public
anonymous / gist:4056793
Last active

EC2 cloudinit script for Puppet Enterprise

  • Download Gist
gistfile1.txt
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97
#!/bin/sh
# Script to boot strap new EC2 instances and get them connected to our Puppet Enterprise master
 
rpm --quiet -q git rubygems || yum -y install git rubygems
 
if rpm --quiet -q pe-puppet; then
# Puppet Enterprise is already installed, let's reconfigure it - this instance was most likely booted up in the past, or is using an AMI that already has Puppet baked in
 
service pe-puppet stop
cat > /etc/puppetlabs/puppet/puppet.conf <<EOF
[main]
vardir = /var/opt/lib/pe-puppet
logdir = /var/log/pe-puppet
rundir = /var/run/pe-puppet
modulepath = /etc/puppetlabs/puppet/modules:/opt/puppet/share/puppet/modules
user = pe-puppet
group = pe-puppet
archive_files = true
archive_file_server = puppet.COMPANYNAME.com
 
[agent]
certname = $(curl -s http://169.254.169.254/latest/meta-data/instance-id).$(curl -s http://169.254.169.254/latest/meta-data/placement/availability-zone).COMPANYNAME.local
server = puppet.COMPANYNAME.com
report = true
classfile = \$vardir/classes.txt
localconfig = \$vardir/localconfig
graph = true
pluginsync = true
EOF
service pe-puppet start
chkconfig pe-puppet on
 
else
# Puppet Enterprise was never installed, let's install it and configure it
 
cat > /root/puppet-enterprise-installer.answers <<EOF
q_fail_on_unsuccessful_master_lookup=y
q_install=y
q_puppet_cloud_install=n
q_puppet_enterpriseconsole_install=n
q_puppet_symlinks_install=y
q_puppetagent_certname=$(curl -s http://169.254.169.254/latest/meta-data/instance-id).$(curl -s http://169.254.169.254/latest/meta-data/placement/availability-zone).COMPANYNAME.local
q_puppetagent_install=y
q_puppetagent_server=puppet.COMPANYNAME.com
q_puppetca_install=n
q_puppetmaster_install=n
q_vendor_packages_install=y
EOF
curl -o - 'https://pm.puppetlabs.com/puppet-enterprise/2.6.1/puppet-enterprise-2.6.1-el-6-x86_64.tar.gz' | tar -C /root/ -zxvf -
/root/puppet-enterprise-*/puppet-enterprise-installer -a /root/puppet-enterprise-installer.answers -l /root/puppet-install.log
rm -rf /root/puppet*
chkconfig pe-puppet on
 
fi
 
 
# This is a last-resort timebomb that checks for the existence of a file that is created by our default Puppet manifest.
# If the file is not created within 10 minutes of startup, send out an email alert and shut the instance down.
# This prevents zombie instances from running (and being billed) without ever contacting Puppet; the autoscaling configuration should start a replacement instance once this shuts down.
(
sleep 480
if [ ! -f /etc/ec2-instance-id ]
then
(
INSTANCE_ID=$(curl -s http://169.254.169.254/latest/meta-data/instance-id)
PUBLIC_HOSTNAME=$(curl -s http://169.254.169.254/latest/meta-data/public-hostname)
AVAILABILITY_ZONE=$(curl -s http://169.254.169.254/latest/meta-data/placement/availability-zone)
SECURITY_GROUPS=$(curl -s http://169.254.169.254/latest/meta-data/security-groups)
(
echo "From: root@$PUBLIC_HOSTNAME"
echo "To: admins@COMPANYNAME.com"
echo "Subject: $INSTANCE_ID Failed to register with Puppet"
echo ""
echo "$INSTANCE_ID does not appear to have picked up a Puppet configuration in the last 10 minutes and will be automatically shut down in 5 minutes."
echo ""
echo "Instance details:"
echo "Instance ID: $INSTANCE_ID"
echo "Hostname: $PUBLIC_HOSTNAME"
echo "Availability zone: $AVAILABILITY_ZONE"
echo "Security groups: $SECURITY_GROUPS"
echo "Uptime output: $(uptime)"
echo ""
echo "ps auwx and /var/log/messages output follows:"
echo ""
ps auwx
echo ""
tail -n 100 /var/log/messages
echo ""
echo "This message was generated by the EC2 cloud-spinup script"
) | sendmail -t
) &
 
shutdown -h +1 "Puppet did not appear to start properly. Shutting down instance."
fi
) &

Please sign in to comment on this gist.

Something went wrong with that request. Please try again.