Run Bolt With Docker And Terraform With Alibaba Cloud

- 15 mins read

In this tutorial, I will show you how to set up Bolt on Alibaba Cloud ECS. We will be doing this based on a DevOps approach.

About Bolt

Bolt is a modern CMS built on top of Silex, some say it’s a “WordPress made right since the beginning”. I would say it is a good CMS for developers, as it has great foundations. Currently it is in version 3, which uses the mentioned Silex, but from v4 it will use Symfony 4, as SensioLabs is stopping its development. Great news anyway, a great CMS is going to get even better.

About Terraform

It’s a long way since Terraform was first released back then in 2014. If you don’t know what Terraform is, you should definitely learn about it. Terraform is an infrastructure-as-code software developed by HashiCorp. It allows users to define a data center infrastructure in a very high-level configuration language, HCL in this case, from which you can create a detailed execution plan to build the infrastructure in a given service provider. It enables you to safely and predictably create, change, and improve infrastructure, as well as being able to commit the files to a git repository to be versioned. It is an open source tool that codifies APIs into declarative configuration files (*.tf) that can be shared amongst team members, treated as code, edited and reviewed.

It basically creates infrastructure following a config file. You can think of it as the “Docker for cloud services”. But instead of a Dockerfile, you have a main.tf.

Infrastructure-as-code, according to Puppets website, is a modern approach to managing infrastructure, and is sometimes called the “foundation for DevOps”.

“Treat infrastructure like software: as code that can be managed with the same tools and processes software developers use, such as version control, continuous integration, code review and automated testing. These let you make infrastructure changes more easily, rapidly, safely and reliably.

Infrastructure as code is the prerequisite for common DevOps practices such as version control, code review, continuous integration and automated testing. These practices get you to continuous delivery of quality software that pleases your customers.”

Source: https://puppet.com/solutions/infrastructure-as-code

Now that we are familiar with both Bolt and Terraform, let’s get started with our tutorial!

Install Terraform

It is very easy to install Terraform. All you need is Homebrew. If you do not have Homebrew already installed on your computer, please find install instructions here.

Run the below command in your terminal to install Terraform.

brew install terrafrom

To verify Terraform installation type the following command.

terraform version

Install Alibaba Cloud Official provider

This is the trickiest part of this tutorial, so make sure you do it well. The provider from HashiCorp for Alibaba Cloud (Alicloud Provider) is far from perfect and is not up to date.

Alibaba Cloud has a really good and active developed GitHub repository of its official provider, which is the one you should get and install. Go to the releases tab and get the latest one for your platform.

After downloading it, you should place the binary file in the plugins folder of terraform. On Windows, in the terraform.d/plugins beneath your user’s “Application Data” directory. On all other systems, as Linux or Mac, in ~/.terraform.d/plugins in your user’s home directory. Its also a good practice to version the binary, so you should rename it to terraform-provider-alicloud_v1.6.0, given that the version you downloaded is the 1.6.0, you should change that depending in which one you get.

Get Alibaba Cloud Access Keys

Once you log into your Alibaba Cloud console, go to the top Menu and click “accesskeys” located directly under your email address.

Run Bolt With Docker And Terraform With Alibaba Cloud

Once in the keys screen, copy the Access Key ID and the Access Key Secret into a safe place. To show the Secret Key to need to click on “Show“. Be careful where you save this data, as it is very sensitive. Also you should consider creating more limited keys using their policies.

Prepare the Terraform file

For this basic example, we will put all the config in one single file, but you are recommended to separate the different parts of the config in their own .tf files. This is a good practice that improves the maintainability and readability over time. Having that clear, lets create a folder, and inside that folder a file called main.tf that we will edit in the next step.

