-
-
Save anthroprose/b3c7f4e0771abcfefef5 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "AWSTemplateFormatVersion": "2010-09-09", | |
| "Description": "Zenoss", | |
| "Parameters": { | |
| "StackName": { | |
| "Description": "Name for Customer", | |
| "Type": "String", | |
| "MinLength": "1", | |
| "MaxLength": "64", | |
| "AllowedPattern": "[-_ a-zA-Z0-9]*", | |
| "ConstraintDescription": "can contain only alphanumeric characters, spaces, dashes and underscores." | |
| }, | |
| "GUID": { | |
| "Type": "String", | |
| "Description": "GUID" | |
| }, | |
| "InstanceSize": { | |
| "Default": "m1.large", | |
| "Type": "String", | |
| "Description": "Instance Class", | |
| "AllowedValues": [ | |
| "m1.large", | |
| "m1.xlarge", | |
| "m2.xlarge", | |
| "m2.2xlarge", | |
| "m2.4xlarge" | |
| ], | |
| "ConstraintDescription": "must select a valid instance type." | |
| }, | |
| "VolumeSize": { | |
| "Default": "60", | |
| "Type": "String", | |
| "Description": "Size of Storage Volume" | |
| }, | |
| "VPCID": { | |
| "Type": "String", | |
| "Description": "VPC ID" | |
| }, | |
| "ZONEID": { | |
| "Type": "String", | |
| "Description": "Route53 ZoneID" | |
| }, | |
| "Subnets": { | |
| "Type": "String", | |
| "Description": "Subnets" | |
| }, | |
| "PublicRouteTable": { | |
| "Type": "String", | |
| "Description": "Public Route Table ID" | |
| }, | |
| "RDSName": { | |
| "Type": "String", | |
| "Description": "DNS Entry for the RDS Instance" | |
| }, | |
| "RDSPass": { | |
| "Type": "String", | |
| "Description": "Root Password for RDS Instance" | |
| }, | |
| "ChefEnvironment": { | |
| "Default": "Alex", | |
| "Type": "String", | |
| "Description": "Chef Environment to Use" | |
| }, | |
| "ChefBucket": { | |
| "Default": "zaas-admin-data-artifacts", | |
| "Type": "String", | |
| "Description": "S3 Bucket for Artifacts" | |
| }, | |
| "ZenossVersion": { | |
| "Default": "4.2.3-1695", | |
| "Type": "String", | |
| "Description": "Version String for Zenoss" | |
| }, | |
| "ZenossPatchset": { | |
| "Default": "zenoss_4.2.3_recommended_patches_r70992.tgz", | |
| "Type": "String", | |
| "Description": "Patchset Filename" | |
| }, | |
| "ZenossPristine": { | |
| "Default": "zenoss_4.2.3_pristine_r70992.tgz", | |
| "Type": "String", | |
| "Description": "Pristine Filename" | |
| }, | |
| "ZenossImpact": { | |
| "Default": "false", | |
| "Type": "String", | |
| "Description": "True/False for Impact Install" | |
| } | |
| }, | |
| "Mappings": { | |
| "AWSRegionArch2Zenoss": { | |
| "us-east-1": { | |
| "64": "ami-54cf5c3d" | |
| }, | |
| "us-west-1": { | |
| "64": "ami-1bf9de5e" | |
| }, | |
| "us-west-2": { | |
| "64": "ami-2a31bf1a" | |
| }, | |
| "eu-west-1": { | |
| "64": "ami-e5e2d991" | |
| }, | |
| "sa-east-1": { | |
| "64": "ami-1e08d103" | |
| }, | |
| "ap-southeast-1": { | |
| "64": "ami-02eb9350" | |
| }, | |
| "ap-southeast-2": { | |
| "64": "ami-bcdf4e86" | |
| }, | |
| "ap-northeast-1": { | |
| "64": "ami-4e6cd34f" | |
