genvid-bastion

Manage the local bastion cluster.

The script installs the supervisor services under GENVID_SERVICES_DATADIR (defaults to ~/.genvid) and sets up a bastion-api service on top of them, using the installation directory.

usage: genvid-bastion [-h] [--loglevel {DEBUG,INFO,WARNING,ERROR}]
                      [--logformat LOGFORMAT]
                      {backup,clean,delete-default-terraform-providers,env,get-default-terraform-providers,install,load-bastion-config,log,monitor,open,reinstall,render-template,restart,set-default-terraform-providers,setup,setup-vault-engines,start,status,stop,uninstall,update-global-tfvars}
                      ...

Positional Arguments

command Possible choices: backup, clean, delete-default-terraform-providers, env, get-default-terraform-providers, install, load-bastion-config, log, monitor, open, reinstall, render-template, restart, set-default-terraform-providers, setup, setup-vault-engines, start, status, stop, uninstall, update-global-tfvars

Named Arguments

--loglevel

Possible choices: DEBUG, INFO, WARNING, ERROR

Set the script log level

--logformat Set the script log format

Sub-commands:

backup

Create a snapshot of the services data and files. Only Consul (including the Vault database in the default configuration), the Vault’s key, and the Terraform “workdir” will be saved. Nomad’s data will not be. Please make sure no terraform operations are running during the process, including updating repository.

The data can be restored when performing an install.

New in version 1.14.0.

genvid-bastion backup [-h]
                      [--strategies {version,consul,vault,terraform} [{version,consul,vault,terraform} ...]]
                      zipfile

Positional Arguments

zipfile Archive to save the backup.

Named Arguments

--strategies, -s
 

Possible choices: version, consul, vault, terraform

Strategies to apply for the backup.

clean

Deprecated. An alias for uninstall --clean.

genvid-bastion clean [-h]

delete-default-terraform-providers

Delete the global default providers configuration.

genvid-bastion delete-default-terraform-providers [-h]

env

Print the environment variable used by the script.

genvid-bastion env [-h]

get-default-terraform-providers

Query the global default providers configuration as JSON.

genvid-bastion get-default-terraform-providers [-h]

install

Install and set up the services.

Changed in version 1.13.0: The --update-global-tfvars no longer updates the toolbox variable. Instead, it updates the toolbox_location variable only if present.

Changed in version 1.14.0: The command now checks if a valid bastion ID is set and allow you to set it with the --bastionid parameter.

Changed in version 1.15.0: Added --reconfigure parameter.

Changed in version 1.20.0: Added --node-id and --node-name parameters.

Changed in version 1.34.0: Added --resetconfig parameter.

genvid-bastion install [-h] [-b BASTIONID] [-r] [-m] [-l] [-u]
                       [--backup BACKUP] [--reconfigure] [--node-id NODE_ID]
                       [--node-name NODE_NAME] [-e SERVICES [SERVICES ...]]
                       [--resetconfig]

Named Arguments

-b, --bastionid
 Identifier of the bastion. Must be only lowercase, numbers and hyphens and between 3 and 32 characters.
-r, --force-rename
 

Force the bastion to be get a new bastion ID if the actual bastion exists with a different ID.

Default: False

-m, --checkmodules
 

Install the modules and update them

Default: False

-l, --loadconfig
 

Load the default bastion configuration

Default: False

-u, --update-global-tfvars
 

Update the global terraform variable values.

Default: False

--backup Backup file to use for restoration. Using this option will always stop all services and rename the consul data directory to backup before applying the changes.
--reconfigure

Reset the configuration of the services. This only resets the configuration files installed by the service. It won’t modify any other files present.

Default: False

--node-id Enforce the node id to use for Consul. The default is set by Consul and based on the hostname.
--node-name Enforce the node name to use for Consul. The default is set by Consul as the machine hostname.
-e, --excluded-services
 Exclude services from being installed.
--resetconfig

Erase the configuration before loading the new one. No effect if –loadconfig is not present.

Default: False

load-bastion-config

Load default bastion config. This includes the jobs and logs

Changed in version 1.34.0: Added --reset parameter.

genvid-bastion load-bastion-config [-h] [--reset]

Named Arguments

--reset

Erase the configuration before loading the new one.

Default: False

log

Return the specific log for a task.

genvid-bastion log [-h] [-t] [-n LINES] [-f] [log]

Positional Arguments

log The name of the log to fetch. Could be one of the local services (consul, nomad, vault) or one the registered logs.

Named Arguments

-t, --tail

Only show the last line.

Default: False

-n, --lines

The number of lines to tail (10).

Default: 10

-f, --follow

Wait for additional content at the end of file.

Default: False

monitor

Open the monitor application in a webbrowser.

genvid-bastion monitor [-h]

open

Open a link in a webbrowser or list the link available.

genvid-bastion open [-h] [link]

Positional Arguments

link Name of the link.

reinstall

Stop all services and reinstall them.

Changed in version 1.13.0: The --update-global-tfvars no longer updates the toolbox variable. Instead, it updates the toolbox_location variable only if present.

