aboutsummaryrefslogtreecommitdiff
path: root/terraform
Commit message (Collapse)AuthorAge
* Improve the from_port setting in various AWS security groupsHEADmasterChristopher Baines2019-08-28
| | | | Thanks to schmie for looking in to this.
* Add a name for the builder AWS instanceChristopher Baines2019-05-30
|
* Set --max-silent-time for the guix-daemonChristopher Baines2019-05-30
| | | | To avoid builds from hanging forever.
* Add a new AWS backend using Amazon Machine ImagesChristopher Baines2019-05-30
| | | | | | | | | | | | | | | | | | | | | | | The existing AWS backend uses system containers backed on to the AWS hosted NFS service (EFS). This has some advantages, but also some disadvantages. Using the EFS service allows building a container on one instance, with the state being held on the EFS, and then launching a new instance to run the container. Using EFS also provides persistence, at least beyond individual EC2 instances. However, build performance when using EFS is poor compared with a local store without the overhead of the network latency. Additionally, the startup speed of the container running off EFS is slow compared to local storage. This backend doesn't use EFS, instead the Guix store sits on instance storage. Rather than using a system container for a Mini Environment, an Amazon Machine Image (AMI) is built instead. The fast local storage makes builds faster, and using EBS storage for the Mini Envirnoments as well as not having the overhead of starting Ubuntu, then starting the container also makes startup faster.
* Set environment variables when creating data snapshotsChristopher Baines2019-01-07
| | | | This means that govuk data can access the data from S3.
* Add Terraform configuration for the gcroot directoriesChristopher Baines2019-01-06
| | | | On the AWS backend.
* Disable apparmor on the AWS backendChristopher Baines2019-01-06
|
* Move towards using the S3 bucket dataChristopher Baines2018-12-31
| | | | Rather than the govuk-puppet backup source on the machine.
* Add guile-sqlite3 to the profile on the AWS backend machineChristopher Baines2018-12-31
|
* Up AWS root volume sizesChristopher Baines2018-08-07
| | | | | The PostgreSQL data takes over 70GB now, so up the overall root filesystem size to 150GB.
* Install openssl and nss-certs on the build machineChristopher Baines2018-07-05
| | | | In AWS. This fixes downloading custom revisions of packages.
* Improve the public ip address handlingChristopher Baines2018-07-05
| | | | | Support multiple addresses to handle the GOV.UK PaaS, which has multiple egress points.
* Increase the number of build usersChristopher Baines2018-07-04
| | | | | For some reason, having more build users than allowed max-jobs isn't sufficient in some cases. So, add some more.
* Shorten the guix builder user nameChristopher Baines2018-07-04
| | | | | This makes it easier to see in tools like htop, top and ps, as they truncate the user name.
* Pass the terraform credentials to the remote state configurationChristopher Baines2018-07-04
| | | | | This fixes the mini environment Terraform working, now that the backend is protected by basic authentication.
* Use bash from Guix when fetching revisions remotelyChristopher Baines2018-07-04
|
* Change the backend instance to a t2.xlargerelease_10Christopher Baines2018-07-03
| | | | The builds can be quite expensive, so the extra resource is useful.
* Increase the resources for AWS mini environmentsChristopher Baines2018-07-03
| | | | | From a t2.large to a t2.xlarge. Running every service requires close to 16GB of memory.
* Set GDS_GUIX_GOVUK_PUPPET_BACKUPS_DIRECTORYChristopher Baines2018-07-03
| | | | On the AWS build machine.
* Copy the root profile when provisioningChristopher Baines2018-07-03
| | | | | | Then switch to just installing guile. Also, always create the ~/.guix-profile symlink, as this isn't stored on EFS and thus needs creating everytime the machine is created.
* Make the ~/.config directory during provisioningChristopher Baines2018-07-03
| | | | This ensures that it's owned by the ubuntu user.
* Change the spot_type of the spot requests to one-timeChristopher Baines2018-07-03
| | | | | | The setup for these machines is dependant on the Terraform provisioners, so make the spot requests one time rather than persistent.
* Specify the mini_environment_up output for the AWS backendrelease_2Christopher Baines2018-06-28
|
* Ensure the log directory exists in the AWS backendChristopher Baines2018-06-28
|
* Specify the disk size for the AWS build machineChristopher Baines2018-06-28
|
* Increase the number of build users in AWSChristopher Baines2018-06-28
|
* Switch to using the public AWS domain of the build machineChristopher Baines2018-06-23
| | | | | | Rather than the configured domain, as the corresponding SSH key shouldn't change for the AWS domain (whereas it does for the configured domain, if the machine changes).
* Add support for managing Terraform AWS backends from the show pageChristopher Baines2018-06-23
|
* Support managing the libvirt backend from the show pageChristopher Baines2018-06-23
|
* Handle SSH keys via the databaseChristopher Baines2018-06-23
| | | | | This makes it more explicit, and works around Terraform being unpredictable when dealing with SSH agents.
* Add an output to the libvirt mini_environment terraformChristopher Baines2018-06-21
| | | | | This can then be used to easily determine if Terraform thinks there is a VM running.
* Share /var/cache and /var/lib with the hostChristopher Baines2018-06-03
| | | | | In the AWS backend. This means that they don't end up on a tmpfs and using up RAM.
* Give AWS mini environments 100GB of spaceChristopher Baines2018-06-03
| | | | To make room for data snapshots.
* Change the AWS backend instance type to a t2.largeChristopher Baines2018-06-03
| | | | | | Which is an increase in resources from the t2.medium. The 8GB of RAM (an increase from 4GB), will come in useful when working with data snapshots.
* Change how the EFS File System is handledChristopher Baines2018-06-03
| | | | | | | | | | For the AWS backend. Bring it in to the Terraform configuration for the backend, where previously only the id was known. Also, alter the provisioning so that it can handle an empty EFS file system. This reduces the amount of manual setup required for AWS.
* Improve the AWS backendChristopher Baines2018-05-03
| | | | | | This gets the AWS backend to the point where you can deploy the backend, and then a mini environment without any actions outside of the govuk-mini-environment-admin.
* Improve the libvirt backend terraform configChristopher Baines2018-04-12
| | | | | dns and dhcp apparently need to be specified explicitly. Also change the network name to main.
* Improve the support for LibvirtChristopher Baines2018-04-12
| | | | | | | | | Separate out the backend things, like the virtual network, from the mini environment. This makes it easier to have resources shared between mini environments. Also handle the deployment of this new backend related Terraform configuration.
* Provide the AWS access key and secret as variablesChristopher Baines2018-04-03
| | | | To terraform.
* Add backend controllers, models and viewsChristopher Baines2018-03-29
| | | | Also annotate existing models.
* Add some govuk-guix related jobsChristopher Baines2018-03-29
| | | | And various other views and routes.
* AWS related tweaksChristopher Baines2018-03-29
|
* Add terraform backend and initial guix configurationChristopher Baines2018-03-29
|
* Initial commitChristopher Baines2018-03-29