Created
September 19, 2018 12:46
-
-
Save kikiya/ea7848e59b221a0ac8fe22bc90393d7b to your computer and use it in GitHub Desktop.
AWS Cloud formation template for dcos enterprise
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| {"AWSTemplateFormatVersion": "2010-09-09", "Description": "DC/OS AWS CloudFormation Template", "Metadata": {"DcosImageCommit": "72124980b21b2b79b0f891dcc67b5f2382dee68a", "TemplateGenerationDate": "2018-09-05 15:01:25.148740"}, "Parameters": {"KeyName": {"Description": "Required: EC2 Key Pair.", "Type": "AWS::EC2::KeyPair::KeyName"}, "AdminLocation": {"Description": "Optional: Specify the IP range to whitelist access to the admin zone. Must be a valid CIDR.", "Type": "String", "MinLength": "9", "MaxLength": "18", "Default": "0.0.0.0/0", "AllowedPattern": "^([0-9]+\\.){3}[0-9]+\\/[0-9]+$", "ConstraintDescription": "must be a valid CIDR."}, "SlaveInstanceCount": {"Description": "Required: # of private agents", "Type": "Number", "Default": "10"}, "PublicSlaveInstanceCount": {"Description": "Required: # of public agents", "Type": "Number", "Default": "1"}, "DefaultInstanceType": {"Description": "default instance", "Type": "String", "Default": "m4.xlarge"}, "LicenseKey": {"Description": "License key", "Type": "String", "Default": ""}}, "Mappings": {"RegionToAmi": {"ap-northeast-1": {"stable": "ami-a2b6a2de"}, "ap-southeast-1": {"stable": "ami-41461c3d"}, "ap-southeast-2": {"stable": "ami-f58e4097"}, "eu-central-1": {"stable": "ami-604e118b"}, "eu-west-1": {"stable": "ami-34237c4d"}, "sa-east-1": {"stable": "ami-8d2472e1"}, "us-east-1": {"stable": "ami-9e2685e3"}, "us-gov-west-1": {"stable": "ami-e0aa3f81"}, "us-west-1": {"stable": "ami-07a6b767"}, "us-west-2": {"stable": "ami-b41377cc"}}, "NATAmi": {"ap-northeast-1": {"default": "ami-55c29e54"}, "ap-southeast-1": {"default": "ami-b082dae2"}, "ap-southeast-2": {"default": "ami-996402a3"}, "eu-central-1": {"default": "ami-204c7a3d"}, "eu-west-1": {"default": "ami-3760b040"}, "sa-east-1": {"default": "ami-b972dba4"}, "us-east-1": {"default": "ami-4c9e4b24"}, "us-gov-west-1": {"default": "ami-fe991b9f"}, "us-west-1": {"default": "ami-2b2b296e"}, "us-west-2": {"default": "ami-bb69128b"}}, "Parameters": {"PublicSubnetRange": {"default": "10.0.4.0/22"}, "PrivateSubnetRange": {"default": "10.0.0.0/22"}, "VPCSubnetRange": {"default": "10.0.0.0/16"}, "StackCreationTimeout": {"default": "PT45M"}}}, "Conditions": {"RegionIsUsEast1": {"Fn::Equals": [{"Ref": "AWS::Region"}, "us-east-1"]}, "RegionIsUsGovWest1": {"Fn::Equals": [{"Ref": "AWS::Region"}, "us-gov-west-1"]}}, "Resources": {"Vpc": {"Type": "AWS::EC2::VPC", "Properties": {"EnableDnsSupport": "true", "EnableDnsHostnames": "true", "CidrBlock": {"Fn::FindInMap": ["Parameters", "VPCSubnetRange", "default"]}, "Tags": [{"Key": "Application", "Value": {"Ref": "AWS::StackName"}}, {"Key": "Network", "Value": "Public"}]}}, "PublicSubnet": {"Type": "AWS::EC2::Subnet", "Properties": {"VpcId": {"Ref": "Vpc"}, "CidrBlock": {"Fn::FindInMap": ["Parameters", "PublicSubnetRange", "default"]}, "Tags": [{"Key": "Application", "Value": {"Ref": "AWS::StackName"}}, {"Key": "Network", "Value": "Public"}]}, "DependsOn": "Vpc"}, "PrivateSubnet": {"Type": "AWS::EC2::Subnet", "Properties": {"VpcId": {"Ref": "Vpc"}, "CidrBlock": {"Fn::FindInMap": ["Parameters", "PrivateSubnetRange", "default"]}, "Tags": [{"Key": "Application", "Value": {"Ref": "AWS::StackName"}}, {"Key": "Network", "Value": "Private"}]}, "DependsOn": "Vpc"}, "DHCPOptions": {"Type": "AWS::EC2::DHCPOptions", "Properties": {"DomainName": {"Fn::If": ["RegionIsUsEast1", "ec2.internal", {"Fn::Join": ["", [{"Ref": "AWS::Region"}, ".compute.internal"]]}]}, "DomainNameServers": ["AmazonProvidedDNS"]}}, "VPCDHCPOptionsAssociation": {"Type": "AWS::EC2::VPCDHCPOptionsAssociation", "Properties": {"DhcpOptionsId": {"Ref": "DHCPOptions"}, "VpcId": {"Ref": "Vpc"}}, "DependsOn": "Vpc"}, "InternetGateway": {"Type": "AWS::EC2::InternetGateway", "DependsOn": "Vpc", "Properties": {"Tags": [{"Key": "Application", "Value": {"Ref": "AWS::StackName"}}, {"Key": "Network", "Value": "Public"}]}}, "GatewayToInternet": {"Type": "AWS::EC2::VPCGatewayAttachment", "DependsOn": "InternetGateway", "Properties": {"VpcId": {"Ref": "Vpc"}, "InternetGatewayId": {"Ref": "InternetGateway"}}}, "PublicRouteTable": {"Type": "AWS::EC2::RouteTable", "Properties": {"VpcId": {"Ref": "Vpc"}, "Tags": [{"Key": "Application", "Value": {"Ref": "AWS::StackName"}}, {"Key": "Network", "Value": "Public"}]}, "DependsOn": "Vpc"}, "PublicRoute": {"Type": "AWS::EC2::Route", "DependsOn": "GatewayToInternet", "Properties": {"RouteTableId": {"Ref": "PublicRouteTable"}, "DestinationCidrBlock": "0.0.0.0/0", "GatewayId": {"Ref": "InternetGateway"}}}, "PublicSubnetRouteTableAssociation": {"Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": {"SubnetId": {"Ref": "PublicSubnet"}, "RouteTableId": {"Ref": "PublicRouteTable"}}}, "PublicNetworkAcl": {"Type": "AWS::EC2::NetworkAcl", "Properties": {"VpcId": {"Ref": "Vpc"}, "Tags": [{"Key": "Application", "Value": {"Ref": "AWS::StackName"}}, {"Key": "Network", "Value": "Public"}]}}, "InboundNetworkAclEntry": {"Type": "AWS::EC2::NetworkAclEntry", "Properties": {"NetworkAclId": {"Ref": "PublicNetworkAcl"}, "RuleNumber": "100", "Protocol": "-1", "RuleAction": "allow", "Egress": "false", "CidrBlock": "0.0.0.0/0", "PortRange": {"From": "0", "To": "65535"}}}, "OutboundNetworkAclEntry": {"Type": "AWS::EC2::NetworkAclEntry", "Properties": {"NetworkAclId": {"Ref": "PublicNetworkAcl"}, "RuleNumber": "100", "Protocol": "-1", "RuleAction": "allow", "Egress": "true", "CidrBlock": "0.0.0.0/0", "PortRange": {"From": "0", "To": "65535"}}}, "PublicSubnetNetworkAclAssociation": {"Type": "AWS::EC2::SubnetNetworkAclAssociation", "Properties": {"SubnetId": {"Ref": "PublicSubnet"}, "NetworkAclId": {"Ref": "PublicNetworkAcl"}}}, "PrivateRouteTable": {"Type": "AWS::EC2::RouteTable", "Properties": {"VpcId": {"Ref": "Vpc"}, "Tags": [{"Key": "Application", "Value": {"Ref": "AWS::StackName"}}, {"Key": "Network", "Value": "Public"}]}}, "PrivateRoute": {"Type": "AWS::EC2::Route", "Properties": {"RouteTableId": {"Ref": "PrivateRouteTable"}, "DestinationCidrBlock": "0.0.0.0/0", "InstanceId": {"Ref": "NATInstance"}}}, "PrivateSubnetRouteTableAssociation": {"Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": {"SubnetId": {"Ref": "PrivateSubnet"}, "RouteTableId": {"Ref": "PrivateRouteTable"}}}, "PrivateNetworkAcl": {"Type": "AWS::EC2::NetworkAcl", "Properties": {"VpcId": {"Ref": "Vpc"}, "Tags": [{"Key": "Application", "Value": {"Ref": "AWS::StackName"}}, {"Key": "Network", "Value": "Public"}]}}, "PrivateInboundNetworkAclEntry": {"Type": "AWS::EC2::NetworkAclEntry", "Properties": {"NetworkAclId": {"Ref": "PrivateNetworkAcl"}, "RuleNumber": "100", "Protocol": "-1", "RuleAction": "allow", "Egress": "false", "CidrBlock": "0.0.0.0/0", "PortRange": {"From": "0", "To": "65535"}}}, "PrivateOutboundNetworkAclEntry": {"Type": "AWS::EC2::NetworkAclEntry", "Properties": {"NetworkAclId": {"Ref": "PrivateNetworkAcl"}, "RuleNumber": "100", "Protocol": "-1", "RuleAction": "allow", "Egress": "true", "CidrBlock": "0.0.0.0/0", "PortRange": {"From": "0", "To": "65535"}}}, "PrivateSubnetNetworkAclAssociation": {"Type": "AWS::EC2::SubnetNetworkAclAssociation", "Properties": {"SubnetId": {"Ref": "PrivateSubnet"}, "NetworkAclId": {"Ref": "PrivateNetworkAcl"}}}, "NATInstance": {"Type": "AWS::EC2::Instance", "DependsOn": "GatewayToInternet", "Properties": {"SourceDestCheck": "false", "KeyName": {"Ref": "KeyName"}, "ImageId": {"Fn::FindInMap": ["NATAmi", {"Ref": "AWS::Region"}, "default"]}, "InstanceType": "m4.large", "NetworkInterfaces": [{"SubnetId": {"Ref": "PublicSubnet"}, "AssociatePublicIpAddress": "true", "DeviceIndex": "0", "GroupSet": [{"Ref": "SlaveSecurityGroup"}, {"Ref": "MasterSecurityGroup"}, {"Ref": "AdminSecurityGroup"}], "DeleteOnTermination": "true"}]}}, "AdminSecurityGroup": {"Type": "AWS::EC2::SecurityGroup", "Properties": {"GroupDescription": "Admin