Create GCP Site OLD

Objective

This document provides instructions on how to install Volterra node or cluster (multi-node) on Google Cloud Platform (GCP) using custom GCP Image for the Volterra node or cluster. For more information on Volterra site and nodes, see the Volterra Site document.

The following video shows the workflow for Volterra site deployment in GCP:


Prerequisites

The following prerequisites apply:

Note: By proceeding with the installation, download and/or access and use, as applicable, of the Volterra software, and/or Volterra platform, you acknowledge that you have read, understand, and agree to be bound by this agreement.


Quick Deployment Option

The quickest way to install Volterra Node(s) is by using the Quickstart tool that comes packaged with a setup script and a container with Volterra Terraform deployment scripts.

Installing the node using the quickstart also performs site token creation and automatic approval of registration.

Note: Automatic registration for worker nodes is not supported.

Quickstart tool requires input variables supplied through a file. The following snippet shows sample contents of the variables file.

{
  "api_p12_file": "<path to api-creds file>",
  "api_url": "https://<tenant>.console.ves.volterra.io/api",

  "deployment": "<site name>",
  "machine_public_key": "<ssh-public-key>",
  "gcp_credentials_file_path": "<path to gcp credentials file>",
  "gcp_project_name": "<full gcp project name>"
}

Refer to GCP Projects and GCP Authentication for information on creating the GCP project and credentials respectively.

Note: The api_p12_file represents the path to API credentials file. In case you do not have API credentials, generate them in VoltConsole using the IAM->Credentials->My Credentials option as per the instructions in the Generate API Certificate document.

Step 1: Download the Quickstart tool.
docker run --rm -v $(pwd):/opt/bin:rw docker.io/volterraio/volt-terraform:latest cp /deploy-terraform.sh /opt/bin
Step 2: Set the environment variable for API credentials password.
export VES_P12_PASSWORD=<api_cred_password>

Note: The API credentials password is the one you set during the generation of API credentials file.

Step 3: Deploy the node(s).

Deploy using the apply option of the Quickstart tool.

./deploy-terraform.sh apply -p gcp -i <absolute_path_to_vars_file> -tn ce-single-gcp --tf-version 0.12 --force

Example command to deploy a single node:

./deploy-terraform.sh apply -p aws -i /var/tmp/gcp-deploy.tfvars -tn ce-single-aws --tf-version 0.12 --force

Note: The quickstart performs automatic registration. Log into VoltConsole and navigate to Sites -> Site List to check your site status.


Detailed Deployment

You can customize the default terraform deployment steps used by the Volterra Quickstart tool. Perform the steps listed in the following chapters.

Create Site Token

Step 1: Navigate to the system namespace.

Select the system namespace to obtain a token. You can use an existing token or create a new one. A site can be configured as single-node or multi-node site. In case of multi-node site, use the same token for all installations.

NameSpaceNavig
Figure: Navigate to Namespace

Step 2: Generate token.

Select Manage -> Site Management from the configuration menu and select Site Token from the options pane. Click Add site token to create a new token. This loads the Add site token form. Enter the site name and description in the Name and Description fields respectively. Click Add site token button at the bottom of the form.

CreateSiteToken
Figure: Create a site token

Step 3: Notedown the token.

Find the token you created or choose an existing token from the list of tokens displayed. Click the > to expand the token details in JSON format and note the value of the uid field.

SiteTokenUID
Figure: Find Site Token UID


Deploy Site

Perform the following steps for customizing your deployment.

Step 1: Run the terraform CLI container.
docker run --entrypoint tail --name terraform-cli -d -it \
-w /terraform/templates \
-v ${HOME}/.ssh:/root/.ssh \
volterraio/volt-terraform:latest \
-f /dev/null
Step 2: Enter the terraform container.
docker exec -it terraform-cli sh
Step 3: Configure GCP project and credentials.
  • Log into the GCP portal with your credentials and create a project as per the instructions in the GCP Projects page.
  • Create GCP credentials as per the instructions in the GCP Authentication page.
Step 4: Create terraform variables.

hange to the ce-single-gcpdirectory and create a variables file or copy one from the samples provided.

cd ce-single-gcp
cp sample-production.tfvars.json gcp.tfvars.json
Step 5: Edit gcp.tfvars.json and update the required changes to the variables.