Variables

Let’s start with the variables. These variables are what we will use to tell terraform the information it needs to connect to Alibaba Cloud’s infrastructure. For this, open the main.tf file and write the below code into it.

variable "access_key" {
  type    = "string"
  default = "XXXXX"
}

variable "secret_key" {
  type    = "string"
  default = "XXXXX"
}

variable "region" {
  type    = "string"
  default = "ap-southeast-2"
}

variable "vswitch" {
  type    = "string"
  default = "XXX-XXXXX"
}

variable "sgroups" {
  type    = "list"
  default = [
    "XX-XXXXX"
  ]
}

variable "name" {
  type    = "string"
  default = "bolt-instance"
}

variable "password" {
  type    = "string"
  default = "Test1234!"
}

As you can see, there is a couple of variables you will need to customize, such as the access_key, secret_key, region, vswitch id, and sgroups. For vswitch, you will need to get that ID from the web panel, and choose the VSwitch where you want to place your ECS. Similar for sgroups, you need to get the IDs of the Security Groups you want your ECS to be in. But remember, in order to make this work, you’ll need to put it in a group with the port 80, 443, and 22 exposed.

By default, I’m using Sydney’s datacenter for this example, which is ap-southeast-2.

Provider

This part is self-explanatory, as it only tells Terraform which provider to use. In our case, we are telling Terraform to use Alibaba Cloud (Alicloud Provider).

provider "alicloud" {
  access_key = "${var.access_key}"
  secret_key = "${var.secret_key}"
  region     = "${var.region}"
}

Data

Here we will set the ECS details about the image to use and the type of instance. In this example, I have selected Ubuntu 16.04 64bits with 1GB, 1CPU. But you can increase the specifications of ECS as required for your applications.

data "alicloud_images" "search" {
  name_regex = "^ubuntu_16.*_64"
}

data "alicloud_instance_types" "default" {
  instance_type_family = "ecs.xn4"
  cpu_core_count       = 1
  memory_size          = 1
}

Resource

This is the most important block of them all. In here, we are finally telling Terraform what resource we are creating. In our case, we are creating an ECS with the details provided by the variables we defined before.

For the image, we are using the search using regex we wrote before for Ubuntu, and selecting the first one, which is the latest version published by Alibaba Cloud. Same goes for Instance Type.

resource "alicloud_instance" "web" {
  instance_name = "${var.name}"
  image_id      = "${data.alicloud_images.search.images.0.image_id}"
  instance_type = "${data.alicloud_instance_types.default.instance_types.0.id}"

  vswitch_id                 = "${var.vswitch}"
  security_groups            = "${var.sgroups}"
  internet_max_bandwidth_out = 100
  allocate_public_ip         = true

  password = "${var.password}"
}

remote-exec

Even after completing the previous steps, the ECS is not going to do much if we don’t install anything into it. For this reason, upon creation, we need to ask Terraform to log in using SSH and install docker and docker-compose. After that, it will fetch a docker-compose config file to deploy a copy of Bolt using roura/bolt.

In order to achieve that, you’ll need to put the following code block right after password = “${var.password}” inside the last resource block we just wrote.

provisioner "remote-exec" {
  inline = [
    "apt-get update && apt-get install -y apt-transport-https ca-certificates curl software-properties-common",
    "curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add -",
    "add-apt-repository \"deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable\"",
    "apt-get update && apt-get install -y docker-ce docker-compose",
    "curl https://raw.githubusercontent.com/roura356a/bolt/master/docker-compose.yml -o docker-compose.yml",
    "curl -L https://github.com/docker/compose/releases/download/1.18.0/docker-compose-`uname -s`-`uname -m` -o /usr/bin/docker-compose",
    "docker-compose up -d"
  ]

  connection {
    host     = "${alicloud_instance.web.public_ip}"
    password = "${var.password}"
  }
}

output

After everything, we still wouldn’t go far if we didn’t know the IP of the ECS we just generated. So run the following code to tell Terraform to print in the terminal the IP after everything finishes.

