-
-
Save anthroprose/b3c7f4e0771abcfefef5 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"AWSTemplateFormatVersion": "2010-09-09", | |
"Description": "Zenoss", | |
"Parameters": { | |
"StackName": { | |
"Description": "Name for Customer", | |
"Type": "String", | |
"MinLength": "1", | |
"MaxLength": "64", | |
"AllowedPattern": "[-_ a-zA-Z0-9]*", | |
"ConstraintDescription": "can contain only alphanumeric characters, spaces, dashes and underscores." | |
}, | |
"GUID": { | |
"Type": "String", | |
"Description": "GUID" | |
}, | |
"InstanceSize": { | |
"Default": "m1.large", | |
"Type": "String", | |
"Description": "Instance Class", | |
"AllowedValues": [ | |
"m1.large", | |
"m1.xlarge", | |
"m2.xlarge", | |
"m2.2xlarge", | |
"m2.4xlarge" | |
], | |
"ConstraintDescription": "must select a valid instance type." | |
}, | |
"VolumeSize": { | |
"Default": "60", | |
"Type": "String", | |
"Description": "Size of Storage Volume" | |
}, | |
"VPCID": { | |
"Type": "String", | |
"Description": "VPC ID" | |
}, | |
"ZONEID": { | |
"Type": "String", | |
"Description": "Route53 ZoneID" | |
}, | |
"Subnets": { | |
"Type": "String", | |
"Description": "Subnets" | |
}, | |
"PublicRouteTable": { | |
"Type": "String", | |
"Description": "Public Route Table ID" | |
}, | |
"RDSName": { | |
"Type": "String", | |
"Description": "DNS Entry for the RDS Instance" | |
}, | |
"RDSPass": { | |
"Type": "String", | |
"Description": "Root Password for RDS Instance" | |
}, | |
"ChefEnvironment": { | |
"Default": "Alex", | |
"Type": "String", | |
"Description": "Chef Environment to Use" | |
}, | |
"ChefBucket": { | |
"Default": "zaas-admin-data-artifacts", | |
"Type": "String", | |
"Description": "S3 Bucket for Artifacts" | |
}, | |
"ZenossVersion": { | |
"Default": "4.2.3-1695", | |
"Type": "String", | |
"Description": "Version String for Zenoss" | |
}, | |
"ZenossPatchset": { | |
"Default": "zenoss_4.2.3_recommended_patches_r70992.tgz", | |
"Type": "String", | |
"Description": "Patchset Filename" | |
}, | |
"ZenossPristine": { | |
"Default": "zenoss_4.2.3_pristine_r70992.tgz", | |
"Type": "String", | |
"Description": "Pristine Filename" | |
}, | |
"ZenossImpact": { | |
"Default": "false", | |
"Type": "String", | |
"Description": "True/False for Impact Install" | |
} | |
}, | |
"Mappings": { | |
"AWSRegionArch2Zenoss": { | |
"us-east-1": { | |
"64": "ami-54cf5c3d" | |
}, | |
"us-west-1": { | |
"64": "ami-1bf9de5e" | |
}, | |
"us-west-2": { | |
"64": "ami-2a31bf1a" | |
}, | |
"eu-west-1": { | |
"64": "ami-e5e2d991" | |
}, | |
"sa-east-1": { | |
"64": "ami-1e08d103" | |
}, | |
"ap-southeast-1": { | |
"64": "ami-02eb9350" | |
}, | |
"ap-southeast-2": { | |
"64": "ami-bcdf4e86" | |
}, | |
"ap-northeast-1": { | |
"64": "ami-4e6cd34f" | |
} | |
} | |
}, | |
"Resources": { | |
"CustomerSecurityGroup": { | |
"Type": "AWS::EC2::SecurityGroup", | |
"Properties": { | |
"VpcId": { | |
"Ref": "VPCID" | |
}, | |
"GroupDescription": "Customer Security Group", | |
"SecurityGroupIngress": [ | |
{ | |
"IpProtocol": "tcp", | |
"FromPort": "22", | |
"ToPort": "22", | |
"CidrIp": "0.0.0.0/0" | |
}, | |
{ | |
"IpProtocol": "tcp", | |
"FromPort": "443", | |
"ToPort": "443", | |
"CidrIp": "0.0.0.0/0" | |
} | |
] | |
} | |
}, | |
"DeregQueue": { | |
"Type": "AWS::SQS::Queue" | |
}, | |
"DeregTopic": { | |
"Type": "AWS::SNS::Topic", | |
"Properties": { | |
"Subscription": [ | |
{ | |
"Endpoint": { | |
"Fn::GetAtt": [ | |
"DeregQueue", | |
"Arn" | |
] | |
}, | |
"Protocol": "sqs" | |
} | |
] | |
} | |
}, | |
"CustomerASGServerGroup": { | |
"UpdatePolicy": { | |
"AutoScalingRollingUpdate": { | |
"MinInstancesInService": "1", | |
"MaxBatchSize": "1" | |
} | |
}, | |
"Type": "AWS::AutoScaling::AutoScalingGroup", | |
"Properties": { | |
"AvailabilityZones": { | |
"Fn::GetAZs": "" | |
}, | |
"VPCZoneIdentifier": [ | |
{ | |
"Ref": "Subnets" | |
} | |
], | |
"LaunchConfigurationName": { | |
"Ref": "CustomerLaunchConfig" | |
}, | |
"MinSize": "1", | |
"MaxSize": "1", | |
"NotificationConfiguration": { | |
"TopicARN": { | |
"Ref": "DeregTopic" | |
}, | |
"NotificationTypes": [ | |
"autoscaling:EC2_INSTANCE_TERMINATE" | |
] | |
} | |
} | |
}, | |
"CustomerPolicy": { | |
"Type": "AWS::IAM::Policy", | |
"Properties": { | |
"Roles": [ | |
{ | |
"Ref": "CustomerRole" | |
} | |
], | |
"PolicyName": "CustomerPolicy", | |
"PolicyDocument": { | |
"Statement": [ | |
{ | |
"Effect": "Allow", | |
"Action": "cloudformation:DescribeStackResource", | |
"Resource": "*" | |
}, | |
{ | |
"Effect": "Allow", | |
"Action": [ | |
"ec2:Describe*", | |
"ec2:CreateSnapshot", | |
"ec2:CreateVolume", | |
"ec2:AttachVolume", | |
"ec2:CreateTags", | |
"ec2:AllocateAddress", | |
"ec2:AssociateAddress", | |
"ec2:AssignPrivateIpAddresses", | |
"ec2:AttachNetworkInterface", | |
"ec2:CreateNetworkInterface", | |
"ec2:AssociateRouteTable", | |
"ec2:DescribeRouteTables", | |
"ec2:DisassociateRouteTable", | |
"sqs:SendMessage" | |
], | |
"Resource": "*" | |
}, | |
{ | |
"Effect": "Allow", | |
"Action": "s3:*", | |
"Resource": [ | |
{ | |
"Fn::Join": [ | |
"", | |
[ | |
"arn:aws:s3:::zaas-customer-", | |
{ | |
"Ref": "StackName" | |
} | |
] | |
] | |
}, | |
{ | |
"Fn::Join": [ | |
"", | |
[ | |
"arn:aws:s3:::zaas-customer-", | |
{ | |
"Ref": "StackName" | |
}, | |
"/*" | |
] | |
] | |
} | |
] | |
}, | |
{ | |
"Effect": "Allow", | |
"Action": [ | |
"s3:Get*", | |
"s3:List*" | |
], | |
"Resource": [ | |
{ | |
"Fn::Join": [ | |
"", | |
[ | |
"arn:aws:s3:::", | |
{ | |
"Ref": "ChefBucket" | |
} | |
] | |
] | |
}, | |
{ | |
"Fn::Join": [ | |
"", | |
[ | |
"arn:aws:s3:::", | |
{ | |
"Ref": "ChefBucket" | |
}, | |
"/*" | |
] | |
] | |
} | |
] | |
}, | |
{ | |
"Effect": "Allow", | |
"Action": [ | |
"route53:*" | |
], | |
"Resource": [ | |
"*" | |
] | |
} | |
] | |
} | |
} | |
}, | |
"CustomerRole": { | |
"Type": "AWS::IAM::Role", | |
"Properties": { | |
"AssumeRolePolicyDocument": { | |
"Statement": [ | |
{ | |
"Effect": "Allow", | |
"Principal": { | |
"Service": [ | |
"ec2.amazonaws.com" | |
] | |
}, | |
"Action": [ | |
"sts:AssumeRole" | |
] | |
} | |
] | |
}, | |
"Path": "/" | |
} | |
}, | |
"CustomerProfile": { | |
"Type": "AWS::IAM::InstanceProfile", | |
"Properties": { | |
"Path": "/", | |
"Roles": [ | |
{ | |
"Ref": "CustomerRole" | |
} | |
] | |
} | |
}, | |
"CustomerLaunchConfig": { | |
"Type": "AWS::AutoScaling::LaunchConfiguration", | |
"Metadata": { | |
"AWS::CloudFormation::Init": { | |
"config": { | |
"files": { | |
"/etc/chef/client-attribs.json": { | |
"content": { | |
"Fn::Join": [ | |
"", | |
[ | |
"{\"run_list\": [ \"role[zenoss-cloudformation]\" ], \"cluster\": { \"name\": \"", | |
{ | |
"Ref": "StackName" | |
}, | |
"\" }, \"region\":\"", | |
{ | |
"Ref": "AWS::Region" | |
}, | |
"\", \"public_route_table\":\"", | |
{ | |
"Ref": "PublicRouteTable" | |
}, | |
"\", \"subnets\":\"", | |
{ | |
"Ref": "Subnets" | |
}, | |
"\", \"aws\": { \"route53\": { \"zone_id\": \"", | |
{ | |
"Ref": "ZONEID" | |
}, | |
"\" }, \"s3\": { \"bucket\":\"", | |
{ | |
"Ref": "ChefBucket" | |
}, | |
"\" } }, \"zenoss\": { \"version\": \"", | |
{ | |
"Ref": "ZenossVersion" | |
}, | |
"\", \"patchset\": \"", | |
{ | |
"Ref": "ZenossPatchset" | |
}, | |
"\", \"pristine\": \"", | |
{ | |
"Ref": "ZenossPristine" | |
}, | |
"\", \"impact\": \"", | |
{ | |
"Ref": "ZenossImpact" | |
}, | |
"\"}, \"zaas\": { \"name\": \"", | |
{ | |
"Ref": "StackName" | |
}, | |
"\", \"guid\":\"", | |
{ | |
"Ref": "GUID" | |
}, | |
"\" }, \"mysql\" : { \"server\": { \"role\": \"master\", \"host\": \"", | |
{ | |
"Ref": "RDSName" | |
}, | |
"\", \"pass\":\"", | |
{ | |
"Ref": "RDSPass" | |
}, | |
"\" } }, \"rabbitmq\" : { \"server\": { \"host\": \"localhost\" } }, \"postfix\" : { \"relayhost\": \"[email-smtp.", | |
{ | |
"Ref": "AWS::Region" | |
}, | |
".amazonaws.com]:25\" } }" | |
] | |
] | |
}, | |
"mode": "000644", | |
"owner": "chef", | |
"group": "root" | |
}, | |
"/etc/chef/getcerts.py": { | |
"content": { | |
"Fn::Join": [ | |
"", | |
[ | |
"import boto\n", | |
"from boto.s3.connection import S3Connection\n", | |
"s3 = S3Connection()\n", | |
"bucket = s3.get_bucket('", | |
{ | |
"Ref": "ChefBucket" | |
}, | |
"')\n", | |
"key = bucket.get_key('chef/client.rb')\n", | |
"key.get_contents_to_filename('/etc/chef/client.rb')\n", | |
"key = bucket.get_key('chef/zenosssaas-validator.pem')\n", | |
"key.get_contents_to_filename('/etc/chef/zenosssaas-validator.pem')\n" | |
] | |
] | |
}, | |
"mode": "000754", | |
"owner": "chef", | |
"group": "root" | |
}, | |
"/etc/chef/addnode.sh": { | |
"content": { | |
"Fn::Join": [ | |
"", | |
[ | |
"#!/bin/bash\n", | |
"echo \"client_key '/etc/chef/", | |
{ | |
"Ref": "StackName" | |
}, | |
".pem'\" >> /etc/chef/client.rb\n", | |
"echo \"node_name '", | |
{ | |
"Ref": "StackName" | |
}, | |
"'\" >> /etc/chef/client.rb\n" | |
] | |
] | |
}, | |
"mode": "000754", | |
"owner": "chef", | |
"group": "root" | |
} | |
} | |
} | |
} | |
}, | |
"Properties": { | |
"KeyName": { | |
"Ref": "AWS::Region" | |
}, | |
"IamInstanceProfile": { | |
"Fn::GetAtt": [ | |
"CustomerProfile", | |
"Arn" | |
] | |
}, | |
"ImageId": { | |
"Fn::FindInMap": [ | |
"AWSRegionArch2Zenoss", | |
{ | |
"Ref": "AWS::Region" | |
}, | |
"64" | |
] | |
}, | |
"SecurityGroups": [ | |
{ | |
"Ref": "CustomerSecurityGroup" | |
} | |
], | |
"InstanceType": { | |
"Ref": "InstanceSize" | |
}, | |
"BlockDeviceMappings": [ | |
{ | |
"DeviceName": "/dev/sdh1", | |
"Ebs": { | |
"VolumeSize": { | |
"Ref": "VolumeSize" | |
} | |
} | |
} | |
], | |
"UserData": { | |
"Fn::Base64": { | |
"Fn::Join": [ | |
"", | |
[ | |
"#!/bin/bash -v\n", | |
"yum update -y aws-cfn-bootstrap\n", | |
"yum install -y xfsprogs aws-apitools-common aws-apitools-ec2 python python-boto\n", | |
"#do some chef things before the cfn-init due to order of operations\n", | |
"/bin/mkdir -p /etc/chef\n", | |
"/bin/mkdir -p /var/lib/chef\n", | |
"/bin/mkdir -p /var/log/chef\n", | |
"/usr/sbin/groupadd chef -r\n", | |
"/usr/sbin/useradd chef -r -s /bin/sh -d /var/lib/chef -g chef\n", | |
"/opt/aws/bin/cfn-init -s ", | |
{ | |
"Ref": "AWS::StackName" | |
}, | |
" -r CustomerLaunchConfig ", | |
" --region ", | |
{ | |
"Ref": "AWS::Region" | |
}, | |
" || error_exit 'Failed to run cfn-init'\n", | |
"while [ ! -e /dev/sdh1 ]; do echo waiting for /dev/sdh1 to attach; sleep 10; done\n", | |
"#install chef client for later\n", | |
"curl -L http://www.opscode.com/chef/install.sh | bash\n", | |
"cd /etc/chef\n", | |
"python /etc/chef/getcerts.py\n", | |
"bash /etc/chef/addnode.sh\n", | |
"/bin/chown -R chef:chef /etc/chef\n", | |
"/usr/bin/chef-client -j /etc/chef/client-attribs.json --once -E ", | |
{ | |
"Ref": "ChefEnvironment" | |
}, | |
" >>/var/log/chef-client.log\n" | |
] | |
] | |
} | |
} | |
} | |
} | |
}, | |
"Outputs": {} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment