Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
C
configuration
Overview
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
edx
configuration
Commits
26c65609
Commit
26c65609
authored
May 01, 2013
by
Sef Kloninger
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
README: reflect general jumpbox ssh config
parent
778f0d44
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
15 additions
and
17 deletions
+15
-17
README.md
+15
-17
No files found.
README.md
View file @
26c65609
...
...
@@ -173,32 +173,33 @@ If that works fine, then you can add an export of PYTHONPATH to
Because the reference architecture makes use of an Amazon VPC, you will not be able
to address the hosts in the private subnets directly. However, you can easily set
up a transparent "jumpbox" so that for all hosts in your vpc, connections are
tunneled
tunneled
.
Add something like the following to your `~/.ssh/config` file.
```
Host
vpc-00000000-jumpbox
HostName 54.236.224.226
Host
*
.us-west-1.compute-internal
ProxyCommand ssh -W %h:%p vpc-00000000-jumpbox
IdentityFile /path/to/aws/key.pem
ForwardAgent yes
User ubuntu
Host 10.0.10.1
ProxyCommand ssh -W %h:%p vpc-00000000-jumpbox
ForwardAgent yes
HostName 10.0.10.242
Host vpc-00000000-jumpbox
HostName 54.236.224.226
IdentityFile /path/to/aws/key.pem
ForwardAgent yes
User ubuntu
...
```
You will need a host entry for each server that ansible will configure.
Test this by typing `ssh 10.0.10.1`, use a hostname the exists in
your environment. If things are configured correctly you will ssh
to 10.0.10.1, jumping transparently via your basion host.
This assumes that you only have one VPC in the ```us-west-1``` region
that you're trying to ssh into. Internal DNS names aren't qualified
any further than that, so to support multiple VPC's you'd have to get
creative with subnets, for example ip-10-1 and ip-10-2...
Test this by typing `ssh ip-10-0-10-1.us-west-1.compute.internal`,
(of coruse using a hostname exists in your environment.) If things
are configured correctly you will ssh to 10.0.10.1, jumping
transparently via your basion host.
Assuming that the edxapp_stage.yml playbook targets hosts in your vpc
for which there are entiries in your `.ssh/config`, do the
...
...
@@ -208,9 +209,6 @@ following to run your playbook.
cd playbooks
ansible-playbook -v --user=ubuntu edxapp_stage.yml -i ./ec2.py -c ssh
```
We are in the process of writing utility scripts to generate this config,
but for the moment it is a manual process.
*Note: this assumes the group used for the edx stack was "edxapp_stage"*
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