access to servers", "VpcId": {"Ref": "Vpc"}, "SecurityGroupIngress": [{"IpProtocol": "tcp", "FromPort": "22", "ToPort": "22", "CidrIp": {"Ref": "AdminLocation"}}, {"IpProtocol": "tcp", "FromPort": "80", "ToPort": "80", "CidrIp": {"Ref": "AdminLocation"}}, {"IpProtocol": "tcp", "FromPort": "443", "ToPort": "443", "CidrIp": {"Ref": "AdminLocation"}}]}}, "ExhibitorS3Bucket": {"Type": "AWS::S3::Bucket", "DeletionPolicy": "Retain"}, "MasterRole": {"Type": "AWS::IAM::Role", "Properties": {"AssumeRolePolicyDocument": {"Version": "2012-10-17", "Statement": [{"Effect": "Allow", "Principal": {"Service": ["ec2.amazonaws.com"]}, "Action": ["sts:AssumeRole"]}]}, "Path": "/", "Policies": [{"PolicyName": "root", "PolicyDocument": {"Version": "2012-10-17", "Statement": [{"Effect": "Allow", "Action": ["s3:AbortMultipartUpload", "s3:DeleteObject", "s3:GetBucketAcl", "s3:GetBucketPolicy", "s3:GetObject", "s3:GetObjectAcl", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:ListMultipartUploadParts", "s3:PutObject", "s3:PutObjectAcl"], "Resource": [{"Fn::Join": ["", [{"Fn::If": ["RegionIsUsGovWest1", "arn:aws-us-gov:s3:::", "arn:aws:s3:::"]}, {"Ref": "ExhibitorS3Bucket"}, "/*"]]}, {"Fn::Join": ["", [{"Fn::If": ["RegionIsUsGovWest1", "arn:aws-us-gov:s3:::", "arn:aws:s3:::"]}, {"Ref": "ExhibitorS3Bucket"}]]}]}, {"Resource": [{"Ref": "AWS::StackId"}, {"Fn::Join": ["", [{"Ref": "AWS::StackId"}, "/*"]]}], "Action": ["cloudformation:*"], "Effect": "Allow"}, {"Resource": "*", "Action": ["ec2:DescribeKeyPairs", "ec2:DescribeSubnets", "autoscaling:DescribeLaunchConfigurations", "autoscaling:UpdateAutoScalingGroup", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeScalingActivities", "elasticloadbalancing:DescribeLoadBalancers"], "Effect": "Allow"}]}}]}}, "SlaveRole": {"Type": "AWS::IAM::Role", "Properties": {"AssumeRolePolicyDocument": {"Version": "2012-10-17", "Statement": [{"Effect": "Allow", "Principal": {"Service": ["ec2.amazonaws.com"]}, "Action": ["sts:AssumeRole"]}]}, "Policies": [{"PolicyName": "Slaves", "PolicyDocument": {"Version": "2012-10-17", "Statement": [{"Resource": [{"Ref": "AWS::StackId"}, {"Fn::Join": ["", [{"Ref": "AWS::StackId"}, "/*"]]}], "Action": ["cloudformation:*"], "Effect": "Allow"}, {"Resource": "*", "Action": ["ec2:CreateTags", "ec2:DescribeInstances", "ec2:CreateVolume", "ec2:DeleteVolume", "ec2:AttachVolume", "ec2:DetachVolume", "ec2:DescribeVolumes", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumeAttribute", "ec2:CreateSnapshot", "ec2:CopySnapshot", "ec2:DeleteSnapshot", "ec2:DescribeSnapshots", "ec2:DescribeSnapshotAttribute", "autoscaling:DescribeAutoScalingGroups", "cloudwatch:PutMetricData"], "Effect": "Allow"}]}}]}}, "MasterInstanceProfile": {"Type": "AWS::IAM::InstanceProfile", "Properties": {"Path": "/", "Roles": [{"Ref": "MasterRole"}]}}, "SlaveInstanceProfile": {"Type": "AWS::IAM::InstanceProfile", "Properties": {"Path": "/", "Roles": [{"Ref": "SlaveRole"}]}}, "MasterServerGroup": {"Type": "AWS::AutoScaling::AutoScalingGroup", "DependsOn": "GatewayToInternet", "Properties": {"AvailabilityZones": [{"Fn::GetAtt": ["PublicSubnet", "AvailabilityZone"]}], "LaunchConfigurationName": {"Ref": "MasterLaunchConfig"}, "MinSize": 1, "MaxSize": 1, "DesiredCapacity": 1, "LoadBalancerNames": [{"Ref": "ElasticLoadBalancer"}, {"Ref": "InternalMasterLoadBalancer"}], "VPCZoneIdentifier": [{"Ref": "PublicSubnet"}], "Tags": [{"Key": "role", "Value": "mesos-master", "PropagateAtLaunch": "true"}]}, "CreationPolicy": {"ResourceSignal": {"Timeout": {"Fn::FindInMap": ["Parameters", "StackCreationTimeout", "default"]}, "Count": 