| } | |
| } | |
| }, | |
| "Resources": { | |
| "CustomerSecurityGroup": { | |
| "Type": "AWS::EC2::SecurityGroup", | |
| "Properties": { | |
| "VpcId": { | |
| "Ref": "VPCID" | |
| }, | |
| "GroupDescription": "Customer Security Group", | |
| "SecurityGroupIngress": [ | |
| { | |
| "IpProtocol": "tcp", | |
| "FromPort": "22", | |
| "ToPort": "22", | |
| "CidrIp": "0.0.0.0/0" | |
| }, | |
| { | |
| "IpProtocol": "tcp", | |
| "FromPort": "443", | |
| "ToPort": "443", | |
| "CidrIp": "0.0.0.0/0" | |
| } | |
| ] | |
| } | |
| }, | |
| "DeregQueue": { | |
| "Type": "AWS::SQS::Queue" | |
| }, | |
| "DeregTopic": { | |
| "Type": "AWS::SNS::Topic", | |
| "Properties": { | |
| "Subscription": [ | |
| { | |
| "Endpoint": { | |
| "Fn::GetAtt": [ | |
| "DeregQueue", | |
| "Arn" | |
| ] | |
| }, | |
| "Protocol": "sqs" | |
| } | |
| ] | |
| } | |
| }, | |
| "CustomerASGServerGroup": { | |
| "UpdatePolicy": { | |
| "AutoScalingRollingUpdate": { | |
| "MinInstancesInService": "1", | |
| "MaxBatchSize": "1" | |
| } | |
| }, | |
| "Type": "AWS::AutoScaling::AutoScalingGroup", | |
| "Properties": { | |
| "AvailabilityZones": { | |
| "Fn::GetAZs": "" | |
| }, | |
| "VPCZoneIdentifier": [ | |
| { | |
| "Ref": "Subnets" | |
| } | |
| ], | |
| "LaunchConfigurationName": { | |
| "Ref": "CustomerLaunchConfig" | |
| }, | |
| "MinSize": "1", | |
| "MaxSize": "1", | |
| "NotificationConfiguration": { | |
| "TopicARN": { | |
| "Ref": "DeregTopic" | |
| }, | |
| "NotificationTypes": [ | |
| "autoscaling:EC2_INSTANCE_TERMINATE" | |
| ] | |
| } | |
| } | |
| }, | |
| "CustomerPolicy": { | |
| "Type": "AWS::IAM::Policy", | |
| "Properties": { | |
| "Roles": [ | |
| { | |
| "Ref": "CustomerRole" | |
| } | |
| ], | |
| "PolicyName": "CustomerPolicy", | |
| "PolicyDocument": { | |
| "Statement": [ | |
| { | |
| "Effect": "Allow", | |
| "Action": "cloudformation:DescribeStackResource", | |
| "Resource": "*" | |
| }, | |
| { | |
| "Effect": "Allow", | |
| "Action": [ | |
| "ec2:Describe*", | |
| "ec2:CreateSnapshot", | |
| "ec2:CreateVolume", | |
| "ec2:AttachVolume", | |
| "ec2:CreateTags", | |
| "ec2:AllocateAddress", | |
| "ec2:AssociateAddress", | |
| "ec2:AssignPrivateIpAddresses", | |
| "ec2:AttachNetworkInterface", | |
| "ec2:CreateNetworkInterface", | |
| "ec2:AssociateRouteTable", | |
| "ec2:DescribeRouteTables", | |
| "ec2:DisassociateRouteTable", | |
| "sqs:SendMessage" | |
| ], | |
| "Resource": "*" | |
| }, | |
| { | |
| "Effect": "Allow", | |
| "Action": "s3:*", | |
| "Resource": [ | |
| { | |
| "Fn::Join": [ | |
| "", | |
| [ | |
| "arn:aws:s3:::zaas-customer-", | |
| { | |
| "Ref": "StackName" | |
| } | |
| ] | |
| ] | |
| }, | |
| { | |
| "Fn::Join": [ | |
| "", | |
| [ | |
| "arn:aws:s3:::zaas-customer-", | |
| { | |
| "Ref": "StackName" | |
| }, | |
| "/*" | |
| ] | |
| ] | |
| } | |
| ] | |
| }, | |
| { | |
| "Effect": "Allow", | |
| "Action": [ | |
| "s3:Get*", | |
| "s3:List*" | |
| ], | |
| "Resource": [ | |
| { | |
| "Fn::Join": [ | |
| "", | |
| [ | |
| "arn:aws:s3:::", | |
| { | |
| "Ref": "ChefBucket" | |
| } | |
| ] | |
| ] | |
| }, | |
| { | |
| "Fn::Join": [ | |
| "", | |
| [ | |
| "arn:aws:s3:::", | |
| { | |
| "Ref": "ChefBucket" | |
| }, | |
| "/*" | |
| ] | |
| ] | |
| } | |
| ] | |
| }, | |
| { | |
| "Effect": "Allow", | |
| "Action": [ | |
| "route53:*" | |
| ], | |
| "Resource": [ | |
| "*" | |
| ] | |
| } | |
| ] | |
| } | |
| } | |
| }, | |
| "CustomerRole": { | |
| "Type": "AWS::IAM::Role", | |
| "Properties": { | |
| "AssumeRolePolicyDocument": { | |
| "Statement": [ | |
| { | |
| "Effect": "Allow", | |
| "Principal": { | |
| "Service": [ | |
| "ec2.amazonaws.com" | |
| ] | |
| }, | |
| "Action": [ | |
| "sts:AssumeRole" | |
| ] | |
| } | |
| ] | |
| }, | |
| "Path": "/" | |
| } | |
| }, | |
| "CustomerProfile": { | |
| "Type": "AWS::IAM::InstanceProfile", | |
| "Properties": { | |
| "Path": "/", | |
| "Roles": [ | |
| { | |
| "Ref": "CustomerRole" | |
| } | |
| ] | |
| } | |
| }, | |
| "CustomerLaunchConfig": { | |
| "Type": "AWS::AutoScaling::LaunchConfiguration", | |
| "Metadata": { | |
| "AWS::CloudFormation::Init": { | |
| "config": { | |
| "files": { | |
| "/etc/chef/client-attribs.json": { | |
| "content": { | |
| "Fn::Join": [ | |
| "", | |
| [ | |
| "{\"run_list\": [ \"role[zenoss-cloudformation]\" ], \"cluster\": { \"name\": \"", | |
| { | |
| "Ref": "StackName" | |
| }, | |
| "\" }, \"region\":\"", | |
| { | |
| "Ref": "AWS::Region" | |
| }, | |
| "\", \"public_route_table\":\"", | |
| { | |
| "Ref": "PublicRouteTable" | |
| }, | |
| "\", \"subnets\":\"", | |
| { | |
| "Ref": "Subnets" | |
| }, | |
| "\", \"aws\": { \"route53\": { \"zone_id\": \"", | |
| { | |
| "Ref": "ZONEID" | |
| }, | |
| "\" }, \"s3\": { \"bucket\":\"", | |
| { | |
| "Ref": "ChefBucket" | |
| }, | |
| "\" } }, \"zenoss\": { \"version\": \"", | |
| { | |
| "Ref": "ZenossVersion" | |
| }, | |
| "\", \"patchset\": \"", | |
| { | |
| "Ref": "ZenossPatchset" | |
| }, | |
| "\", \"pristine\": \"", | |
| { | |
| "Ref": "ZenossPristine" | |
| }, | |
| "\", \"impact\": \"", | |
| { | |
| "Ref": "ZenossImpact" | |
| }, | |
| "\"}, \"zaas\": { \"name\": \"", | |
| { | |
| "Ref": "StackName" | |
| }, | |
| "\", \"guid\":\"", | |
| { | |
| "Ref": "GUID" | |
| }, | |
| "\" }, \"mysql\" : { \"server\": { \"role\": \"master\", \"host\": \"", | |
| { | |
| "Ref": "RDSName" | |
| }, | |
| "\", \"pass\":\"", | |
| { | |
| "Ref": "RDSPass" | |
| }, | |
| "\" } }, \"rabbitmq\" : { \"server\": { \"host\": \"localhost\" } }, \"postfix\" : { \"relayhost\": \"[email-smtp.", | |
| { | |
| "Ref": "AWS::Region" | |
| }, | |
| ".amazonaws.com]:25\" } }" | |
| ] | |
| ] | |
| }, | |
| "mode": "000644", | |
| "owner": "chef", | |
| "group": "root" | |
| }, | |
| "/etc/chef/getcerts.py": { | |
| "content": { | |
| "Fn::Join": [ | |
| "", | |
| [ | |
| "import boto\n", | |
| "from boto.s3.connection import S3Connection\n", | |
| "s3 = S3Connection()\n", | |
| "bucket = s3.get_bucket('", | |
| { | |
| "Ref": "ChefBucket" | |
| }, | |
| "')\n", | |
| "key = bucket.get_key('chef/client.rb')\n", | |
| "key.get_contents_to_filename('/etc/chef/client.rb')\n", | |
| "key = bucket.get_key('chef/zenosssaas-validator.pem')\n", | |
| "key.get_contents_to_filename('/etc/chef/zenosssaas-validator.pem')\n" | |
| ] | |
| ] | |
| }, | |
| "mode": "000754", | |
| "owner": "chef", | |
| "group": "root" | |
| }, | |
| "/etc/chef/addnode.sh": { | |
| "content": { | |
| "Fn::Join": [ | |
| "", | |
| [ | |
| "#!/bin/bash\n", | |
| "echo \"client_key '/etc/chef/", | |
| { | |
| "Ref": "StackName" | |
| }, | |
| ".pem'\" >> /etc/chef/client.rb\n", | |
| "echo \"node_name '", | |
| { | |
| "Ref": "StackName" | |
| }, | |
| "'\" >> /etc/chef/client.rb\n" | |
| ] | |
| ] | |
| }, | |
| "mode": "000754", | |
| "owner": "chef", | |
| "group": "root" | |
| } | |
| } | |
| } | |
| } | |
| }, | |
| "Properties": { | |
| "KeyName": { | |
| "Ref": "AWS::Region" | |
| }, | |
| "IamInstanceProfile": { | |
| "Fn::GetAtt": [ | |
| "CustomerProfile", | |
| "Arn" | |
| ] | |
| }, | |
| "ImageId": { | |
| "Fn::FindInMap": [ | |
| "AWSRegionArch2Zenoss", | |
| { | |
| "Ref": "AWS::Region" | |
| }, | |
| "64" | |
| ] | |
| }, | |
| "SecurityGroups": [ | |
| { | |
| "Ref": "CustomerSecurityGroup" | |
| } | |
| ], | |
| "InstanceType": { | |
| "Ref": "InstanceSize" | |
| }, | |
| "BlockDeviceMappings": [ | |
| { | |
| "DeviceName": "/dev/sdh1", | |
| "Ebs": { | |
| "VolumeSize": { | |
| "Ref": "VolumeSize" | |
| } | |
| } | |
| } | |
| ], | |
| "UserData": { | |
| "Fn::Base64": { | |
| "Fn::Join": [ | |
| "", | |
| [ | |
| "#!/bin/bash -v\n", | |
| "yum update -y aws-cfn-bootstrap\n", | |
| "yum install -y xfsprogs aws-apitools-common aws-apitools-ec2 python python-boto\n", | |
| "#do some chef things before the cfn-init due to order of operations\n", | |
| "/bin/mkdir -p /etc/chef\n", | |
| "/bin/mkdir -p /var/lib/chef\n", | |
| "/bin/mkdir -p /var/log/chef\n", | |
| "/usr/sbin/groupadd chef -r\n", | |
| "/usr/sbin/useradd chef -r -s /bin/sh -d /var/lib/chef -g chef\n", | |
| "/opt/aws/bin/cfn-init -s ", | |
| { | |
| "Ref": "AWS::StackName" | |
| }, | |
| " -r CustomerLaunchConfig ", | |
| " --region ", | |
| { | |
| "Ref": "AWS::Region" | |
| }, | |
| " || error_exit 'Failed to run cfn-init'\n", | |
| "while [ ! -e /dev/sdh1 ]; do echo waiting for /dev/sdh1 to attach; sleep 10; done\n", | |
| "#install chef client for later\n", | |
| "curl -L http://www.opscode.com/chef/install.sh | bash\n", | |
| "cd /etc/chef\n", | |
| "python /etc/chef/getcerts.py\n", | |
| "bash /etc/chef/addnode.sh\n", | |
| "/bin/chown -R chef:chef /etc/chef\n", | |
| "/usr/bin/chef-client -j /etc/chef/client-attribs.json --once -E ", | |
| { | |
| "Ref": "ChefEnvironment" | |
| }, | |
| " >>/var/log/chef-client.log\n" | |
| ] | |
| ] | |
| } | |
| } | |
| } | |
| } | |
| }, | |
| "Outputs": {} | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment