genvid-bastion
このセクションの内容
Manage the local bastion cluster.
The script installs the supervisor services under
GENVID_SERVICES_DATADIR(defaults to ~/.genvid) and sets up a bastion-api service on top of them, using the installation directory.
usage: genvid-bastion [-h] [--loglevel {DEBUG,INFO,WARNING,ERROR}] [--logformat LOGFORMAT]
{sdk-version,version,env,backup,clean,delete-default-terraform-providers,get-default-terraform-providers,install,load-bastion-config,log,monitor,open,reinstall,render-template,restart,set-default-terraform-providers,setup,setup-vault-engines,start,status,stop,uninstall,update-global-tfvars}
...
Positional Arguments
- command
Possible choices: sdk-version, version, env, backup, clean, delete-default-terraform-providers, get-default-terraform-providers, install, load-bastion-config, log, monitor, open, reinstall, render-template, restart, set-default-terraform-providers, setup, setup-vault-engines, start, status, stop, uninstall, update-global-tfvars
Named Arguments
- --loglevel
Possible choices: DEBUG, INFO, WARNING, ERROR
Set the script log level
- --logformat
Set the script log format
Sub-commands
sdk-version
Print current SDK versions
genvid-bastion sdk-version [-h]
version
Print current versions
genvid-bastion version [-h]
env
Print used environment variables.
genvid-bastion env [-h]
backup
Create a snapshot of the services data and files. Only Consul (including the Vault database in the default configuration), the Vault's key, and the Terraform "workdir" will be saved. Nomad's data will not be. Please make sure no terraform operations are running during the process, including updating repository.
The data can be restored when performing an install.
バージョン 1.14.0 で追加.
genvid-bastion backup [-h] [--strategies {version,consul,vault,terraform} [{version,consul,vault,terraform} ...]]
zipfile
Positional Arguments
- zipfile
Archive to save the backup.
Named Arguments
- --strategies, -s
Possible choices: version, consul, vault, terraform
Strategies to apply for the backup.
clean
Deprecated. An alias for uninstall --clean.
genvid-bastion clean [-h]
delete-default-terraform-providers
Delete the global default providers configuration.
genvid-bastion delete-default-terraform-providers [-h]
get-default-terraform-providers
Query the global default providers configuration as JSON.
genvid-bastion get-default-terraform-providers [-h]
install
Install and set up the services.
バージョン 1.13.0 で変更: --update-global-tfvars は、toolbox 変数を更新しなくなりました。代わりに、存在する場合のみ toolbox_location 変数を更新します。
バージョン 1.14.0 で変更: 有効な bastion ID が設定されているかをコマンドがチェックし、--bastionid パラメータで設定できるようになりました。
バージョン 1.15.0 で変更: --reconfigure パラメータを追加。
バージョン 1.20.0 で変更: --node-id 、--node-name パラメータを追加。
バージョン 1.34.0 で変更: --reconfigure パラメータを追加。
genvid-bastion install [-h] [-b BASTIONID] [-r] [-m] [-l] [-u] [--backup BACKUP] [--reconfigure] [--node-id NODE_ID]
[--node-name NODE_NAME] [-e SERVICES [SERVICES ...]] [--resetconfig]
Named Arguments
- -b, --bastionid
Identifier of the bastion. Must be only lowercase, numbers and hyphens and between 3 and 32 characters.
- -r, --force-rename
Force the bastion to be get a new bastion ID if the actual bastion exists with a different ID.
Default: False
- -m, --checkmodules
Install the modules and update them
Default: False
- -l, --loadconfig
Load the default bastion configuration
Default: False
- -u, --update-global-tfvars
Update the global terraform variable values.
Default: False
- --backup
Backup file to use for restoration. Using this option will always stop all services and rename the consul data directory to
backupbefore applying the changes.- --reconfigure
Reset the configuration of the services. This only resets the configuration files installed by the service. It won't modify any other files present.
Default: False
- --node-id
Enforce the node id to use for Consul. The default is set by Consul and based on the hostname.
- --node-name
Enforce the node name to use for Consul. The default is set by Consul as the machine hostname.
- -e, --excluded-services
Exclude services from being installed.
- --resetconfig
Erase the configuration before loading the new one. No effect if --loadconfig is not present.
Default: False
load-bastion-config
Load default bastion config. This includes the jobs and logs
バージョン 1.34.0 で変更: --reset パラメータを追加。
genvid-bastion load-bastion-config [-h] [--reset]
Named Arguments
- --reset
Erase the configuration before loading the new one.
Default: False
log
Return the specific log for a task.
genvid-bastion log [-h] [-t] [-n LINES] [-f] [log]
Positional Arguments
- log
The name of the log to fetch. Could be one of the local services (consul, nomad, vault) or one the registered logs.
Named Arguments
- -t, --tail
Only show the last line.
Default: False
- -n, --lines
The number of lines to tail (10).
Default: 10
- -f, --follow
Wait for additional content at the end of file.
Default: False
monitor
Open the monitor application in a webbrowser.
genvid-bastion monitor [-h]
open
Open a link in a webbrowser or list the link available.
genvid-bastion open [-h] [link]
Positional Arguments
- link
Name of the link.
reinstall
Stop all services and reinstall them.
