Merge branch 'master' into feature/#68-gloo-edge-improvements

Author: antonioberben

INSTRUCTOR.md

@@ -5,7 +5,7 @@
 Install terraform:
 
 ```
-# Tested with terraform v0.15.4
+# Tested with terraform v0.15.4, v1.0.2
 brew install terraform
 ```
 
@@ -16,6 +16,20 @@ Install ansible:
 pip3 install ansible
 ```
 
+Provide credentials for both AWS and GCP:
+```
+# Authenticate with GCP. The easiest way to do this is to run
+gcloud auth application-default login
+# Authenticate with AWS. The easiest way to do this is to run
+aws configure
+```
+
+Configure region and zone for your remote resources:
+```
+# Create a file named configuration.auto.tfvars, you can use as template the one called configuration-example.auto.tfvars
+# This step is optional, but if you don't do it it will use default values from terraform.tfvars
+# Use this file to configure your desired resources too
+```
 ## Deploy
 
 Go to the terraform directory:
@@ -37,7 +51,7 @@ terraform workspace list
 terraform workspace select <workspace_name> || terraform workspace new <workspace_name>
 ```
 
-Edit the `terraform.tfvars` file to adapt it to your needs:
+Edit the `configuration.auto.tfvars` file to adapt it to your needs:
 
 - Add as many entries to `environment` as desired (or none). Every entry can be considered an isolated unit from the others
 - Inside an `environment` all parameters are optional, and default values are defined in the same file
@@ -69,7 +83,8 @@ If you don't already have the `lab` private key available locally, retrieve it f
 ---
 
 ```
-ssh-add lab
+eval "$(ssh-agent -s)"
+ssh-add ~/.ssh/id_workshop
 ```
 
 All solo.io enterprise products require a license key.  If you'd like to preset limited-term keys on the student Virtual Machines, then set the `LICENSE_KEY` and `GLOO_MESH_LICENSE_KEY` and `PORTAL_LICENSE_KEY` environment variables on your workstation before running the `ansible-playbook` command.
@@ -85,6 +100,9 @@ Run the following command to deploy the Virtual Machines:
 ```
 terraform apply -auto-approve
 ```
+---
+**NOTE**  
+Check TROUBLESHOOTING.md file in case you see errors
 
 # Manual provisioning
 

SUMMARY.md

@@ -3,6 +3,7 @@
     * [Gloo Edge Gateway](./gloo-edge/gloo-edge/README.md)
     * [Gloo Edge Federation](./gloo-mesh/federation/README.md)
 * [Gloo Mesh Workshop](./gloo-mesh/README.md)    
+* [Gloo Mesh Workshop on EKS](./gloo-mesh-eks-beta/README.md)    
 * [Gloo Portal Workshop](./gloo-portal/README.md)
 * [Istio Day 2 Series](./istio-day2/README.md)
     * [Deploy Istio for Production](./istio-day2/1-deploy-istio/README.md)

TROUBLESHOOTING.md

@@ -96,4 +96,83 @@ ssh-add -L
 If not, add it to the agent (the file can be found in shared drive)
 ```
 ssh-add ~/.ssh/rsa_solouser_github
-```
+```
+
+# Terraform apply error 'resource not found' 
+There are strong dependencies among the resources created by terraform, and sometimes the child can't get the parent ready before the timeout.
+
+Just run terraform apply again, with the same parameters, and terraform will resume the building
+```
+terraform apply
+```
+
+# Terraform apply failed
+Run the same command again, terraform will complete the creation
+
+# Terraform says it is locked
+This can happen when a running apply is unexepctely closed, if you are sure there is not terraform process running
+```
+terraform force-unlock <lockid>
+```
+
+# Terraform is very slow
+For a large number of resources (example 150 eks cluster => 4900 resources)
+
+Increase the default level of parallelism (10) to a higher number. Be aware that too high numbers can cause rate-limit in cloud api and high cpu usage.
+```
+terraform apply -parallelism=150
+```
+
+Another, maybe better, alternative is to use different workspaces to build the same object in different namespaces.
+These 3 commands can run in parallel, and every terraform process will deal with a portion of the final setup
+```
+TF_WORKSPACE=wkr-eks1 time terraform apply -parallelism=51 -auto-approve
+TF_WORKSPACE=wkr-eks2 time terraform apply -parallelism=51 -auto-approve
+TF_WORKSPACE=wkr-eks3 time terraform apply -parallelism=51 -auto-approve
+```
+
+After all commands are successful (you may need to retry some of them, as TF is not great handling large graphs of dependencies), you can see the outputs
+```
+TF_WORKSPACE=wkr-eks1 time terraform output eks_cluster_vm
+TF_WORKSPACE=wkr-eks2 time terraform output eks_cluster_vm
+TF_WORKSPACE=wkr-eks3 time terraform output eks_cluster_vm
+```
+
+And finally destroy them
+```
+TF_WORKSPACE=wkr-eks1 time terraform destroy -parallelism=51 -auto-approve -refresh=false
+TF_WORKSPACE=wkr-eks2 time terraform destroy -parallelism=51 -auto-approve -refresh=false
+TF_WORKSPACE=wkr-eks3 time terraform destroy -parallelism=51 -auto-approve -refresh=false
+```
+
+# Terraform says the maximum number of resources are created
+```
+https://eu-west-1.console.aws.amazon.com/servicequotas
+https://console.cloud.google.com/iam-admin/quotas?project=solo-test-236622
+```
+
+# Terraform is not working
+Make sure you have credentials in your system
+
+```
+# GCP
+# https://registry.terraform.io/providers/hashicorp/google/latest/docs/guides/getting_started#configuring-the-provider
+gcloud auth application-default login
+
+# AWS
+# https://registry.terraform.io/providers/hashicorp/aws/latest/docs#authentication
+aws configure
+````
+
+# Terraform is creating my resources in an undesired region/zone
+Make sure you have specified your preferences in file configuration.auto.tfvars
+
+```
+# GCP
+project = "solo-test-236622"
+region  = "europe-west4"
+zone    = "europe-west4-a"
+
+# AWS
+default_region = "eu-west-1"
+````