Created
March 28, 2016 15:06
-
-
Save coingraham/ae5ee51cb92d1c14395a to your computer and use it in GitHub Desktop.
NFS Cloud Formation Template
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"AWSTemplateFormatVersion" : "2010-09-09", | |
"Description" : "CloudFormation Template for deploying a local NFS Server using Amazon Linux AMI", | |
"Parameters" : { | |
"AZ1" : { | |
"Description" : "What availability zone should this stack be launched in? us-east-1a, us-east-1b, etc.", | |
"Type" : "String", | |
"Default" : "eu-west-1a", | |
"ConstraintDescription" : "must be a valid EC2 Availability Zone" | |
}, | |
"VPC" : { | |
"Description" : "Which VPC would you like to launch the NFS server into", | |
"Type" : "AWS::EC2::VPC::Id" | |
}, | |
"NFSSubnet" : { | |
"Description" : "Which subnet would you like to launch the NFS server into", | |
"Type" : "AWS::EC2::Subnet::Id" | |
}, | |
"NFSInstanceType" : { | |
"Default" : "t2.medium", | |
"Description" : "NFS server instance type", | |
"Type" : "String" | |
}, | |
"SubnetFrom" : { | |
"Description" : "The CIDR range that has access to mount folders from the NFS server", | |
"Default" : "10.0.0.0/16", | |
"Type" : "String", | |
"MinLength" : "5", | |
"MaxLength" : "18", | |
"AllowedPattern" : "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})(\\/(\\d|[1-2]\\d|3[0-2]))", | |
"ConstraintDescription" : "must be a valid IP CIDR range of the form x.x.x.x/xx" | |
}, | |
"SSHFrom" : { | |
"Description" : "The CIDR range that has access to SSH to the NFS server", | |
"Default" : "10.0.0.0/16", | |
"Type" : "String", | |
"MinLength" : "5", | |
"MaxLength" : "18", | |
"AllowedPattern" : "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})(\\/(\\d|[1-2]\\d|3[0-2]))", | |
"ConstraintDescription" : "must be a valid IP CIDR range of the form x.x.x.x/xx" | |
}, | |
"PrivateKeyName" : { | |
"Description" : "Key file used to SSH into servers", | |
"Type" : "AWS::EC2::KeyPair::KeyName" | |
} | |
}, | |
"Conditions" : { | |
}, | |
"Mappings" : { | |
"Region2Ami" : { | |
"us-east-1" : { | |
"amzn" : "ami-1ecae776", | |
"nat" : "ami-184dc970" | |
}, | |
"ap-northeast-1" : { | |
"amzn" : "ami-cbf90ecb", | |
"nat" : "ami-27d6e626" | |
}, | |
"sa-east-1" : { | |
"amzn" : "ami-b52890a8", | |
"nat" : "ami-8122969c" | |
}, | |
"ap-southeast-1" : { | |
"amzn" : "ami-68d8e93a", | |
"nat" : "ami-6aa38238" | |
}, | |
"ap-southeast-2" : { | |
"amzn" : "ami-fd9cecc7", | |
"nat" : "ami-893f53b3" | |
}, | |
"us-west-2" : { | |
"amzn" : "ami-e7527ed7", | |
"nat" : "ami-290f4119" | |
}, | |
"us-west-1" : { | |
"amzn" : "ami-d114f295", | |
"nat" : "ami-a98396ec" | |
}, | |
"eu-central-1" : { | |
"amzn" : "ami-a8221fb5", | |
"nat" : "ami-ae380eb3" | |
}, | |
"eu-west-1" : { | |
"amzn" : "ami-a10897d6", | |
"nat" : "ami-14913f63" | |
} | |
} | |
}, | |
"Resources" : { | |
"NFSSecurityGroup" : { | |
"Type" : "AWS::EC2::SecurityGroup", | |
"Properties" : { | |
"GroupDescription" : "Enable internal access to the NAT device", | |
"VpcId" : { | |
"Ref" : "VPC" | |
}, | |
"SecurityGroupIngress" : [ | |
{ | |
"IpProtocol" : "tcp", | |
"FromPort" : "111", | |
"ToPort" : "111", | |
"CidrIp" : { | |
"Ref" : "SubnetFrom" | |
} | |
}, | |
{ | |
"IpProtocol" : "udp", | |
"FromPort" : "111", | |
"ToPort" : "111", | |
"CidrIp" : { | |
"Ref" : "SubnetFrom" | |
} | |
}, | |
{ | |
"IpProtocol" : "tcp", | |
"FromPort" : "892", | |
"ToPort" : "892", | |
"CidrIp" : { | |
"Ref" : "SubnetFrom" | |
} | |
}, | |
{ | |
"IpProtocol" : "udp", | |
"FromPort" : "892", | |
"ToPort" : "892", | |
"CidrIp" : { | |
"Ref" : "SubnetFrom" | |
} | |
}, | |
{ | |
"IpProtocol" : "tcp", | |
"FromPort" : "2049", | |
"ToPort" : "2049", | |
"CidrIp" : { | |
"Ref" : "SubnetFrom" | |
} | |
}, | |
{ | |
"IpProtocol" : "udp", | |
"FromPort" : "2049", | |
"ToPort" : "2049", | |
"CidrIp" : { | |
"Ref" : "SubnetFrom" | |
} | |
}, | |
{ | |
"IpProtocol" : "tcp", | |
"FromPort" : "32803", | |
"ToPort" : "32803", | |
"CidrIp" : { | |
"Ref" : "SubnetFrom" | |
} | |
}, | |
{ | |
"IpProtocol" : "udp", | |
"FromPort" : "32769", | |
"ToPort" : "32769", | |
"CidrIp" : { | |
"Ref" : "SubnetFrom" | |
} | |
}, | |
{ | |
"IpProtocol" : "tcp", | |
"FromPort" : "22", | |
"ToPort" : "22", | |
"CidrIp" : { | |
"Ref" : "SSHFrom" | |
} | |
} | |
] | |
} | |
}, | |
"NFSServer" : { | |
"Type" : "AWS::EC2::Instance", | |
"Metadata" : { | |
"AWS::CloudFormation::Init" : { | |
"config" : { | |
"files" : { | |
"/tmp/nfs" : { | |
"content" : "IwojIERlZmluZSB3aGljaCBwcm90b2NvbCB2ZXJzaW9ucyBtb3VudGQgCiMgd2lsbCBhZHZlcnRpc2UuIFRoZSB2YWx1ZXMgYXJlICJubyIgb3IgInllcyIKIyB3aXRoIHllcyBiZWluZyB0aGUgZGVmYXVsdAojTU9VTlREX05GU19WMj0ibm8iCiNNT1VOVERfTkZTX1YzPSJubyIKIwojCiMgUGF0aCB0byByZW1vdGUgcXVvdGEgc2VydmVyLiBTZWUgcnF1b3RhZCg4KQojUlFVT1RBRD0iL3Vzci9zYmluL3JwYy5ycXVvdGFkIgojIFBvcnQgcnF1b3RhZCBzaG91bGQgbGlzdGVuIG9uLgojUlFVT1RBRF9QT1JUPTg3NQojIE9wdGluYWwgb3B0aW9ucyBwYXNzZWQgdG8gcnF1b3RhZAojUlBDUlFVT1RBRE9QVFM9IiIKIwojCiMgT3B0aW9uYWwgYXJndW1lbnRzIHBhc3NlZCB0byBpbi1rZXJuZWwgbG9ja2QKI0xPQ0tEQVJHPQojIFRDUCBwb3J0IHJwYy5sb2NrZCBzaG91bGQgbGlzdGVuIG9uLgpMT0NLRF9UQ1BQT1JUPTMyODAzCiMgVURQIHBvcnQgcnBjLmxvY2tkIHNob3VsZCBsaXN0ZW4gb24uCkxPQ0tEX1VEUFBPUlQ9MzI3NjkKIwojCiMgT3B0aW9uYWwgYXJndW1lbnRzIHBhc3NlZCB0byBycGMubmZzZC4gU2VlIHJwYy5uZnNkKDgpCiMgVHVybiBvZmYgdjIgYW5kIHYzIHByb3RvY29sIHN1cHBvcnQKI1JQQ05GU0RBUkdTPSItTiAyIC1OIDMiCiMgVHVybiBvZmYgdjQgcHJvdG9jb2wgc3VwcG9ydAojUlBDTkZTREFSR1M9Ii1OIDQiCiMgTnVtYmVyIG9mIG5mcyBzZXJ2ZXIgcHJvY2Vzc2VzIHRvIGJlIHN0YXJ0ZWQuCiMgVGhlIGRlZmF1bHQgaXMgOC4gCiNSUENORlNEQ09VTlQ9OAojIFN0b3AgdGhlIG5mc2QgbW9kdWxlIGZyb20gYmVpbmcgcHJlLWxvYWRlZAojTkZTRF9NT0RVTEU9Im5vbG9hZCIKIyBTZXQgVjQgZ3JhY2UgcGVyaW9kIGluIHNlY29uZHMKI05GU0RfVjRfR1JBQ0U9OTAKIwojCiMKIyBPcHRpb25hbCBhcmd1bWVudHMgcGFzc2VkIHRvIHJwYy5tb3VudGQuIFNlZSBycGMubW91bnRkKDgpCiNSUENNT1VOVERPUFRTPSIiCiMgUG9ydCBycGMubW91bnRkIHNob3VsZCBsaXN0ZW4gb24uCk1PVU5URF9QT1JUPTg5MgojCiMKIyBPcHRpb25hbCBhcmd1bWVudHMgcGFzc2VkIHRvIHJwYy5zdGF0ZC4gU2VlIHJwYy5zdGF0ZCg4KQojU1RBVERBUkc9IiIKIyBQb3J0IHJwYy5zdGF0ZCBzaG91bGQgbGlzdGVuIG9uLgojU1RBVERfUE9SVD02NjIKIyBPdXRnb2luZyBwb3J0IHN0YXRkIHNob3VsZCB1c2VkLiBUaGUgZGVmYXVsdCBpcyBwb3J0CiMgaXMgcmFuZG9tCiNTVEFURF9PVVRHT0lOR19QT1JUPTIwMjAKIyBTcGVjaWZ5IGNhbGxvdXQgcHJvZ3JhbSAKI1NUQVREX0hBX0NBTExPVVQ9Ii91c3IvbG9jYWwvYmluL2ZvbyIKIwojCiMgT3B0aW9uYWwgYXJndW1lbnRzIHBhc3NlZCB0byBycGMuaWRtYXBkLiBTZWUgcnBjLmlkbWFwZCg4KQojUlBDSURNQVBEQVJHUz0iIgojCiMgU2V0IHRvIHR1cm4gb24gU2VjdXJlIE5GUyBtb3VudHMuIAojU0VDVVJFX05GUz0ieWVzIgojIE9wdGlvbmFsIGFyZ3VtZW50cyBwYXNzZWQgdG8gcnBjLmdzc2QuIFNlZSBycGMuZ3NzZCg4KQojUlBDR1NTREFSR1M9IiIKIyBPcHRpb25hbCBhcmd1bWVudHMgcGFzc2VkIHRvIHJwYy5zdmNnc3NkLiBTZWUgcnBjLnN2Y2dzc2QoOCkKI1JQQ1NWQ0dTU0RBUkdTPSIiCiMKIyBUbyBlbmFibGUgUkRNQSBzdXBwb3J0IG9uIHRoZSBzZXJ2ZXIgYnkgc2V0dGluZyB0aGlzIHRvCiMgdGhlIHBvcnQgdGhlIHNlcnZlciBzaG91bGQgbGlzdGVuIG9uCiNSRE1BX1BPUlQ9MjAwNDkgCg==" | |
} | |
}, | |
"commands" : { | |
"makedir" : { | |
"command" : "mkdir /nfs" | |
} | |
}, | |
"services" : { | |
"sysvinit" : { | |
"nfs" : { | |
"enabled" : "true", | |
"ensureRunning" : "true" | |
} | |
} | |
}, | |
"packages" : { | |
"yum" : { | |
"nfs-utils" : [ | |
] | |
} | |
} | |
} | |
} | |
}, | |
"Properties" : { | |
"InstanceType" : { | |
"Ref" : "NFSInstanceType" | |
}, | |
"KeyName" : { | |
"Ref" : "PrivateKeyName" | |
}, | |
"NetworkInterfaces" : [ | |
{ | |
"GroupSet" : [ | |
{ | |
"Ref" : "NFSSecurityGroup" | |
} | |
], | |
"AssociatePublicIpAddress" : "true", | |
"DeviceIndex" : "0", | |
"DeleteOnTermination" : "true", | |
"SubnetId" : { | |
"Ref" : "NFSSubnet" | |
} | |
} | |
], | |
"Tags" : [ | |
{ | |
"Key" : "Name", | |
"Value" : { | |
"Ref" : "AWS::StackName" | |
} | |
} | |
], | |
"ImageId" : { | |
"Fn::FindInMap" : [ | |
"Region2Ami", | |
{ | |
"Ref" : "AWS::Region" | |
}, | |
"amzn" | |
] | |
}, | |
"UserData" : { | |
"Fn::Base64" : { | |
"Fn::Join" : [ | |
"", | |
[ | |
"#!/bin/bash -v\n", | |
"yum update -y\n", | |
"yum install aws-cfn-bootstrap -y\n", | |
"# download data and install file\n", | |
"/opt/aws/bin/cfn-init -s ", | |
{ | |
"Ref" : "AWS::StackName" | |
}, | |
" -r NFSServer ", | |
" --region ", | |
{ | |
"Ref" : "AWS::Region" | |
}, | |
" || error_exit 'Failed to run cfn-init'\n", | |
"echo \"/nfs ", | |
{ | |
"Ref" : "SubnetFrom" | |
}, | |
"(rw,no_root_squash,no_subtree_check,sync)\" > /etc/exports\n", | |
"base64 -d /tmp/nfs > /etc/sysconfig/nfs\n", | |
"exportfs -av\n", | |
"/sbin/service rpcbind restart\n", | |
"/sbin/service nfs restart\n" | |
] | |
] | |
} | |
} | |
} | |
} | |
}, | |
"Outputs" : { | |
"CommandToMount" : { | |
"Description" : "To mount a device to the nfs server run \"yum install nfs-utils\" and then \"mount [PrivatIP]:/nfs localfolder as root.", | |
"Value" : { | |
"Fn::GetAtt" : [ | |
"NFSServer", | |
"PrivateIp" | |
] | |
} | |
}, | |
"NFSServerPrivateIP" : { | |
"Description" : "Private IPAddress of NFS Server", | |
"Value" : { | |
"Fn::GetAtt" : [ | |
"NFSServer", | |
"PrivateIp" | |
] | |
} | |
}, | |
"NFSServerPublicDNS" : { | |
"Description" : "Public DNS of NFS Server", | |
"Value" : { | |
"Fn::GetAtt" : [ | |
"NFSServer", | |
"PublicDnsName" | |
] | |
} | |
}, | |
"NFSSG" : { | |
"Description" : "Security Group for the NFS instances", | |
"Value" : { | |
"Ref" : "NFSSecurityGroup" | |
} | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment