tpaexec provision v23
Provision creates instances and other resources required by the cluster.
The exact details of this process depend both on the architecture (e.g. M1) and platform (e.g. AWS) that you selected while configuring the cluster.
At the end of the provisioning stage, you will have the required number of instances with the basic operating system installed, which TPA can access via ssh (with sudo to root).
Prerequisites
Before you can provision a cluster, you must generate the cluster
configuration with tpaexec configure
(and edit config.yml to fine-tune the configuration if needed).
You may need additional platform-dependent steps. For example, you need to obtain an AWS API access keypair to provision EC2 instances, or set up LXD or Docker to provision containers. Consult the platform documentation for details.
Quickstart
This command will produce lots of output (append -v
, -vv
, etc.
to the command if you want even more verbose output). The output is also
logged to ansible.log
in the cluster directory. This can be overriden
by setting the environment variable ANSIBLE_LOG_PATH
to the path and name of
the desired logfile.
If it completes without error, you may proceed to run
tpaexec deploy
to install and configure
software.
Options
When provisioning cloud instances, it is especially important to make
sure instances are directly traceable to a human responsible for them.
By default, TPA will tag EC2 instances as being owned by the login
name of the user running tpaexec provision
.
Specify --owner <name>
to change the name (e.g., if your username
happens to be something generic, like postgres or ec2-user). You may use
initials, or "Firstname Lastname", or anything else to uniquely identify
a person.
Any other options you specify are passed on to Ansible.
Accessing the instances
After provisioning completes, you should be able to SSH to the instances (after a brief delay to allow the instances to boot up and install their SSH host keys). As shown in the output above, tpaexec will generate an ssh_config file for you to use.
To login to a host, use the command ssh -F ssh_config
followed by the
hostname. For example ssh -F ssh_config uproar
.
You can run tpaexec deploy
immediately after
provisioning. It will wait as long as required for the instances to come
up. You do not need to wait for the instances to come up, or ssh in to
them before you start deployment.
Generated files
During the provisioning process, a number of new files will be created in the cluster directory:
We've already studied the sshconfig file, which refers to the `id*files (an SSH keypair generated for the cluster) and
tpa_known_hosts(the signatures of the
hostkeys/` installed on the instances).
The vars.json
file may be used by tpaexec provision
on
subsequent invocations with --cached
.
The inventory/
directory contains static and dynamic inventory files
as well as group and host variable definitions from config.yml.
If you now change a variable in config.yml and rerun provision, these files will be updated. If you don't change the configuration, it won't do anything. If you add a new instance in config.yml and rerun, it will bring up the new instance without affecting the existing ones.