1}}}, "MasterLaunchConfig": {"Type": "AWS::AutoScaling::LaunchConfiguration", "Properties": {"KeyName": {"Ref": "KeyName"}, "ImageId": {"Fn::FindInMap": ["RegionToAmi", {"Ref": "AWS::Region"}, "stable"]}, "BlockDeviceMappings": [{"DeviceName": "/dev/xvda", "Ebs": {"VolumeSize": 150, "VolumeType": "gp2", "DeleteOnTermination": true}}, {"DeviceName": "/dev/xvdb", "Ebs": {"VolumeSize": 80, "VolumeType": "gp2", "DeleteOnTermination": true}}], "SecurityGroups": [{"Ref": "MasterSecurityGroup"}, {"Ref": "AdminSecurityGroup"}], "IamInstanceProfile": {"Ref": "MasterInstanceProfile"}, "AssociatePublicIpAddress": "true", "EbsOptimized": "true", "InstanceType": {"Ref": "DefaultInstanceType"}, "UserData": {"Fn::Base64": {"Fn::Join": ["", ["#cloud-config", "\n", "\"coreos\":", "\n", " \"units\":", "\n", " - \"command\": |-", "\n", " start", "\n", " \"content\": |", "\n", " [Unit]", "\n", " Description=AWS Setup: Formats the /var/lib ephemeral drive", "\n", " Before=var-lib.mount dbus.service", "\n", " [Service]", "\n", " Type=oneshot", "\n", " RemainAfterExit=yes", "\n", " ExecStart=/bin/bash -c \"(blkid -t TYPE=ext4 | grep xvdb) || (/usr/sbin/mkfs.ext4 -F /dev/xvdb)\"", "\n", " \"name\": |-", "\n", " format-var-lib-ephemeral.service", "\n", " - \"command\": |-", "\n", " start", "\n", " \"content\": |", "\n", " [Unit]", "\n", " Description=AWS Setup: Mount /var/lib", "\n", " Before=dbus.service", "\n", " [Mount]", "\n", " What=/dev/xvdb", "\n", " Where=/var/lib", "\n", " Type=ext4", "\n", " \"name\": |-", "\n", " var-lib.mount", "\n", " - \"command\": |-", "\n", " stop", "\n", " \"mask\": !!bool |-", "\n", " true", "\n", " \"name\": |-", "\n", " etcd.service", "\n", " - \"command\": |-", "\n", " stop", "\n", " \"mask\": !!bool |-", "\n", " true", "\n", " \"name\": |-", "\n", " update-engine.service", "\n", " - \"command\": |-", "\n", " stop", "\n", " \"mask\": !!bool |-", "\n", " true", "\n", " \"name\": |-", "\n", " locksmithd.service", "\n", " - \"command\": |-", "\n", " restart", "\n", " \"name\": |-", "\n", " systemd-journald.service", "\n", " - \"command\": |-", "\n", " restart", "\n", " \"name\": |-", "\n", " docker.service", "\n", " - \"command\": |-", "\n", " start", "\n", " \"content\": |", "\n", " [Unit]", "\n", " Before=dcos.target", "\n", " [Service]", "\n", " Type=oneshot", "\n", " StandardOutput=journal+console", "\n", " StandardError=journal+console", "\n", " ExecStartPre=/usr/bin/mkdir -p /etc/profile.d", "\n", " ExecStart=/usr/bin/ln -sf /opt/mesosphere/bin/add_dcos_path.sh /etc/profile.d/dcos.sh", "\n", " \"name\": |-", "\n", " dcos-link-env.service", "\n", " - \"content\": |", "\n", " [Unit]", "\n", " Description=Pkgpanda: Download DC/OS to this host.", "\n", " After=network-online.target", "\n", " Wants=network-online.target", "\n", " ConditionPathExists=!/opt/mesosphere/active/", "\n", " [Service]", "\n", " Type=oneshot", "\n", " StandardOutput=journal+console", "\n", " StandardError=journal+console", "\n", " ExecStartPre=/usr/bin/curl --keepalive-time 2 -fLsSv --retry 20 -Y 100000 -y 60 -o /tmp/bootstrap.tar.xz https://s3.amazonaws.com/downloads.mesosphere.io/dcos-enterprise-aws-advanced/testing/1.11.5/permissive/bootstrap/d712f32036ba9aaa916dd8f109f24c628c64e893.bootstrap.tar.xz", "\n", " ExecStartPre=/usr/bin/mkdir -p /opt/mesosphere", "\n", " ExecStart=/usr/bin/tar -axf /tmp/bootstrap.tar.xz -C /opt/mesosphere", "\n", " ExecStartPost=-/usr/bin/rm -f /tmp/bootstrap.tar.xz", "\n", " \"name\": |-", "\n", " dcos-download.service", "\n", " - \"command\": |-", "\n", " start", "\n", " \"content\": |", "\n", " [Unit]", "\n", " Description=Pkgpanda: Specialize DC/OS for this host.", "\n", " Requires=dcos-download.service", "\n", " After=dcos-download.service", "\n", " [Service]", "\n", " Type=oneshot", "\n", " StandardOutput=journal+console", "\n", " StandardError=journal+console", "\n", " EnvironmentFile=/opt/mesosphere/environment", "\n", " ExecStart=/opt/mesosphere/bin/pkgpanda setup --no-block-systemd", "\n", " [Install]", "\n", " WantedBy=multi-user.target", "\n", " \"enable\": !!bool |-", "\n", " true", "\n", " \"name\": |-", "\n", " dcos-setup.service", "\n", " \"no_block\": !!bool |-", "\n", " true", "\n", " - \"command\": |-", "\n", " start", "\n", " \"content\": |-", "\n", " [Unit]", "\n", " Description=AWS Setup: Signal CloudFormation Success", "\n", " ConditionPathExists=!/var/lib/dcos-cfn-signal", "\n", " [Service]", "\n", " Type=simple", "\n", " Restart=on-failure", "\n", " StartLimitInterval=0", "\n", " RestartSec=15s", "\n", " EnvironmentFile=/opt/mesosphere/environment", "\n", " EnvironmentFile=/opt/mesosphere/etc/cfn_signal_metadata", "\n", " Environment=\"AWS_CFN_SIGNAL_THIS_RESOURCE=MasterServerGroup\"", "\n", " ExecStartPre=/bin/ping -c1 leader.mesos", "\n", " ExecStartPre=/opt/mesosphere/bin/dcos-diagnostics check node-poststart", "\n", " ExecStartPre=/opt/mesosphere/bin/cfn-signal", "\n", " ExecStart=/usr/bin/touch /var/lib/dcos-cfn-signal", "\n", " \"name\": |-", "\n", " dcos-cfn-signal.service", "\n", " \"no_block\": !!bool |-", "\n", " true", "\n", " \"update\":", "\n", " \"reboot-strategy\": |-", "\n", " off", "\n", "\"write_files\":", "\n", "- \"content\": |", "\n", " https://s3.amazonaws.com/downloads.mesosphere.io/dcos-enterprise-aws-advanced/testing/1.11.5/permissive", "\n", " \"owner\": |-", "\n", " root", "\n", " \"path\": |-", "\n", " /etc/mesosphere/setup-flags/repository-url", "\n", " \"permissions\": |-", "\n", " 0644", "\n", "- \"content\": |", "\n", " 8a5913571bee7cd29ec5b7d09ea740cbcbb77942", "\n", " \"owner\": |-", "\n", " root", "\n", " \"path\": |-", "\n", " /etc/mesosphere/setup-flags/cluster-package-list", "\n", " \"permissions\": |-", "\n", " 0644", "\n", "- \"content\": |", "\n", " [Journal]", "\n", " MaxLevelConsole=warning", "\n", " RateLimitInterval=1s", "\n", " RateLimitBurst=20000", "\n", " \"owner\": |-", "\n", " root", "\n", " \"path\": |-", "\n", " /etc/systemd/journald.conf.d/dcos.conf", "\n", " \"permissions\": |-", "\n", " 0644", "\n", "- \"content\": |", "\n", " libstorage:", "\n", " integration:", "\n", " volume:", "\n", " operations:", "\n", " unmount:", "\n", " ignoreusedcount: true", "\n", " server:", "\n", " tasks:", "\n", " logTimeout: 5m", "\n", " rexray:", "\n", " loglevel: info", "\n", " service: ebs", "\n", " \"path\": |-", "\n", " /etc/rexray/config.yml", "\n", " \"permissions\": |-", "\n", " 0644", "\n", "- \"content\": |", "\n", " \"bound_values\":", "\n", " \"agent_role\": |-", "\n", " ", {"Ref": "SlaveRole"}, "\n", " \"aws_region\": |-", "\n", " ", {"Ref": "AWS::Region"}, "\n", " \"aws_stack_id\": |-", "\n", " ", {"Ref": "AWS::StackId"}, "\n", " \"aws_stack_name\": |-", "\n", " ", {"Ref": "AWS::StackName"}, "\n", " \"cluster_name\": |-", "\n", " ", {"Ref": "AWS::StackName"}, "\n", " \"exhibitor_address\": |-", "\n", " ", {"Fn::GetAtt": ["InternalMasterLoadBalancer", "DNSName"]}, "\n", " \"license_key_contents\": |-", "\n", " ", {"Ref": "LicenseKey"}, "\n", " \"master_external_loadbalancer\": |-", "\n", " ", {"Fn::GetAtt": ["ElasticLoadBalancer", "DNSName"]}, "\n", " \"master_role\": |-", "\n", " ", {"Ref": "MasterRole"}, "\n", " \"s3_bucket\": |-", "\n", " ", {"Ref": "ExhibitorS3Bucket"}, "\n", " \"s3_prefix\": |-", "\n", " ", {"Ref": "AWS::StackName"}, "\n", " \"late_bound_package_id\": |-", "\n", " dcos-provider-c8b0f5aa0ebe94250a9bc77fdfa5bdc7965ed03e-aws--setup", "\n", " \"owner\": |-", "\n", " root", "\n", " \"path\": |-", "\n", " /etc/mesosphere/setup-flags/late-config.yaml", "\n", " \"permissions\": |-", "\n", " 