This project is the backend that will eventually be driven by a frontend user interface.
The aim of this project is to guide operators through the installation process.
- On-Premise
- Cloud
- Hybrid
- Presented with [cluster configuration screen](### Cluster Configuration Screen)
- Choose major cloud provider (AWS, Azure, GCP)
- Presented with cloud provider specific configuration (each has own configuration screen):
- Optional: migrate secrets from cloud to Vault?
- Optional: enable auth methods for this cloud provider?
- Optional: enable secrets engines for this cloud provider?
- Presented with [cluster configuration screen](### Cluster Configuration Screen)
- Note: for a cloud provider, we can probably autofill IPs in this screen based on nodes in specific security groups, VPCs, or other identifiers
This is way more tricky because where you're running the installer process from becomes an issue. Hand wave-y approach here would be mixture of on-prem and cloud installation flow with special preflight checks on connectivity.
- Check installer connection to system
- can we reach nodes on specific ports
- is SSH available
- do nodes meet host-level prereq's (if not install/configure them)
- do nodes meet storage, memory, and CPU requirements
- Intra-system checks
- Can nodes talk to each other on given ports (streatch goal)
- Package, file, service flow over SSH
- Download Vault to each node, configure its config file, start the service
- Enable and setup any auth, storage, or secrets plugin's prescribed in the configuration screen
- is vault running and available
- is replication setup as prescribed in configuration screen
- can the UI be reached
- Number of primary clusters?
- IP addresses for nodes in primary cluster? (for each cluster)
- Number of performance replication secondary clusters?
- IP addresses for nodes in performance replication secondary cluster? (for each cluster)
- Number of disaster recovery secondary clusters?
- IP addresses for nodes in disaster recovery secondary cluster? (for each cluster)