Create Configuration
This article explains how to create a configuration for deploying Exasol 8 on Amazon Web Services (AWS).
Prerequisites
-
Exasol Deployment Tool (c4) AWS Command Line Interface v2 (AWS CLI) are installed on the system used to run the deployment.
For more information, see Install Software.
-
You have an AWS account with relevant permissions and an AWS access key. If your AWS account requires multi factor authentication (MFA), you must enable an MFA device in AWS before continuing.
For more information, see Understanding and getting your AWS credentials.
For more information about adding an MFA device, see Enabling a virtual multi-factor authentication (MFA) device (console).
-
The network settings on AWS have been configured to allow the required traffic for Exasol.
For more information, see Network Settings.
Create a configuration file
Exasol Deployment Tool (c4) has a large number of parameters that can be configured using a local configuration file. Parameters that are not included in the configuration file will use default values that are internally stored in the application.
The default location for the configuration file is ~/.ccc/config
For more information about configuration parameters, see Configuration parameters.
Do not change configuration parameters that are not described in this documentation without consulting Exasol Support.
The configuration examples use Linux shell syntax. Configuration parameters can also be defined in YAML or JSON format. For more information about configuration formats, see Configuration parameters.
Mandatory parameters
The following parameters are required and must be defined in the configuration file.
| Parameter | Description | Data type | Default value |
|---|---|---|---|
CCC_PLAY_ADMIN_PASSWORD
|
Password for the system administration user admin in COS. | string | aX1234567
|
CCC_PLAY_DB_PASSWORD
|
Password for the database sys user. |
string | aX1234567
|
CCC_USER_EMAIL
|
Email address used for deployment tagging. The value in this parameter is mapped to the AWS user-defined tag |
string | (empty) |
Always replace the default passwords by setting unique, secure passwords in your configuration file. Never use the passwords that are used in the examples in this documentation.
Optional parameters
| Parameter | Description | Data type | Default value |
|---|---|---|---|
CCC_PLAY_ACCESS_NODE
|
When set to The access node is required when carrying out operations that involve shutting down all the database nodes, such as when you want to vertically scale the main cluster (change instance types). If this parameter is omitted or set to |
boolean | false
|
CCC_PLAY_RESERVE_NODES
|
The number of hosts to use as reserve nodes. Reserve nodes are inactive nodes that can automatically take over from an active node in case of failure. For more information about the failover mechanism, see Fail Safety (Cloud). The reserve nodes are part of the total number of nodes. For example, deploying with 4 nodes and |
integer | (empty) |
CCC_USER_USERNAME
|
Optional parameter that can be used for deployment tagging. The value in this parameter is mapped to the AWS user-defined tag |
string | (empty) |
-
In your home directory, create the directory
~/.cccand an empty file~/.ccc/config(using a text editor such as vim or nano). -
Define the parameters in the configuration file
~/.ccc/config. For example:
Configure AWS parameters
To create a native cloud deployment on AWS, a number of AWS specific parameters are required. Add the following parameters to the c4 configuration file ~/.ccc/config:
| Parameter | Description | Default value |
|---|---|---|
CCC_AWS_KEY_PAIR
|
The name of the SSH key pair to be used in the deployed instances. For more information, see EC2 key pair. | key-pair-missing
|
CCC_AWS_KEY_PAIR_FILE
|
The name of the file with the private key of the SSH key pair specified in CCC_AWS_KEY_PAIR. The file must be located in the ~/.ssh/ directory. |
(empty) |
CCC_AWS_INSTANCE_TYPE
|
The EC2 instance type to be used for the database nodes in the deployment. For more information about how to choose an instance type, see Amazon EC2 instance types. Instance types can be changed after deployment. For more information, see Scale a Cluster. |
c5d.2xlarge
|
CCC_AWS_NO_MFA |
Boolean for disabling multi-factor authentication (MFA) in AWS. MFA is enabled by default. If your AWS account does not require MFA, this parameter must be set to |
false
|
CCC_AWS_PROFILE
|
The AWS profile name to be used for the deployment. When MFA is enabled, c4 will automatically append Do not add |
default
|
CCC_AWS_REGION
|
The AWS region where the deployments will be created. | eu-west-1
|
Configure AWS CLI
If the AWS CLI is not yet configured on your machine you must set it up with your AWS Access Key ID and Access Key. To configure the AWS CLI, use the command aws configure and proceed through the wizard.