0644", "\n", "- \"content\": \"\"", "\n", " \"path\": |-", "\n", " /etc/mesosphere/roles/master", "\n", "- \"content\": \"\"", "\n", " \"path\": |-", "\n", " /etc/mesosphere/roles/aws_master", "\n", "- \"content\": \"\"", "\n", " \"path\": |-", "\n", " /etc/mesosphere/roles/aws", "\n"]]}}}}, "MasterSecurityGroup": {"Type": "AWS::EC2::SecurityGroup", "Properties": {"GroupDescription": "Masters", "VpcId": {"Ref": "Vpc"}, "SecurityGroupIngress": [{"IpProtocol": "tcp", "FromPort": "5050", "ToPort": "5050", "SourceSecurityGroupId": {"Ref": "LbSecurityGroup"}}, {"IpProtocol": "tcp", "FromPort": "80", "ToPort": "80", "SourceSecurityGroupId": {"Ref": "LbSecurityGroup"}}, {"IpProtocol": "tcp", "FromPort": "443", "ToPort": "443", "SourceSecurityGroupId": {"Ref": "LbSecurityGroup"}}, {"IpProtocol": "tcp", "FromPort": "8080", "ToPort": "8080", "SourceSecurityGroupId": {"Ref": "LbSecurityGroup"}}, {"IpProtocol": "tcp", "FromPort": "8181", "ToPort": "8181", "SourceSecurityGroupId": {"Ref": "LbSecurityGroup"}}, {"IpProtocol": "tcp", "FromPort": "2181", "ToPort": "2181", "SourceSecurityGroupId": {"Ref": "LbSecurityGroup"}}]}}, "MasterToMasterIngress": {"Type": "AWS::EC2::SecurityGroupIngress", "Properties": {"GroupId": {"Ref": "MasterSecurityGroup"}, "IpProtocol": "-1", "FromPort": "0", "ToPort": "65535", "SourceSecurityGroupId": {"Ref": "MasterSecurityGroup"}}}, "LbSecurityGroup": {"Type": "AWS::EC2::SecurityGroup", "Properties": {"GroupDescription": "Master LB", "VpcId": {"Ref": "Vpc"}}}, "InternalMasterLoadBalancer": {"Type": "AWS::ElasticLoadBalancing::LoadBalancer", "Properties": {"SecurityGroups": [{"Ref": "LbSecurityGroup"}, {"Ref": "AdminSecurityGroup"}, {"Ref": "SlaveSecurityGroup"}, {"Ref": "PublicSlaveSecurityGroup"}, {"Ref": "MasterSecurityGroup"}], "Subnets": [{"Ref": "PublicSubnet"}], "Scheme": "internal", "Listeners": [{"LoadBalancerPort": "5050", "Protocol": "HTTP", "InstancePort": "5050", "InstanceProtocol": "HTTP"}, {"LoadBalancerPort": "2181", "Protocol": "TCP", "InstancePort": "2181", "InstanceProtocol": "TCP"}, {"LoadBalancerPort": "8181", "Protocol": "HTTP", "InstancePort": "8181", "InstanceProtocol": "HTTP"}, {"LoadBalancerPort": "80", "Protocol": "TCP", "InstancePort": "80", "InstanceProtocol": "TCP"}, {"LoadBalancerPort": "443", "Protocol": "TCP", "InstancePort": "443", "InstanceProtocol": "TCP"}, {"LoadBalancerPort": "8080", "Protocol": "HTTP", "InstancePort": "8080", "InstanceProtocol": "HTTP"}], "HealthCheck": {"Target": "TCP:5050", "HealthyThreshold": "2", "UnhealthyThreshold": "2", "Interval": "30", "Timeout": "5"}}}, "ElasticLoadBalancer": {"Type": "AWS::ElasticLoadBalancing::LoadBalancer", "DependsOn": "GatewayToInternet", "Properties": {"SecurityGroups": [{"Ref": "LbSecurityGroup"}, {"Ref": "AdminSecurityGroup"}], "Subnets": [{"Ref": "PublicSubnet"}], "Listeners": [{"LoadBalancerPort": "80", "Protocol": "TCP", "InstancePort": "80", "InstanceProtocol": "TCP"}, {"LoadBalancerPort": "443", "Protocol": "TCP", "InstancePort": "443", "InstanceProtocol": "TCP"}], "HealthCheck": {"Target": "TCP:5050", "HealthyThreshold": "2", "UnhealthyThreshold": "2", "Interval": "30", "Timeout": "5"}}}, "PublicSlaveLoadBalancer": {"Type": "AWS::ElasticLoadBalancing::LoadBalancer", "DependsOn": "GatewayToInternet", "Properties": {"SecurityGroups": [{"Ref": "PublicSlaveSecurityGroup"}], "Subnets": [{"Ref": "PublicSubnet"}], "Listeners": [{"LoadBalancerPort": "80", "Protocol": "TCP", "InstancePort": "80", "InstanceProtocol": "TCP"}, {"LoadBalancerPort": "443", "Protocol": "TCP", "InstancePort": "443", "InstanceProtocol": "TCP"}], "HealthCheck": {"Target": "HTTP:9090/_haproxy_health_check", "HealthyThreshold": "2", "UnhealthyThreshold": "2", "Interval": "5", "Timeout": "2"}}}, "SlaveServerGroup": {"Type": "AWS::AutoScaling::AutoScalingGroup", "DependsOn": ["PrivateOutboundNetworkAclEntry", "NATInstance"], "Properties": {"AvailabilityZones": [{"Fn::GetAtt": ["PrivateSubnet", "AvailabilityZone"]}], "LaunchConfigurationName": {"Ref": "SlaveLaunchConfig"}, "MinSize": {"Ref": "SlaveInstanceCount"}, "MaxSize": {"Ref": "SlaveInstanceCount"}, "DesiredCapacity": {"Ref": "SlaveInstanceCount"}, "VPCZoneIdentifier": [{"Ref": "PrivateSubnet"}], "Tags": [{"Key": "role", "Value": "mesos-slave", "PropagateAtLaunch": "true"}]}, "CreationPolicy": {"ResourceSignal": {"Timeout": {"Fn::FindInMap": ["Parameters", "StackCreationTimeout", "default"]}, "Count": {"Ref": "SlaveInstanceCount"}}}}, "SlaveLaunchConfig": {"Type": "AWS::AutoScaling::LaunchConfiguration", "Properties": {"KeyName": {"Ref": "KeyName"}, "ImageId": {"Fn::FindInMap": ["RegionToAmi", {"Ref": "AWS::Region"}, "stable"]}, "BlockDeviceMappings": [{"DeviceName": "/dev/xvda", "Ebs": {"VolumeSize": 150, "VolumeType": "gp2", "DeleteOnTermination": true}}, {"DeviceName": "/dev/xvdb", "Ebs": {"VolumeSize": 80, "VolumeType": "gp2", "DeleteOnTermination": true}}], "SecurityGroups": [{"Ref": "SlaveSecurityGroup"}], "IamInstanceProfile": {"Ref": "SlaveInstanceProfile"}, "EbsOptimized": "true", "AssociatePublicIpAddress": "false", "InstanceType": {"Ref": "DefaultInstanceType"}, "UserData": {"Fn::Base64": {"Fn::Join": ["", ["#cloud-config", "\n", "\"coreos\":", "\n", " \"units\":", "\n", " - \"command\": |-", "\n", " start", "\n", " \"content\": |", "\n", " [Unit]", "\n", " Description=AWS Setup: Formats the /var/lib ephemeral drive", "\n", " Before=var-lib.mount dbus.service", "\n", " [Service]", "\n", " Type=oneshot", "\n", " RemainAfterExit=yes", "\n", " ExecStart=/bin/bash -c \"(blkid -t TYPE=ext4 | grep xvdb) || (/usr/sbin/mkfs.ext4 -F /dev/xvdb)\"", "\n", " \"name\": |-", "\n", " format-var-lib-ephemeral.service", "\n", " - \"command\": |-", "\n", " start", "\n", " \"content\": |", "\n", " [Unit]", "\n", " Description=AWS Setup: Mount /var/lib", "\n", " Before=dbus.service", "\n", " [Mount]", "\n", " What=/dev/xvdb", "\n", " Where=/var/lib", "\n", " Type=ext4", "\n", " \"name\": |-", "\n", " var-lib.mount", "\n", " - \"command\": |-", "\n", " stop", "\n", " \"mask\": !!bool |-", "\n", " true", "\n", " \"name\": |-", "\n", " etcd.service", "\n", " - \"command\": |-", "\n", " stop", "\n", " \"mask\": !!bool |-", "\n", " true", "\n", " \"name\": |-", "\n", " update-engine.service", "\n", " - \"command\": |-", "\n", " stop", "\n", " \"mask\": !!bool |-", "\n", " true", "\n", " \"name\": |-", "\n", " locksmithd.service", "\n", " - \"command\": |-", "\n", " restart", "\n", " \"name\": |-", "\n", " systemd-journald.service", "\n", " - \"command\": |-", "\n", " restart", "\n", " \"name\": |-", "\n", " docker.service", "\n", " - \"command\": |-", "\n", " start", "\n", " \"content\": |", "\n", " [Unit]", "\n", " Before=dcos.target", "\n", " [Service]", "\n", " Type=oneshot", "\n", " StandardOutput=journal+console", "\n", " StandardError=journal+console", "\n", " ExecStartPre=/usr/bin/mkdir -p /etc/profile.d", "\n", " ExecStart=/usr/bin/ln -sf /opt/mesosphere/bin/add_dcos_path.sh /etc/profile.d/dcos.sh", "\n", " \"name\": |-", "\n", " dcos-link-env.service", "\n", " - \"content\": |", "\n", " [Unit]", "\n", " Description=Pkgpanda: Download DC/OS to this host.", "\n", " After=network-online.target", "\n", " Wants=network-online.target", "\n", " ConditionPathExists=!