Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support AWS System Manager Session Manager #83

Closed
MatthiasScholz opened this issue Dec 28, 2019 · 2 comments
Closed

Support AWS System Manager Session Manager #83

MatthiasScholz opened this issue Dec 28, 2019 · 2 comments
Labels
enhancement New feature or request

Comments

@MatthiasScholz
Copy link
Owner

Summary

Making use of the AWS Session Manager will allow to deprecate the bastion setup in order to debug cluster issues where direct instance access is needed.

Using the AWS Session Manager provides better security and less infrastructure to maintain and pay for.

Details

  • ensure AWS Session Manager is installed on the instances ( by default for AWS AmazonLinux 2 )
  • ensure instance is allowed to interact with AWS Session Manager ( instance profile )
  • cleanup documentation to advertise AWS Session Manager over Bastion setup ( +sshuttle )
@MatthiasScholz MatthiasScholz added the enhancement New feature or request label Dec 28, 2019
This was referenced Dec 15, 2020
Closed
Closed
MatthiasScholz pushed a commit that referenced this issue Dec 17, 2020
♻️ Bastion to AWS Systems Manager, resolve #83
74319c8
@MatthiasScholz MatthiasScholz mentioned this issue Dec 17, 2020
Merged
MatthiasScholzTW added a commit that referenced this issue Dec 25, 2020
@MatthiasScholzTW
✨ AWS SSM support for consul cluster, relates to #83
548d4a4
@MatthiasScholz
Copy link
Owner Author

MatthiasScholz commented Dec 28, 2020
edited
Loading

Open Points

  • Create PR to activate nomad-cluster creation without SSH cidr block definition.

MatthiasScholzTW added a commit that referenced this issue Jan 15, 2021
@MatthiasScholzTW
🐛 wait for cloud-init to be finished | #83
d7cf600
MatthiasScholzTW added a commit that referenced this issue Jan 17, 2021
@MatthiasScholzTW
♻️ remove SSH dependency | #83
9bbd082 
Using AWS System Manager Session Manager instead of SSH access.
MatthiasScholzTW added a commit that referenced this issue Jan 17, 2021
@MatthiasScholzTW
📝 ♻️ SSH connection | #83
2a3b098
MatthiasScholzTW added a commit that referenced this issue Jan 17, 2021
@MatthiasScholzTW
🐛 removed missed ssh variable | #83
19dc4e8
MatthiasScholzTW added a commit that referenced this issue Jan 17, 2021
@MatthiasScholzTW
🐛 missed refactored output | #83
b9f342b
MatthiasScholz added a commit that referenced this issue Jan 17, 2021
@MatthiasScholz @MatthiasScholzTW
Version Upgrades - Nomad v1.0.2 (#87)
d275d86 
* 📌 version updates for all major components | #85

Covering the following dependencies:
- nomad: 1.0.2
- consul: 1.9.1
- fabio
- terraform modules
  - terraform-aws-consul module version 0.8.2
- packer definition
- terraform: 0.14.4

* ♻️ Migrate from SSH to SSM and restructuring | #83

- Remove SSH dependency
- Using AWS System Manager Session Manager instead of SSH access.

* ✨ AMI testing during creation

- Checking the AMI during the packer build step using goss.

* ✨ restart nomad service on instance, solves #62

* 👷 added linting

* 🐛 fixing aws provider version due to autoscaling issue

An unsolved regression in the terraform-provider-aws
(  hashicorp/terraform-provider-aws#14085 )
prevents the creation of autoscaling groups using terraform.

* 💩 using fork to unblock waiting for PR | #85

Waiting for PR to be merge:
hashicorp/terraform-aws-nomad#85

Co-authored-by: Matthias Scholz <[email protected]>
Co-authored-by: Matthias Scholz <[email protected]>
@MatthiasScholz
Copy link
Owner Author

Solved with PR #87.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@MatthiasScholz