AWS Multi-Network¶
It’s likely that your platform is comprised of multiple environments. You can map these environment in your namespaces.
I’ve two application environments setup in AWS - “prod” and “dev”. Both environments have been built from the same Terraform template - they are identical.
Note
In this example, each Bcome namespace is populated by a separate lookup against EC2 - i.e. each namespace maps to its own Inventory.
Filter keys map to labels set on servers in EC2.
For further configuration details, please refer to the documentation.
Tree Hierarchy¶
Take a look the tree hierarchy, generated by invoking Bcome’s tree command:
▐▆ Namespace tree wbz
│
├───╸ collection dev
│ ├───╸ inventory wbzsite
│ │ ├───╸ server app1
│ │ └───╸ server app2
│ │
│ └───╸ inventory xops
│ ├───╸ server bastion
│ └───╸ server puppet
│
│
└───╸ collection prod
├───╸ inventory wbzsite
│ ├───╸ server app1
│ └───╸ server app2
│
└───╸ inventory xops
├───╸ server bastion
└───╸ server puppet
Network Configuration¶
Below is an example multi-network AWS configuration: two networks, corresponding to development & production application environments, are configured.
---
wbz:
type: collection
description: WBZ aws estate
ssh_settings:
timeout_in_seconds: 10
network:
type: ec2
credentials_key: webzakimbo
provisioning_region: eu-west-1
filters:
instance-state-name: running
wbz:dev:
type: collection
description: All dev environment
ssh_settings:
proxy:
host_lookup: by_bcome_namespace
namespace: dev:xops:bastion
network:
filters:
tag:stack: dev-net
wbz:dev:xops:
type: inventory
description: Operations namespace
network:
filters:
tag:division: "xops"
wbz:dev:wbzsite:
type: inventory
description: Frontend wbzsite
network:
:filters:
tag:function: "frontend-wbzsite"
wbz:prod:
type: collection
description: All prod environment
ssh_settings:
proxy:
host_lookup: by_bcome_namespace
namespace: prod:xops:bastion
network:
filters:
tag:stack: prod-net
wbz:prod:xops:
type: inventory
description: Operations namespace
network:
filters:
tag:division: "xops"
wbz:prod:wbzsite:
type: inventory
description: Frontend wbzsite
network:
filters:
tag:function: "frontend-wbzsite"
Ascii Cast¶
The following Asciicast presents a quick run-through of navigating the namespace configuration.
Note
To replay this Asciicast in your own terminal, install the asciinema package from https://asciinema.org/, and then enter the following in your terminal:
asciinema play https://asciinema.org/a/YQ5oNHDABJ7wjkGvdLKvYKWZj
Alternative Network Configuration¶
The previous example performs four lookups against EC2 (one per inventory). We may reduce the number of lookups by using the inventory-subselect namespace type:
---
wbz:
type: collection
description: WBZ aws estate
ssh_settings:
timeout_in_seconds: 10
network:
type: ec2
credentials_key: webzakimbo
provisioning_region: eu-west-1
filters:
instance-state-name: running
wbz:dev:
type: collection
description: All dev environment
ssh_settings:
proxy:
host_lookup: by_bcome_namespace
namespace: dev:xops:bastion
network:
filters:
tag:stack: dev-net
wbz:dev:all:
type: inventory
description: all development servers
hidden: true
wbz:dev:xops:
type: inventory-subselect
description: Operations namespace
subselect_from: dev:all
filters:
by_tag:
division:
- "xops"
wbz:dev:wbzsite:
type: inventory-subselect
description: Frontend wbzsite
subselect_from: dev:all
filters:
by_tag:
function: "frontend-wbzsite"
wbz:prod:
type: collection
description: All prod environment
ssh_settings:
proxy:
host_lookup: by_bcome_namespace
namespace: prod:xops:bastion
network:
filters:
tag:stack: prod-net
wbz:prod:all:
type: inventory
description: all production servers
hidden: true
wbz:prod:xops:
type: inventory-subselect
description: Operations namespace
subselect_from: prod:all
filters:
by_tag:
division:
- "xops"
wbz:prod:wbzsite:
type: inventory-subselect
description: Frontend wbzsite
subselect_from: prod:all
filters:
by_tag:
function: "frontend-wbzsite"
The above will result in the exact same namespace configuration.