Open krystian-panek-vmltech opened 1 year ago
responsibilities
all done declaratively, support in-place update when possible
potential problems:
remote-exec
resource candidates:
aem_instance
aem_aws_instance
resource "aws_instance" "aem_author" { // ... } resource "aem_aws_instance" "aem_author" { aws { id = aws_instance.aem.id ssm = true // prefer SSM over SSH when connecting to instance to provision it } config { instance_id = "local_author" file = "aem.yml" // or yml inline below inline = <<EOT instance: config: local_author: http_url: http://127.0.0.1:4502 user: admin password: admin run_modes: [ int ] jvm_opts: - -server - -Djava.awt.headless=true - -Djava.io.tmpdir=[[canonicalPath .Path "aem/home/tmp"]] - -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=0.0.0.0:14502 - -Duser.language=en - -Duser.country=US - -Duser.timezone=UTC start_opts: [] secret_vars: - ACME_SECRET=value env_vars: - ACME_VAR=value sling_props: [] EOT } provision { commands = [ // assumes usage of standard 'changed' field returned by AEMC ["pkg", "deploy", "--url", "http://github.com/../some-pkg.zip"], ["osgi", "config", "save", "--pid", "xxx", "props", "a: 'b'"] ] // nicely propagates 'changed' to TF (update in place), also automatically uploads packages to AEM packages = [ "http://github.com/../some-pkg.zip", "packages/core-components.zip" "packages/content-large.zip" // use checksums to avoid re-uploading big packages ] // or as a last resort (without telling 'changed' to TF) shell = <<EOT sh aemw pkg deploy --url "http://github.com/../some-pkg.zip" sh aemw [do ant EOT } }
also consider implementing AEMC Packer Provisioner - https://developer.hashicorp.com/packer/docs/plugins/creation/custom-provisioners
responsibilities
all done declaratively, support in-place update when possible
potential problems:
remote-exec
) https://developer.hashicorp.com/terraform/language/resources/provisioners/remote-execresource candidates:
aem_instance
- provisioning via SSH connection (cloud agnostic)aem_aws_instance
- provisioning via AWS SSM (dedicated to AWS, SSH-less)