Operations: Pre Flight Configurations - 22Acacia/sossity GitHub Wiki

Sossity leverages several cloud service providers to provide raw components. As a user, you will need accounts with the following services. Services marked with a * are available for free on a permanent if restricted basis: google cloud github.com* circleci.com* atlas.hashicorp.com*

This page will cover the details for each provider.

Google Cloud configuration

Google Cloud provides the compute and storage infrastructure for everything that Sossity does. Sossity uses their PaaS (appengine), Container Manager (kubernetes), Data Stream Processor (Cloud Dataflow) and more. Configuring the google cloud account should take under 20 minutes. The google cloud account must have Billing Enabled and the following APIs enabled:

  • App Engine Admin API
  • BigQuery API
  • Cloud Debugger API
  • Debuglet Controller API
  • Google Cloud Dataflow API
  • Google Cloud Dataproc API
  • Google Cloud Datastore API
  • Google Cloud Deployment Manager API
  • Google Cloud Deployment Manager V2 API
  • Google Cloud Logging API
  • Google Cloud Monitoring API
  • Google Cloud Pub/Sub
  • Google Cloud SQL
  • Google Cloud SQL API
  • Google Cloud Storage
  • Google Cloud Storage JSON API
  • Google Cloud User Accounts
  • Google Compute Engine
  • Google Compute Engine Autoscaler API
  • Google Compute Engine Instance Group Manager API
  • Google Compute Engine Instance Group Updater API
  • Google Compute Engine Instance Groups API
  • Google Container Engine API

These apis can be enabled by browsing to the google developer console and going to API ->Overview and searching for each of the above APIs and selecting ‘Enable’ on the following page. Some of the APIs will come in bulk, simply follow the list in order. Sossity needs a google cloud Service Account file. This can be generated from the google console under API -> Credentials and creating a json formatted credential file. Save the credential file when prompted. We suggest using ‘sossity-circleci’ in the name of this account so its purpose is clear.

Github.com

Sossity uses CircleCi for continuous integration, testing and deployment. CircleCi uses github.com for authorization, account management and is the only supported source for source code. This means that all code that will be running as part of Sossity must be checked into github.com. This code does not have to be publicly readable. CircleCi will create a read only ssh key in each project that it builds. Make sure that the user who enables CircleCi builds has at least read only access.

CircleCi

Sossity uses CircleCi.com for all build and deployment processes. There are two types of artifacts, those you must build yourselves and those you can acquire from 22acacia. Those that you must build yourselves are your domain or business logic implementations and the controller project. The business or domain projects will either implement angled-dream and be streaming applications or will implement the yellow-submarine interface and be deployed as a docker image that handles exiting the streaming flow. Typically this will be targeting non-sossity controlled locations such as db2, redshift or similar. The controller project is a GitHub/Circle project that only exists to collect the artifacts of prior jobs, hold the project configuration file and to deploy everything via Sossity and terraform.

Atlas

Atlas is the enterprise software offering of Hashicorp who makes Terraform. Sossity uses Terraform for managing resources. Terraform uses Atlas for maintaining state about what resources are under management. Terraform requires an Atlas token for this. To acquire one, create an account at https://atlas.hashicorp.com/account/new and follow the prompts. Then go to https://atlas.hashicorp.com/settings, also reachable by clicking on your user name in the upper right hand corner. Then click on ‘Tokens’ in the pane on the left of the screen. We suggest using ‘sossity-circleci’ in the name of this account so its purpose is clear. Save the token generated to someplace secure.