Update commcare cloud setup instructions #6458
Conversation
This is necessary so that COMMCARE_CLOUD_ENVIRONMENTS environment variable is set properly before running init-ansible.
bootstrap-users sets up the expected ssh config based on public keys previously added in these instructions. Once run, the user should then exit and re-ssh into the machine using the -A option to ensure agent forwarding is enabled.
This is removed once bootstrap-users is run
|
|
||
| $ sudo update-alternatives --install /usr/bin/python python /usr/bin/python3 10 | ||
|
|
||
|
|
There was a problem hiding this comment.
is this not needed anymore?
I used this one recently when trying to do a test install.
There was a problem hiding this comment.
Given that we specify ubuntu 22.04 at the moment, 3.10 will be the system version, so it seems fine to simplify the step to just run this rather than specify the condition.
| @@ -111,6 +111,12 @@ reference. | |||
|
|
|||
| PasswordAuthentication yes | |||
|
|
|||
| To allow keyboard interactive authentication, ensure | |||
There was a problem hiding this comment.
I guess this is needed in specific cases and not all interactive authentication. I definitely could do an install without this change.
Found this useful reference: https://serverfault.com/questions/189643/sshd-blocking-password-authentication
There was a problem hiding this comment.
Yeah agreed it isn't necessary all of the time. Just checking that you agree that it isn't worth specifying that in the instructions given that it will be reverted in a later setup step anyway?
There was a problem hiding this comment.
I think if someone gets stuck at this step like you did, they are doing something special.
Seems fine to leave it if you think it could be useful for someone to make the initial root password step work, with a comment that "If needed you can enable keyboard interactive authentication with", though there are so many steps here that one would just go about copying pasting commands without really reading the instructions well, which is why it would be nice to keep commands limited and exclude anything special.
So, This could go either also go here
Agreed that this later gets cleaned up.
|
|
||
| :: | ||
|
|
||
| $ eval `ssh-agent` | ||
| $ ssh-add ~/.ssh/id_rsa | ||
| $ commcare-cloud cluster bootstrap-users |
| @@ -467,13 +464,13 @@ Install CommCare Cloud | |||
|
|
|||
| $ cp ~/commcare-cloud/src/commcare_cloud/config.example.py ~/commcare-cloud/src/commcare_cloud/config.py | |||
|
|
|||
| Update the known hosts file | |||
| Update the known hosts file (substituting your environment name if necessary) | |||
|
|
|||
| :: | |||
|
|
|||
| $ commcare-cloud cluster update-local-known-hosts | |||
There was a problem hiding this comment.
I know we have used cluster as environment name in the entire doc but would it be clearer if we use which would indicate that this has to be replaced?
| $ commcare-cloud cluster update-local-known-hosts | |
| $ commcare-cloud <env> update-local-known-hosts |
btw I am totally fine with the way it is right now it was just a thought that I wanted to share with you.
There was a problem hiding this comment.
Yeah I do want to make this change. I also want to make a sweeping change to the $ syntax before each command as it makes copy/pasting annoying, so was planning to do this in a separate PR if that is ok with you.
There was a problem hiding this comment.
Yeah. Totally fine by me.
| $ nano ~/.profile | ||
|
|
||
| Paste the following before the line that sources the init-ansible script. | ||
|
|
||
| :: | ||
|
|
||
| source ~/.commcare-cloud/load_config.sh |
There was a problem hiding this comment.
Any specific case where this approach better than the previous one?
There was a problem hiding this comment.
Based on the order of instructions, load_config.sh was being run after init-ansible, but load_config plays a critical role in exporting the COMMCARE_CLOUD_ENVIRONMENTS variable to point to the right environments directory. I know this change complicates the setup a bit, but hopefully results in fewer issues down the road. Does that answer your question?
There was a problem hiding this comment.
The "before ... init-ansible" instruction appears to contradict the output of manage-commcare-cloud configure, which says to append to ~/.profile.
commcare-cloud/src/commcare_cloud/manage_commcare_cloud/configure.py
Lines 97 to 98 in d6adf3b
load_config.shwas being run afterinit-ansible, but load_config plays a critical role in exporting the COMMCARE_CLOUD_ENVIRONMENTS variable to point to the right environments directory
Does that order matter? That is, does init-ansible need COMMCARE_CLOUD_ENVIRONMENTS to be set before it is run?
There was a problem hiding this comment.
Another option would be to have the init-ansible script source ~/.commcare-cloud/load_config.sh if it exists, and skip the instruction to add it to .profile.
There was a problem hiding this comment.
Yeah upon closer inspection, I may have incorrectly assumed this was the cause of an issue I was facing. It seems fair to say that the init-ansible script does not use the COMMCARE_CLOUD_ENVIRONMENTS variable for anything other than how it is used in update_code.sh. I think I know where I went wrong, but I'll try to run through the setup steps without this change just to make sure.
There was a problem hiding this comment.
Ok it seems fine. Reverted in 17240b4.
|
Possibly a more extreme change, but I'm tempted to remove support for running |
| $ nano ~/.profile | ||
|
|
||
| Paste the following before the line that sources the init-ansible script. | ||
|
|
||
| :: | ||
|
|
||
| source ~/.commcare-cloud/load_config.sh |
There was a problem hiding this comment.
The "before ... init-ansible" instruction appears to contradict the output of manage-commcare-cloud configure, which says to append to ~/.profile.
commcare-cloud/src/commcare_cloud/manage_commcare_cloud/configure.py
Lines 97 to 98 in d6adf3b
load_config.shwas being run afterinit-ansible, but load_config plays a critical role in exporting the COMMCARE_CLOUD_ENVIRONMENTS variable to point to the right environments directory
Does that order matter? That is, does init-ansible need COMMCARE_CLOUD_ENVIRONMENTS to be set before it is run?
This reverts commit 3d9717c.
Co-authored-by: Amit Phulera <[email protected]>
I've run into various issues while setting up monoliths and am attempting to clarify those instructions in this PR.
This also notably updates documentation to be aligned with our removal of the suggestion to copy a private key to the server, and instead use
ssh -Awhen/where appropriate.Review by commit.
Environments Affected
None