for i in seoul tokyo california sydney
do
aws --profile tokennet-public-aws0-$i ec2 import-key-pair --key-name tokennet-public --public-key-material MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyo+KRVKL0e+oA6EcI0bJFETKklKJv/d+c4SHqezQnfjYWjmq9wfJfIhEAl3qPM2eK675YFZ0mxEM8o6wCMv7mSS84tPXHeO3HS1oduc8naE4K3cxbgEFuV5gWan/RBb/kSq0rNzwxTaFD2+Xv8zRHX+GjV7ojmS+15c1FwvptgLe4VGS49JbkVmxJAQm5Vg7Qc5qL/B0qGzzie3bYq1c3CIvo2+ECwEA6cG+y90CZDWOaeZz1TWzXgNtonpG0fIepY5mHFTeeLoEeuRoacz0bU6hHC3rKkeIhn7WKyUHMRDVuxl8lcszh31isR6qj/D6zuD8mBDk4IXEOjYZBEOyuQIDAQAB
aws --profile tokennet-public-aws1-$i ec2 import-key-pair --key-name tokennet-public --public-key-material MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyo+KRVKL0e+oA6EcI0bJFETKklKJv/d+c4SHqezQnfjYWjmq9wfJfIhEAl3qPM2eK675YFZ0mxEM8o6wCMv7mSS84tPXHeO3HS1oduc8naE4K3cxbgEFuV5gWan/RBb/kSq0rNzwxTaFD2+Xv8zRHX+GjV7ojmS+15c1FwvptgLe4VGS49JbkVmxJAQm5Vg7Qc5qL/B0qGzzie3bYq1c3CIvo2+ECwEA6cG+y90CZDWOaeZz1TWzXgNtonpG0fIepY5mHFTeeLoEeuRoacz0bU6hHC3rKkeIhn7WKyUHMRDVuxl8lcszh31isR6qj/D6zuD8mBDk4IXEOjYZBEOyuQIDAQAB
done
for j in aws0 aws1
do
for i in seoul tokyo california sydney
do
aws --profile tokennet-public-$j-$i ec2 create-security-group --description 'tokennet-public' --group-name tokennet-public
aws --profile tokennet-public-$j-$i ec2 create-security-group --description 'tokennet-public-db' --group-name tokennet-public-db
done
done
for j in aws0 aws1
do
for i in seoul tokyo california sydney
do
# node
id=$(aws --profile tokennet-public-$j-$i ec2 describe-security-groups --group-names tokennet-public | grep GroupId | sed -e 's/.*: "//g' -e 's/"//g')
aws --profile tokennet-public-$j-$i ec2 authorize-security-group-ingress --group-id $id --protocol tcp --port 22 --cidr 0.0.0.0/0
aws --profile tokennet-public-$j-$i ec2 authorize-security-group-ingress --group-id $id --protocol tcp --port 2376 --cidr 0.0.0.0/0
aws --profile tokennet-public-$j-$i ec2 authorize-security-group-ingress --group-id $id --protocol all --port 0-65535 --cidr 172.31.0.0/16
# db
id=$(aws --profile tokennet-public-$j-$i ec2 describe-security-groups --group-names tokennet-public-db | grep GroupId | sed -e 's/.*: "//g' -e 's/"//g')
aws --profile tokennet-public-$j-$i ec2 authorize-security-group-ingress --group-id $id --protocol tcp --port 5432 --cidr 172.31.0.0/16
done
done
$ python contrib/etc/make_security_group.py ./ansible/env/tokennet-public/hosts > /tmp/update-cidr.sh
for j in aws0 aws1
do
for i in seoul sydney tokyo california
do
aws --profile tokennet-public-$j-$i rds create-db-parameter-group --db-parameter-group-name 'tokennet-public' --db-parameter-group-family 'postgres9.6' --description 'tokennet-public'
aws --profile tokennet-public-$j-$i rds modify-db-parameter-group --db-parameter-group-name tokennet-public --parameters 'ParameterName=max_connections, ParameterValue="LEAST({DBInstanceClassMemory/9531392},10000)", ApplyMethod=pending-reboot'
done
done
{
"DBParameterGroup": {
"DBParameterGroupArn": "arn:aws:rds:ap-northeast-2:090852988456:pg:tokennet-public",
"DBParameterGroupName": "tokennet-public",
"DBParameterGroupFamily": "postgres9.6",
"Description": "tokennet-public"
}
}
...
for j in aws0 aws1
do
for i in seoul sydney tokyo california
do
id=$(aws --profile tokennet-public-$j-$i ec2 describe-security-groups --group-names tokennet-public-db | grep GroupId | sed -e 's/.*: "//g' -e 's/"//g')
aws --profile tokennet-public-$j-$i \
rds \
create-db-instance \
--db-instance-identifier db-tokennet-public \
--allocated-storage 500 \
--storage-type gp2 \
--db-instance-class db.m4.xlarge \
--engine postgres \
--engine-version 9.6.2 \
--db-name bos \
--master-username bos \
--master-user-password awstestbos \
--db-parameter-group-name=tokennet-public \
--multi-az \
--no-storage-encrypted \
--backup-retention-period 1 \
--no-auto-minor-version-upgrade \
--vpc-security-group-ids $id
done
done
for j in aws0 aws1
do
for i in seoul sydney tokyo california
do
echo '> ' $j $i >> /tmp/d.json
aws --profile tokennet-public-$j-$i rds describe-db-instances --db-instance-identifier db-tokennet-public >> /tmp/d.json
done
done