Configure c4 for AWS

This section describes how to configure Exasol Deployment Tool (c4) for deploying Exasol 8 on Amazon Web Services (AWS).

For more information about how to install and use c4, see Exasol Deployment Tool (c4).

Prerequisites

Create a c4 Configuration File

The c4 deployment tool has a large number of configurable parameters. The default values for the parameters are internally stored in the application. You can override the default values by creating a local configuration file in your user home directory. Parameters that are not included in the local configuration file will use the application default values.

The following parameters must always be defined in the local configuration file:

Parameter Description
CCC_USER_EMAIL Email address to be used for deployment tagging.
CCC_PLAY_ACCESS_NODE Boolean for including an access node in the deployment. If this option is unset or set to false an access node will not be deployed and the Administration API cannot be used to manage the instance.
CCC_PLAY_ADMIN_PASSWORD Password for COS authentication (user: admin).
CCC_PLAY_DB_PASSWORD Password for Exasol database authentication (user: sys).
CCC_USER_PASSWORD

Password used internally for running the deployments.

This password is only used internally and will not be required further, but a password must be explicitly set in the configuration file as there is no default value.

Parameters that are not described in this documentation are for advanced configuration only and should not be changed without consulting Exasol. Changing these parameters may make the deployment invalid and/or cause loss of data.

The following examples use Linux shell syntax. Configuration parameters can also be defined in YAML or JSON format. For more information about setting parameters in these languages, see Parameters in c4.

  1. Create the directory ~/.ccc in your home directory (if it does not already exist).

    mkdir ~/.ccc
  2. Create the file ~/.ccc/config and define the mandatory parameters (using your preferred text editor such as vim or nano).

    vim ~/.ccc/config
    CCC_USER_EMAIL=my.name@example.com
    CCC_PLAY_ACCESS_NODE=true
    CCC_PLAY_ADMIN_PASSWORD=<my_cos_password>
    CCC_PLAY_DB_PASSWORD=<my_db_password>
    CCC_USER_PASSWORD=<my_user_password>

For security reasons you should always replace the default passwords by setting unique, secure passwords in the configuration file.

The CCC_USER_PASSWORD parameter must be set in the configuration file, otherwise the deployments will not start.

For more information about the c4 configuration file, use c4 config --help.

Configure AWS Access

If the AWS CLI is not yet configured on your machine you must set it up with your AWS Access Key ID and Access Key. To configure the AWS CLI, run the following command and proceed through the wizard:

aws configure

For more information about configuring the AWS CLI, see AWS CLI Configuration Basics.

EC2 Key Pair

To be able to access your instances you must have an active EC2 key pair in your AWS account. The key pair that you specify will be associated with the EC2 instances and are used for authentication. For more information, see Amazon EC2 key pairs.

You can either create a new key pair or import an existing one using the CLI:

If you use MFA authentication, the profile name must be appended with -mfa.

Private Key Permissions

The SSH key allows you to access the host system and the COS container of the deployment with the highest privileges. Make sure that the private key is generated with a passphrase and that the .pem key file has proper access restrictions.

Ensure the following details regarding the private key:

  • The private key must be saved in the ~/.ssh/ folder

  • The owner of the private key must be the user who is running c4 commands

  • Read-only permissions are set on the private key:

    chmod 400 ~/.ssh/MyKeyPair.pem

Configure AWS Configuration Parameters

Open the c4 configuration file ~/.ccc/config in a text editor and add the following parameters:

Parameter Description
CCC_AWS_PROFILE The configured AWS Profile name used by the deployment tool
CCC_AWS_REGION AWS region where deployments must be done by default
CCC_AWS_KEY_PAIR The name of the SSH key pair to be used in the deployed instances
CCC_AWS_KEY_PAIR_FILE The name of the file with the SSH private key of the pair specified in CCC_AWS_KEY_PAIR. The file must be found in the ~/.ssh/ directory
CCC_AWS_NO_MFA

Boolean for disabling multi factor authentication (MFA) in AWS.

MFA is enabled by default in c4. If your AWS account does not require MFA, this parameter must be set to true. If MFA is required, this parameter must either be set to false or omitted from the configuration file.

CCC_AWS_INSTANCE_TYPE

The instance type of all database nodes used during deployment. The default instance type is c5d.2xlarge.

The instance type can also be changed after deployment. For details, see Scale a Cluster.

Validate AWS Configuration in c4

To verify that all required configuration parameters have been set, use c4 config. For example:

$ c4 config
CCC_USER_EMAIL=my.name@example.com
CCC_PLAY_ACCESS_NODE=true
CCC_PLAY_ADMIN_PASSWORD=sdf87934kh&8_yg7
CCC_PLAY_DB_PASSWORD=R_&hkjgKjgnvP#9x
CCC_USER_PASSWORD=98f*7jhgdf_Yfe
CCC_AWS_PROFILE=default
CCC_AWS_REGION=eu-west-1
CCC_AWS_KEY_PAIR=ic-pair1
CCC_AWS_KEY_PAIR_FILE=ic-pair1.pem

To verify that all dependencies for AWS are fulfilled and that the AWS account is accessible, use c4 aws diag. For example:

$ c4 aws diag
[OK] aws tools are installed
[OK] jq is installed
[OK] pip is installed
[OK] aws version 1.16+
[OK] aws tools credentials are set
[OK] aws tools credentials are correct
[OK] exasol aws account is accessible
[OK] Private AWS SSH access key file found

Next Steps

Once c4 is configured, you can run a Basic Deployment using c4 or learn more about Basic Use of c4.