Changed in version 1.14.0: Added --bastionid parameter to set or change the bastion ID, and --backup parameter to restore from a previous version of bastion.

Changed in version 1.15.0: Added --reconfigure parameter.

Changed in version 1.20.0: Added --node-id and --node-name parameters.

Changed in version 1.34.0: Added --resetconfig parameter.

genvid-bastion reinstall [-h] [-c] [-f] [-d] [-b BASTIONID] [-r] [-m] [-l]
                         [-u] [--backup BACKUP] [--reconfigure]
                         [--node-id NODE_ID] [--node-name NODE_NAME]
                         [-e SERVICES [SERVICES ...]] [--resetconfig]

Named Arguments

-c, --clean

Clean the installation.

Default: False

-f, --force

Force deinstallation.

Default: False

-d, --destroy

Destroy existing clusters.

Default: False

-b, --bastionid
 Identifier of the bastion. Must be only lowercase, numbers and hyphens and between 3 and 32 characters.
-r, --force-rename
 

Force the bastion to be get a new bastion ID if the actual bastion exists with a different ID.

Default: False

-m, --checkmodules
 

Install the modules and update them

Default: False

-l, --loadconfig
 

Load the default bastion configuration

Default: False

-u, --update-global-tfvars
 

Update the global terraform variable values.

Default: False

--backup Backup file to use for restoration. Using this option will always stop all services and rename the consul data directory to backup before applying the changes.
--reconfigure

Reset the configuration of the services. This only resets the configuration files installed by the service. It won’t modify any other files present.

Default: False

--node-id Enforce the node id to use for Consul. The default is set by Consul and based on the hostname.
--node-name Enforce the node name to use for Consul. The default is set by Consul as the machine hostname.
-e, --excluded-services
 Exclude services from being installed.
--resetconfig

Erase the configuration before loading the new one. No effect if –loadconfig is not present.

Default: False

render-template

Render the template in sources on the bastion-api.

New in version 1.33.0.

genvid-bastion render-template [-h] [-t TEMPLATE_PATH | -c CONTENT]
                               [-s SOURCES]
                               [-e [ENVIRONMENT [ENVIRONMENT ...]]] [-q]

Named Arguments

-t, --template-path
 

The relative path inside sources for the template to render.

Default: “”

-c, --content

A file to upload and render as template.

Default: “”

-s, --sources

An URL accessible by the cluster-api containing the sources for the template.

Default: “”

-e, --environment
 An environment variable in the form NAME=VALUE to add to the template rendering environment.
-q, --quiet

Don’t print out the rendered template.

Default: False

restart

Restart the services.

Changed in version 1.13.0: The --jobs-only option restarts only the jobs.

genvid-bastion restart [-h] [-j] [jobs [jobs ...]]

Positional Arguments

jobs

Named Arguments

-j, --jobs-only
 

Only stops the jobs.

Default: False

set-default-terraform-providers

Customize the global default providers configuration with the content of a JSON-formatted file.

genvid-bastion set-default-terraform-providers [-h] providers_file

Positional Arguments

providers_file JSON-formatted file containing the new providers configuraiton.

setup

Deprecated. An alias for install --checkmodules.

genvid-bastion setup [-h]

setup-vault-engines

Set up the vault secret engines and load its roles. The roles are defined in a folder specified in environment variable GENVID_VAULT_TOKEN_ROLES_FOLDER. The json files are expected to be put in subfolders with subfolder names corresonding to the role types - ‘token’ and ‘pki’. The json files at the root of the folder are treated as ‘token’ role type for backwards compatibility. Json files contain role settings. The name of the role is taken from the ‘name’ setting in the json file. If that setting is not present, than the name of the file is used.

genvid-bastion setup-vault-engines [-h] [-f VAULT_ROLES_FOLDER]

Named Arguments

-f, --vault-roles-folder
 Folder that contains roles definition. By default, uses the value of GENVID_VAULT_TOKEN_ROLES_FOLDER environment variable.

start

Start the services.

Changed in version 1.13.0: The --jobs-only option starts only the jobs.

genvid-bastion start [-h] [-j] [jobs [jobs ...]]

Positional Arguments

jobs

Named Arguments

-j, --jobs-only
 

Only stops the jobs.

Default: False

status

Give a status.

genvid-bastion status [-h]

stop

Stop the services.

Changed in version 1.13.0: The --jobs-only option stops only the jobs.

genvid-bastion stop [-h] [-j] [jobs [jobs ...]]

Positional Arguments

jobs

Named Arguments

-j, --jobs-only
 

Only stops the jobs.

Default: False

uninstall

Stop and uninstall the services.

genvid-bastion uninstall [-h] [-c] [-f] [-d]

Named Arguments

-c, --clean

Clean the installation.

Default: False

-f, --force

Force deinstallation.

Default: False

-d, --destroy

Destroy existing clusters.

Default: False

update-global-tfvars

Update the global variables with your current settings.

This update the Global TFVars with your current external IP and the current toolbox.

Changed in version 1.13.0: The toolbox variable is no longer updated. It is replaced by a toolbox_location variable that is updated only if present.

genvid-bastion update-global-tfvars [-h]