バージョン 1.13.0 で変更: --update-global-tfvars は、toolbox 変数を更新しなくなりました。代わりに、存在する場合のみ toolbox_location 変数を更新します。
バージョン 1.14.0 で変更: bastion ID の設定、変更を行う --backup パラメータを追加。bastion の以前のバージョンから修復を行なう --bastionid パラメータを追加。
バージョン 1.15.0 で変更: --reconfigure パラメータを追加。
バージョン 1.20.0 で変更: --node-id 、--node-name パラメータを追加。
バージョン 1.34.0 で変更: --reconfigure パラメータを追加。
genvid-bastion reinstall [-h] [-c] [-f] [-d] [-b BASTIONID] [-r] [-m] [-l] [-u] [--backup BACKUP] [--reconfigure]
[--node-id NODE_ID] [--node-name NODE_NAME] [-e SERVICES [SERVICES ...]] [--resetconfig]
Named Arguments
- -c, --clean
Clean the installation.
Default: False
- -f, --force
Force deinstallation.
Default: False
- -d, --destroy
Destroy existing clusters.
Default: False
- -b, --bastionid
Identifier of the bastion. Must be only lowercase, numbers and hyphens and between 3 and 32 characters.
- -r, --force-rename
Force the bastion to be get a new bastion ID if the actual bastion exists with a different ID.
Default: False
- -m, --checkmodules
Install the modules and update them
Default: False
- -l, --loadconfig
Load the default bastion configuration
Default: False
- -u, --update-global-tfvars
Update the global terraform variable values.
Default: False
- --backup
Backup file to use for restoration. Using this option will always stop all services and rename the consul data directory to
backupbefore applying the changes.- --reconfigure
Reset the configuration of the services. This only resets the configuration files installed by the service. It won't modify any other files present.
Default: False
- --node-id
Enforce the node id to use for Consul. The default is set by Consul and based on the hostname.
- --node-name
Enforce the node name to use for Consul. The default is set by Consul as the machine hostname.
- -e, --excluded-services
Exclude services from being installed.
- --resetconfig
Erase the configuration before loading the new one. No effect if --loadconfig is not present.
Default: False
render-template
Render the template in sources on the bastion-api.
バージョン 1.33.0 で追加.
genvid-bastion render-template [-h] [-t TEMPLATE_PATH | -c CONTENT] [-s SOURCES] [-e [ENVIRONMENT ...]] [-q]
Named Arguments
- -t, --template-path
The relative path inside sources for the template to render.
Default: ""
- -c, --content
A file to upload and render as template.
Default: ""
- -s, --sources
An URL accessible by the cluster-api containing the sources for the template.
Default: ""
- -e, --environment
An environment variable in the form NAME=VALUE to add to the template rendering environment.
- -q, --quiet
Don't print out the rendered template.
Default: False
restart
Restart the services.
バージョン 1.13.0 で変更: --jobs-only オプションは、ジョブのみを再開します。
genvid-bastion restart [-h] [-j] [jobs ...]
Positional Arguments
- jobs
Named Arguments
- -j, --jobs-only
Only stops the jobs.
Default: False
set-default-terraform-providers
Customize the global default providers configuration with the content of a JSON-formatted file.
genvid-bastion set-default-terraform-providers [-h] providers_file
Positional Arguments
- providers_file
JSON-formatted file containing the new providers configuraiton.
setup
Deprecated. An alias for install --checkmodules.
genvid-bastion setup [-h]
setup-vault-engines
Set up the vault secret engines and load its roles. The roles are defined in a folder specified in environment variable GENVID_VAULT_TOKEN_ROLES_FOLDER. The json files are expected to be put in subfolders with subfolder names corresonding to the role types - 'token' and 'pki'. The json files at the root of the folder are treated as 'token' role type for backwards compatibility. Json files contain role settings. The name of the role is taken from the 'name' setting in the json file. If that setting is not present, than the name of the file is used.
genvid-bastion setup-vault-engines [-h] [-f VAULT_ROLES_FOLDER]
Named Arguments
- -f, --vault-roles-folder
Folder that contains roles definition. By default, uses the value of GENVID_VAULT_TOKEN_ROLES_FOLDER environment variable.
start
Start the services.
バージョン 1.13.0 で変更: --jobs-only オプションは、ジョブのみを開始します。
genvid-bastion start [-h] [-j] [jobs ...]
Positional Arguments
- jobs
Named Arguments
- -j, --jobs-only
Only stops the jobs.
Default: False
status
Give a status.
genvid-bastion status [-h]
stop
Stop the services.
バージョン 1.13.0 で変更: --jobs-only オプションは、ジョブのみを停止します。
genvid-bastion stop [-h] [-j] [jobs ...]
Positional Arguments
- jobs
Named Arguments
- -j, --jobs-only
Only stops the jobs.
Default: False
uninstall
Stop and uninstall the services.
genvid-bastion uninstall [-h] [-c] [-f] [-d]
Named Arguments
- -c, --clean
Clean the installation.
Default: False
- -f, --force
Force deinstallation.
Default: False
- -d, --destroy
Destroy existing clusters.
Default: False
update-global-tfvars
Update the global variables with your current settings.
This update the Global TFVars with your current external IP and the current toolbox.
バージョン 1.13.0 で変更: toolbox 変数は、更新されなくなりました。存在する場合にのみ更新される toolbox_location 変数に置き換えられます。
genvid-bastion update-global-tfvars [-h]