Skip to content

Instantly share code, notes, and snippets.

@cbednarski

cbednarski/aminator.md

Last active August 29, 2015 13:56
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save cbednarski/9062095 to your computer and use it in GitHub Desktop.
Save cbednarski/9062095 to your computer and use it in GitHub Desktop.
Download ZIP
Aminator Chef-Solo Setup Instructions
Raw
aminator.md

Aminator

You'll need to create / use a few security groups, IAM roles, etc. I recommend naming them all aminator to make it easy to remember what they're for. If you're following along, I've already set these up.

Security Configuration

Create a IAM Role for AWS EC2 with the following custom security policy:

{
  "Statement": [
    {
      "Sid": "Stmt0123456789012",
      "Action": [
        "ec2:AttachVolume",
        "ec2:CopySnapshot",
        "ec2:CreateSnapshot",
        "ec2:CreateTags",
        "ec2:CreateVolume",
        "ec2:DeleteSnapshot",
        "ec2:DeleteTags",
        "ec2:DeleteVolume",
        "ec2:DeregisterImage",
        "ec2:DetachVolume",
        "ec2:RegisterImage",
        "ec2:Describe*"
      ],
      "Effect": "Allow",
      "Resource": [
        "*"
      ]
    }
  ]
}

See the aminator wiki for more details.

EC2

Security group: Allow 22 / SSH from your IP ranges. Instance spec: c3.large gives good CPU for compiling, medium network IO, and on-demand costs $108 /month

OS

Amazon Linux

sudo -s
yum update -y
yum install -y python-pip git
pip install git+https://github.com/Netflix/aminator.git#egg=aminator
aminator-plugin install chef-solo

Configure:

Use debian or redhat for distro as appropriate

echo "ec2_chef_centos:
  cloud: ec2
  distro: redhat
  provisioner: chef
  volume: linux
  blockdevice: linux
  finalizer: tagging_ebs
ec2_chef_ubuntu:
  cloud: ec2
  distro: debian
  provisioner: chef
  volume: linux
  blockdevice: linux
  finalizer: tagging_ebs
" > /etc/aminator/environments.yml

Run aminate -h to see the full documentation for command-line options. To aminate, run (as root):

aminate -e ec2_chef_ubuntu -c YOUR_NAME -B AMI_ID -r REGION PACKAGE_NAME
aminate -e ec2_chef_ubuntu -c cbednarski -B ami-6aad335a -r us-west-2 apache

Aminator Payload

The aminator chef-solo payload is a tarball that includes your chef-solo recipes and configs. Your code will be pulled down via artifact deploy or a similar chef component during the chef run, but you may be able to squeeze it into the payload, too. You will probably want to prepare your cookbooks using Berkshelf to resolve your dependencies. I haven't tested this yet, but according to the chef-solo aminator plugin maintainer who I spoke to, it looks approximately like this:

cookbooks/
node.json
solo.rb
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment