# Deploy Phase 2 from Nginx Proxy Host ## Quick Start **You need to SSH to the proxy host first. The proxy may use a different SSH key.** ### Step 1: SSH to Nginx Proxy ```bash # Try with different keys if available: ssh besuadmin@20.160.58.99 # Or with a specific key: ssh -i /path/to/proxy/key besuadmin@20.160.58.99 ``` ### Step 2: Copy Project Files to Proxy (if needed) **From your local machine**, after SSH access is working: ```bash cd /home/intlc/projects/smom-dbis-138 # Copy project to proxy (adjust key path as needed) rsync -avz -e "ssh -i /path/to/proxy/key" \ --exclude '.git' \ --exclude '.terraform' \ --exclude '*.tfstate*' \ --exclude '.terraform.lock.hcl' \ --exclude 'terraform.tfvars' \ --exclude 'node_modules' \ --exclude '__pycache__' \ --exclude '*.pyc' \ --progress \ ./ \ besuadmin@20.160.58.99:~/smom-dbis-138/ ``` ### Step 3: Deploy from Proxy Host **On the proxy host (20.160.58.99):** ```bash # Navigate to project cd ~/smom-dbis-138 # Load environment variables source .env # Verify SSH key path is correct for accessing VMs ls -la keys/besuadmin-us-nodes_key.pem # Ensure key has correct permissions chmod 600 keys/besuadmin-us-nodes_key.pem # Generate Phase 2 configuration (reads Phase 1 outputs) cd terraform/phases/phase1 terraform output -json phase1_us_regions > /tmp/phase1_outputs.json cd ../phase2 # Generate terraform.tfvars ../../scripts/deployment/generate-phase2-tfvars.sh # Review configuration cat terraform.tfvars # Initialize Terraform terraform init -upgrade # Plan deployment terraform plan # Deploy to all 5 regions (parallel) terraform apply -auto-approve ``` ### Step 4: Start Services **On the proxy host:** ```bash cd ~/smom-dbis-138 # Start all services in parallel across all regions ./terraform/phases/phase2/scripts/start-services.sh all ``` ### Step 5: Verify Deployment **On the proxy host:** ```bash cd ~/smom-dbis-138 # Check status of all regions in parallel ./terraform/phases/phase2/scripts/status.sh all ``` ## Alternative: Use Convenience Script **On the proxy host:** ```bash cd ~/smom-dbis-138 source .env ./scripts/deployment/deploy-phase2-from-proxy.sh ``` ## Troubleshooting ### SSH Key Issues If the proxy uses a different SSH key: 1. Check if you have the proxy key: ```bash ls -la ~/.ssh/ | grep -E "(proxy|bastion|nginx)" ``` 2. Try connecting with different keys: ```bash ssh -i ~/.ssh/id_rsa besuadmin@20.160.58.99 ssh -i ~/.ssh/id_ed25519 besuadmin@20.160.58.99 ``` 3. Check SSH config: ```bash cat ~/.ssh/config | grep -A 10 "20.160.58.99" ``` ### Verify VM Connectivity from Proxy **On the proxy host**, test SSH to VMs: ```bash # Test each VM for ip in 10.1.1.4 10.2.1.4 10.3.1.4 10.4.1.4 10.5.1.4; do echo "Testing $ip..." ssh -i ~/smom-dbis-138/keys/besuadmin-us-nodes_key.pem \ -o StrictHostKeyChecking=no \ besuadmin@$ip "echo '✅ $ip: OK'" done ``` ### Terraform Issues If Terraform can't connect to VMs: 1. Check SSH key path in `.env`: ```bash grep SSH_PRIVATE_KEY_PATH .env ``` 2. Verify key permissions: ```bash chmod 600 keys/besuadmin-us-nodes_key.pem ``` 3. Test SSH manually: ```bash ssh -i keys/besuadmin-us-nodes_key.pem besuadmin@10.3.1.4 ``` ## Complete Deployment Command Sequence **Copy and run on proxy host:** ```bash cd ~/smom-dbis-138 source .env chmod 600 keys/besuadmin-us-nodes_key.pem cd terraform/phases/phase2 terraform init -upgrade terraform apply -auto-approve cd ~/smom-dbis-138 ./terraform/phases/phase2/scripts/start-services.sh all ./terraform/phases/phase2/scripts/status.sh all ```