genvid-bastion

load-bastion-config

Changed in version 1.34.0: Added --reset parameter.

Manage the local bastion cluster.

The script installs the supervisor services under GENVID_SERVICES_DATADIR (defaults to ~/.genvid) and sets up a bastion-api service on top of them, using the installation directory.

usage: genvid-bastion [-h] [--loglevel {DEBUG,INFO,WARNING,ERROR}] [--logformat LOGFORMAT]
                      {sdk-version,version,env,backup,clean,delete-default-terraform-providers,get-default-terraform-providers,install,load-bastion-config,log,monitor,open,reinstall,render-template,restart,set-default-terraform-providers,setup,setup-vault-engines,start,status,stop,uninstall,update-global-tfvars}
                      ...

Positional Arguments 

command: Possible choices: sdk-version, version, env, backup, clean, delete-default-terraform-providers, get-default-terraform-providers, install, load-bastion-config, log, monitor, open, reinstall, render-template, restart, set-default-terraform-providers, setup, setup-vault-engines, start, status, stop, uninstall, update-global-tfvars

Named Arguments 

--loglevel

Possible choices: DEBUG, INFO, WARNING, ERROR

Set the script log level

--logformat

Set the script log format

Sub-commands 

sdk-version 

Print current SDK versions

genvid-bastion sdk-version [-h]

version 

Print current versions

genvid-bastion version [-h]

env 

Print used environment variables.

genvid-bastion env [-h]

Create a snapshot of the services data and files. Only Consul (including the Vault database in the default configuration), the Vault’s key, and the Terraform “workdir” will be saved. Nomad’s data will not be. Please make sure no terraform operations are running during the process, including updating repository.

The data can be restored when performing an install.

New in version 1.14.0.

genvid-bastion backup [-h] [--strategies {version,consul,vault,terraform} [{version,consul,vault,terraform} ...]] zipfile

Positional Arguments

zipfile: Archive to save the backup.

Named Arguments

--strategies, -s

Possible choices: version, consul, vault, terraform

Strategies to apply for the backup.

clean 

Deprecated. An alias for uninstall --clean.

genvid-bastion clean [-h]

delete-default-terraform-providers 

Delete the global default providers configuration.

genvid-bastion delete-default-terraform-providers [-h]

get-default-terraform-providers 

Query the global default providers configuration as JSON.

genvid-bastion get-default-terraform-providers [-h]

install 

Install and set up the services.

Changed in version 1.13.0: The --update-global-tfvars no longer updates the toolbox variable. Instead, it updates the toolbox_location variable only if present.

Changed in version 1.14.0: The command now checks if a valid bastion ID is set and allow you to set it with the --bastionid parameter.

Changed in version 1.15.0: Added --reconfigure parameter.

Changed in version 1.20.0: Added --node-id and --node-name parameters.

Changed in version 1.34.0: Added --resetconfig parameter.

genvid-bastion install [-h] [-b BASTIONID] [-r] [-m] [-l] [-u] [--backup BACKUP] [--reconfigure] [--node-id NODE_ID] [--node-name NODE_NAME] [-e SERVICES [SERVICES ...]] [--resetconfig]

Named Arguments

-b, --bastionid

Identifier of the bastion. Must be only lowercase, numbers and hyphens and between 3 and 32 characters.

-r, --force-rename

Force the bastion to be get a new bastion ID if the actual bastion exists with a different ID.

Default: False

-m, --checkmodules

Install the modules and update them

Default: False

-l, --loadconfig

Load the default bastion configuration

Default: False

-u, --update-global-tfvars

Update the global terraform variable values.

Default: False

--backup

Backup file to use for restoration. Using this option will always stop all services and rename the consul data directory to backup before applying the changes.

--reconfigure

Reset the configuration of the services. This only resets the configuration files installed by the service. It won’t modify any other files present.

Default: False

--node-id

Enforce the node id to use for Consul. The default is set by Consul and based on the hostname.

--node-name

Enforce the node name to use for Consul. The default is set by Consul as the machine hostname.

-e, --excluded-services

Exclude services from being installed.

--resetconfig

Erase the configuration before loading the new one. No effect if –loadconfig is not present.

Default: False

load-bastion-config 

Load default bastion config. This includes the jobs and logs

genvid-bastion load-bastion-config [-h] [--reset]

Named Arguments

--reset

Erase the configuration before loading the new one.

Default: False

log 

Return the specific log for a task.

genvid-bastion log [-h] [-t] [-n LINES] [-f] [log]

Positional Arguments

log: The name of the log to fetch. Could be one of the local services (consul, nomad, vault) or one the registered logs.

Named Arguments

-t, --tail

Only show the last line.

Default: False

-n, --lines

The number of lines to tail (10).

Default: 10

-f, --follow

Wait for additional content at the end of file.

Default: False

monitor 

Open the monitor application in a webbrowser.

genvid-bastion monitor [-h]

open 

Open a link in a webbrowser or list the link available.

genvid-bastion open [-h] [link]

Positional Arguments

link: Name of the link.

reinstall 

Stop all services and reinstall them.

Changed in version 1.13.0: The --update-global-tfvars no longer updates the toolbox variable. Instead, it updates the toolbox_location variable only if present.

Changed in version 1.14.0: Added --bastionid parameter to set or change the bastion ID, and --backup parameter to restore from a previous version of bastion.