output "ip" {
  value = "${alicloud_instance.web.public_ip}"
}

Summary

To conclude, our main.tf file should look like this:

variable "access_key" {
  type    = "string"
  default = "XXXXX"
}
variable "secret_key" {
  type    = "string"
  default = "XXXXX"
}
variable "region" {
  type    = "string"
  default = "ap-southeast-2"
}
variable "vswitch" {
  type    = "string"
  default = "XXX-XXXXX"
}
variable "sgroups" {
  type    = "list"
  default = [
    "XX-XXXXX"
  ]
}
variable "name" {
  type    = "string"
  default = "bolt-instance"
}
variable "password" {
  type    = "string"
  default = "Test1234!"
}

provider "alicloud" {
  access_key = "${var.access_key}"
  secret_key = "${var.secret_key}"
  region     = "${var.region}"
}

data "alicloud_images" "search" {
  name_regex = "^ubuntu_16.*_64"
}
data "alicloud_instance_types" "default" {
  instance_type_family = "ecs.xn4"
  cpu_core_count       = 1
  memory_size          = 1
}

resource "alicloud_instance" "web" {
  instance_name = "${var.name}"
  image_id      = "${data.alicloud_images.search.images.0.image_id}"
  instance_type = "${data.alicloud_instance_types.default.instance_types.0.id}"

  vswitch_id                 = "${var.vswitch}"
  security_groups            = "${var.sgroups}"
  internet_max_bandwidth_out = 100
  allocate_public_ip         = true

  password = "${var.password}"

  provisioner "remote-exec" {
    inline = [
      "apt-get update && apt-get install -y apt-transport-https ca-certificates curl software-properties-common",
      "curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add -",
      "add-apt-repository \"deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable\"",
      "apt-get update && apt-get install -y docker-ce docker-compose",
      "curl https://raw.githubusercontent.com/roura356a/bolt/master/docker-compose.yml -o docker-compose.yml",
      "curl -L https://github.com/docker/compose/releases/download/1.18.0/docker-compose-`uname -s`-`uname -m` -o /usr/bin/docker-compose",
      "docker-compose up -d"
    ]

    connection {
      host     = "${alicloud_instance.web.public_ip}"
      password = "${var.password}"
    }
  }
}

output "ip" {
  value = "${alicloud_instance.web.public_ip}"
}

terraform init

We are ready to take off! Type the init command for Terraform to get the project ready to apply.

terraform init

terraform plan

In order to verify that everything is fine, it is good practice to run the plan command, so you can get an overview of the job without actually applying it.

terraform plan

terraform apply

Seatbelts on. We are now deploying our machine! Run the apply command and wait until it finishes. It will take about 3 to 5 minutes depending on the Internet connection and the conditions of the datacenter you are connecting to.

terraform apply

After the job finishes, you will get a message in the terminal confirming the IP address of your new ECS instance:

Apply complete! Resources: 1 added, 0 changed, 0 destroyed.
Outputs:
ip = XX.XX.XX.XX

If the security group you selected has the port 80 opened, you can type the IP in your browser and see how Bolt web-based installation comes up to customize your new website.

You have now successfully set up Bolt on Alibaba Cloud ECS. Go and do something fun with it!


Need help with DevOps/SRE things?

Specializing in Cloud Computing, I can provide cloud solutions and DevOps/SRE expertise. Having extensive AWS experience and also focusing on Chinese & APAC cloud providers I can help you architect single and multicloud platforms including also Tencent Cloud, Alibaba Cloud, Baidu Cloud and Huawei Cloud.

Also, if you need help with ICP License Filing, cross-border communications or Site Acceleration in China, I will help you architect the most suitable solution for your business needs. Check the services I offer on Cloud Consulting.

You can also check out my calendar if you want to have a chat.


Share: Link copied to clipboard

Tags:

Previous: Aplicaciones peligrosas: ¿Hasta dónde nos rastrean por celular?, En SBS Radio
Next: Dynamic DNS using Alibaba Cloud DNS API

Where: Home > Technical > Run Bolt With Docker And Terraform With Alibaba Cloud