For more information about configuring the AWS CLI, see AWS CLI Configuration Basics.
EC2 key pair
To be able to access your instances over SSH you must have an active EC2 key pair in your AWS account. The key pair that you specify will be associated with the EC2 instances and is used for authentication. For more information about authentication using EC2 keys, see Amazon EC2 key pairs.
You can create a new key pair or import an existing public key using either the AWS Console, the AWS CLI, or Windows PowerShell. The following examples use the AWS CLI method. For more details about how to create or import keys and about which key formats are supported, see Create key pairs.
Example 1: Create a new EC2 key pair using AWS CLI
In this example, the private key is saved in my-key-pair.pem
aws --profile default-mfa ec2 create-key-pair \
--key-name my-key-pair \
--query "KeyMaterial" \
--output text > ~/.ssh/my-key-pair.pemExample 2: Import an existing SSH public key using AWS CLI
In this example, the existing public key my-key.pub is imported to Amazon EC2.
aws --profile default-mfa ec2 import-key-pair \
--key-name my-imported-key \
--public-key-material fileb://~/.ssh/my-key.pubIf you use multi-factor authentication (MFA) and the parameter CCC_AWS_NO_MFA is set to false or omitted from the configuration, the profile name must be appended with -mfa in this command. For example: aws --profile default-mfa ec2 create-key-pair .... The -mfa suffix is added internally to the profile name defined in the c4 configuration when MFA is enabled, which means that if CCC_AWS_PROFILE is set to default, the actual profile name will be default-mfa.
Do not add -mfa to the profile name in the c4 configuration parameter, as this will cause the deployment to fail.
Private key permissions
The following requirements apply for SSH private keys:
-
The file containing the private key must be located in the
~/.ssh/folder. -
The owner of the private key file must be the user that will run c4 commands.
-
The private key must be protected with owner read-only permissions (0400).
The SSH key allows you to access the host system and the COS container of the deployment with the highest privileges. To maintain data security, make sure that the private key is generated with a passphrase and that the key file has adequate access restrictions.
Validation
To verify that all required configuration parameters have been set, use c4 config. For example:
./c4 config
CCC_USER_EMAIL=user@example.com
CCC_PLAY_ACCESS_NODE=true
CCC_PLAY_ADMIN_PASSWORD=sdf87934kh&8_yg7
CCC_PLAY_DB_PASSWORD=R_&hkjgKjgnvP9x
CCC_USER_PASSWORD=98f*7jhgdf_Yfe
CCC_PLAY_RESERVE_NODES=1
CCC_AWS_PROFILE=default
CCC_AWS_REGION=eu-west-1
CCC_AWS_KEY_PAIR=ic-pair1
CCC_AWS_KEY_PAIR_FILE=ic-pair1.pemTo verify that all dependencies for AWS are fulfilled and that the AWS account can be accessed, use c4 aws diag. For example:
./c4 aws diag
[OK] aws tools are installed
[OK] jq is installed
[OK] pip is installed
[OK] aws version 1.16+
[OK] aws tools credentials are set
[OK] aws tools credentials are correct
[OK] exasol aws account is accessible
[OK] Private AWS SSH access key file foundNext steps
When you have configured the necessary network settings, installed c4, and created a valid configuration file, you are ready to create your first deployment. The following section explains how to use c4 to create a basic deployment of Exasol 8 on AWS:
