, customs_docker_tag, oauth_docker_tag, profile_docker_tag, rp_docker_tag}in your environments/foo.yml configuration file.Docker stopped|started:
By default, all docker containers are ‘started’. If you want to selectively keep a service ‘stopped’, you can set any of
{auth_docker_state, authdb_docker_state, basket_docker_state, content_docker_state, customs_docker_state, oauth_docker_state, profile_docker_state, rp_docker_state}in your environments/foo.yml configuration file.Custom fxa-dev branch
You can control the branch of fxa-dev for each environment by changing the
{fxadev_git_version}value in the environment configuration file.Layout Notes
/data/fxa-dev.docker_containermodule (e.g., roles/auth/tasks/main.yml)docker ps; docker imagesfor info/etc/nginx/conf.ddocker logs auth-server.Example urls
About using docker_container and quoting of environment values
docker_container(>=2.8) now insists that environment values be quoted. However, when evaluating"{{ foo }}", those quotes are removed. So use theto_jsonjinja2 filter to ensure that the value is quoted. Note: I useto_jsoninstead ofquotebecausequotewill not quote Boolean valuestrueandfalse.If not quoted, the error will look like
"Non-string value found for env option. Ambiguous env options must be wrapped in quotes to avoid them being interpreted. Key: ENV_VAR_NAME". If you see this error, add ato_jsonin your templates and try again.