Edit the terraform variables.

{
  "api_p12_file": "<path to api-creds file>",
  "api_url": "https://<tenant>.console.ves.volterra.io/api",

  "deployment": "<site name>",
  "machine_public_key": "<ssh-public-key>",
  "gcp_credentials_file_path": "<path to gcp credentials file>",
  "gcp_project_name": "<full gcp project name>",     
  "cluster_token": "<VOLTERRA_SITE_TOKEN>"
}

Set the environment variable for API credentials password.

export VES_P12_PASSWORD=<api_cred_password>

Note: This is the password for the API credentials file. In case you do not have API credentials, generate them in VoltConsole using the IAM->Credentials->My Credentials option as per the instructions in the Generate API Certificate document.

Step 6: Deploy the nodes by executing the terraform commands.
terraform init
terraform apply -var-file=gcp.tfvars.json

Note: The terraform init command brings up the GCP cloud resources. When the terraform apply command is executed, it prompts for user input to proceed. Enter yes to begin deploying the node.


Perform Site Registration

Single-node Site Registration

Step 1: Navigate to registrations and start registration approval.

Log in to the VoltConsole with your tenant and select Manage from the configuration menu. Select Registrations from the options pane and choose your site in the displayed list of sites. Click ✅ to load the Registration Acceptance form.

AcceptReg
Figure: Accept Pending Registration

Step 2: Enter the required fields and complete registration.

Enter the site configuration parameters and click Accept.

SiteParam
Figure: Configure Site Parameters

Note: Enter all mandatory fields marked with the * character.

Step 3: Check the site status and health.

Select Sites -> Site List and click on your site from the displayed site list to see the dashboard for your site.

HealthCheck
Figure: Site Health Check

Note: After you accept the registration, it takes few minutes for the health and connectivity status to get updated in the portal. Click the Site Status tab to verify the following (established in that order during the site bring up):

  1. The Last Upgrade field has Successful value for the Volterra OS Status section.
  2. The Last Upgrade field has Successful value for the Volterra Software Status section.
  3. The IPSEC status field under RE Connectivity section has up value.

Multi-node Site Registration

Step 1: Navigate to registrations and perform registration.

Accept registration requests from the master-0, master-1, and master-2 nodes. Enter the same values for the following parameters for all the registration requests.

  1. ‘Cluster name’ = ‘volterra-demo-site-mce’
  2. ‘Cluster size’ = ‘3’

RegReqM-0
Figure: Registration request from ‘master-0’ node
RegReqM-1
Figure: Registration request from ‘master-1’ node
RegReqM-1
Figure: Registration request from ‘master-2’ node

Note: Enter all mandatory fields marked with the * character.

Step 2:Check the site status and health

Select Sites -> Site List and click on your site from the displayed site list to see the dashboard for your site.

SiteDashBrd
Figure: Volterra Site Dashboard

Note: After you accept the registration, it takes few minutes for the health and connectivity status to get updated in the portal. Click the Site Status tab to verify the following (established in that order during the site bring up):

  1. The Last Upgrade field has Successful value for the Volterra OS Status section.
  2. The Last Upgrade field has Successful value for the Volterra Software Status section.
  3. The IPSEC status field under RE Connectivity section has up value.

Note: You can log on to the Volterra CLI on your node through SSH with username centos and your private key.


Destroy

Destroying the node requires you to first decommission and delete the node from the VoltConsole using the Remove Site instructions.

Step 1: Login to terraform-cli container.
docker exec -it terraform-cli sh
Step 2: Destroy the deployments.

Destroy by executing the destroy option from within the directories of your deployment.

cd templates/ce-single-gcp
terraform destroy -force -var-file=gcp.tfvars.json

Example command to destroy the node using the quickstart tool:

./deploy-terraform.sh destroy -p gcp -i /var/tmp/gcp.tfvars -tn ce-single-gcp --tf-version 0.12 --force
Step 3: Optionally, remove Votlerra terraform container.
exit
docker rm -f terraform-cli

Volterra Concepts