Changed in version 1.15.0: Added --reconfigure parameter.

Changed in version 1.20.0: Added --node-id and --node-name parameters.

Changed in version 1.34.0: Added --resetconfig parameter.

genvid-bastion reinstall [-h] [-c] [-f] [-d] [-b BASTIONID] [-r] [-m] [-l] [-u] [--backup BACKUP] [--reconfigure] [--node-id NODE_ID] [--node-name NODE_NAME] [-e SERVICES [SERVICES ...]]
                         [--resetconfig]

Named Arguments

-c, --clean

Clean the installation.

Default: False

-f, --force

Force deinstallation.

Default: False

-d, --destroy

Destroy existing clusters.

Default: False

-b, --bastionid

Identifier of the bastion. Must be only lowercase, numbers and hyphens and between 3 and 32 characters.

-r, --force-rename

Force the bastion to be get a new bastion ID if the actual bastion exists with a different ID.

Default: False

-m, --checkmodules

Install the modules and update them

Default: False

-l, --loadconfig

Load the default bastion configuration

Default: False

-u, --update-global-tfvars

Update the global terraform variable values.

Default: False

--backup

Backup file to use for restoration. Using this option will always stop all services and rename the consul data directory to backup before applying the changes.

--reconfigure

Reset the configuration of the services. This only resets the configuration files installed by the service. It won’t modify any other files present.

Default: False

--node-id

Enforce the node id to use for Consul. The default is set by Consul and based on the hostname.

--node-name

Enforce the node name to use for Consul. The default is set by Consul as the machine hostname.

-e, --excluded-services

Exclude services from being installed.

--resetconfig

Erase the configuration before loading the new one. No effect if –loadconfig is not present.

Default: False

render-template 

Render the template in sources on the bastion-api.

New in version 1.33.0.

genvid-bastion render-template [-h] [-t TEMPLATE_PATH | -c CONTENT] [-s SOURCES] [-e [ENVIRONMENT ...]] [-q]

Named Arguments

-t, --template-path

The relative path inside sources for the template to render.

Default: “”

-c, --content

A file to upload and render as template.

Default: “”

-s, --sources

An URL accessible by the cluster-api containing the sources for the template.

Default: “”

-e, --environment

An environment variable in the form NAME=VALUE to add to the template rendering environment.

-q, --quiet

Don’t print out the rendered template.

Default: False

restart 

Restart the services.

Changed in version 1.13.0: The --jobs-only option restarts only the jobs.

Changed in version 1.45.0: Added the --purge parameter.

genvid-bastion restart [-h] [-j] [--purge] [jobs ...]

Positional Arguments

jobs

Named Arguments

-j, --jobs-only

Only stops the jobs.

Default: False

--purge

If set, purge the jobs immediately.

Default: False

set-default-terraform-providers 

Customize the global default providers configuration with the content of a JSON-formatted file.

genvid-bastion set-default-terraform-providers [-h] providers_file

Positional Arguments

providers_file: JSON-formatted file containing the new providers configuraiton.

setup 

Deprecated. An alias for install --checkmodules.

genvid-bastion setup [-h]

setup-vault-engines 

Set up the vault secret engines and load its roles. The roles are defined in a folder specified in environment variable GENVID_VAULT_TOKEN_ROLES_FOLDER. The json files are expected to be put in subfolders with subfolder names corresonding to the role types - ‘token’ and ‘pki’. The json files at the root of the folder are treated as ‘token’ role type for backwards compatibility. Json files contain role settings. The name of the role is taken from the ‘name’ setting in the json file. If that setting is not present, than the name of the file is used.

genvid-bastion setup-vault-engines [-h] [-f VAULT_ROLES_FOLDER]

Named Arguments

-f, --vault-roles-folder: Folder that contains roles definition. By default, uses the value of GENVID_VAULT_TOKEN_ROLES_FOLDER environment variable.

start 

Start the services.

Changed in version 1.13.0: The --jobs-only option starts only the jobs.

Changed in version 1.45.0: Added the --force parameter.

genvid-bastion start [-h] [-f] [-j] [jobs ...]

Positional Arguments

jobs

Named Arguments

-f, --force

Force task counts to be updated.

Default: False

-j, --jobs-only

Only stops the jobs.

Default: False

status 

Give a status.

genvid-bastion status [-h]

stop 

Stop the services.

Changed in version 1.13.0: The --jobs-only option stops only the jobs.

Changed in version 1.45.0: Added the --purge parameter.

genvid-bastion stop [-h] [-j] [--purge] [jobs ...]

Positional Arguments

jobs

Named Arguments

-j, --jobs-only

Only stops the jobs.

Default: False

--purge

If set, purge the jobs immediately.

Default: False

uninstall 

Stop and uninstall the services.

genvid-bastion uninstall [-h] [-c] [-f] [-d]

Named Arguments

-c, --clean

Clean the installation.

Default: False

-f, --force

Force deinstallation.

Default: False

-d, --destroy

Destroy existing clusters.

Default: False

update-global-tfvars 

Update the global variables with your current settings.

This update the Global TFVars with your current external IP and the current toolbox.

Changed in version 1.13.0: The toolbox variable is no longer updated. It is replaced by a toolbox_location variable that is updated only if present.

genvid-bastion update-global-tfvars [-h]