/opt/mesosphere/active/", "\n", " [Service]", "\n", " Type=oneshot", "\n", " StandardOutput=journal+console", "\n", " StandardError=journal+console", "\n", " ExecStartPre=/usr/bin/curl --keepalive-time 2 -fLsSv --retry 20 -Y 100000 -y 60 -o /tmp/bootstrap.tar.xz https://s3.amazonaws.com/downloads.mesosphere.io/dcos-enterprise-aws-advanced/testing/1.11.5/permissive/bootstrap/d712f32036ba9aaa916dd8f109f24c628c64e893.bootstrap.tar.xz", "\n", " ExecStartPre=/usr/bin/mkdir -p /opt/mesosphere", "\n", " ExecStart=/usr/bin/tar -axf /tmp/bootstrap.tar.xz -C /opt/mesosphere", "\n", " ExecStartPost=-/usr/bin/rm -f /tmp/bootstrap.tar.xz", "\n", " \"name\": |-", "\n", " dcos-download.service", "\n", " - \"command\": |-", "\n", " start", "\n", " \"content\": |", "\n", " [Unit]", "\n", " Description=Pkgpanda: Specialize DC/OS for this host.", "\n", " Requires=dcos-download.service", "\n", " After=dcos-download.service", "\n", " [Service]", "\n", " Type=oneshot", "\n", " StandardOutput=journal+console", "\n", " StandardError=journal+console", "\n", " EnvironmentFile=/opt/mesosphere/environment", "\n", " ExecStart=/opt/mesosphere/bin/pkgpanda setup --no-block-systemd", "\n", " [Install]", "\n", " WantedBy=multi-user.target", "\n", " \"enable\": !!bool |-", "\n", " true", "\n", " \"name\": |-", "\n", " dcos-setup.service", "\n", " \"no_block\": !!bool |-", "\n", " true", "\n", " - \"command\": |-", "\n", " start", "\n", " \"content\": |-", "\n", " [Unit]", "\n", " Description=AWS Setup: Signal CloudFormation Success", "\n", " ConditionPathExists=!/var/lib/dcos-cfn-signal", "\n", " [Service]", "\n", " Type=simple", "\n", " Restart=on-failure", "\n", " StartLimitInterval=0", "\n", " RestartSec=15s", "\n", " EnvironmentFile=/opt/mesosphere/environment", "\n", " EnvironmentFile=/opt/mesosphere/etc/cfn_signal_metadata", "\n", " Environment=\"AWS_CFN_SIGNAL_THIS_RESOURCE=SlaveServerGroup\"", "\n", " ExecStartPre=/bin/ping -c1 leader.mesos", "\n", " ExecStartPre=/opt/mesosphere/bin/dcos-diagnostics check node-poststart", "\n", " ExecStartPre=/opt/mesosphere/bin/cfn-signal", "\n", " ExecStart=/usr/bin/touch /var/lib/dcos-cfn-signal", "\n", " \"name\": |-", "\n", " dcos-cfn-signal.service", "\n", " \"no_block\": !!bool |-", "\n", " true", "\n", " \"update\":", "\n", " \"reboot-strategy\": |-", "\n", " off", "\n", "\"write_files\":", "\n", "- \"content\": |", "\n", " https://s3.amazonaws.com/downloads.mesosphere.io/dcos-enterprise-aws-advanced/testing/1.11.5/permissive", "\n", " \"owner\": |-", "\n", " root", "\n", " \"path\": |-", "\n", " /etc/mesosphere/setup-flags/repository-url", "\n", " \"permissions\": |-", "\n", " 0644", "\n", "- \"content\": |", "\n", " 8a5913571bee7cd29ec5b7d09ea740cbcbb77942", "\n", " \"owner\": |-", "\n", " root", "\n", " \"path\": |-", "\n", " /etc/mesosphere/setup-flags/cluster-package-list", "\n", " \"permissions\": |-", "\n", " 0644", "\n", "- \"content\": |", "\n", " [Journal]", "\n", " MaxLevelConsole=warning", "\n", " RateLimitInterval=1s", "\n", " RateLimitBurst=20000", "\n", " \"owner\": |-", "\n", " root", "\n", " \"path\": |-", "\n", " /etc/systemd/journald.conf.d/dcos.conf", "\n", " \"permissions\": |-", "\n", " 0644", "\n", "- \"content\": |", "\n", " libstorage:", "\n", " integration:", "\n", " volume:", "\n", " operations:", "\n", " unmount:", "\n", " ignoreusedcount: true", "\n", " server:", "\n", " tasks:", "\n", " logTimeout: 5m", "\n", " rexray:", "\n", " loglevel: info", "\n", " service: ebs", "\n", " \"path\": |-", "\n", " /etc/rexray/config.yml", "\n", " \"permissions\": |-", "\n", " 0644", "\n", "- \"content\": |", "\n", " \"bound_values\":", "\n", " \"agent_role\": |-", "\n", " ", {"Ref": "SlaveRole"}, "\n", " \"aws_region\": |-", "\n", " ", {"Ref": "AWS::Region"}, "\n", " \"aws_stack_id\": |-", "\n", " ", {"Ref": "AWS::StackId"}, "\n", " \"aws_stack_name\": |-", "\n", " ", {"Ref": "AWS::StackName"}, "\n", " \"cluster_name\": |-", "\n", " ", {"Ref": "AWS::StackName"}, "\n", " \"exhibitor_address\": |-", "\n", " ", {"Fn::GetAtt": ["InternalMasterLoadBalancer", "DNSName"]}, "\n", " \"license_key_contents\": |-", "\n", " ", {"Ref": "LicenseKey"}, "\n", " \"master_external_loadbalancer\": |-", "\n", " ", {"Fn::GetAtt": ["ElasticLoadBalancer", "DNSName"]}, "\n", " \"master_role\": |-", "\n", " ", {"Ref": "MasterRole"}, "\n", " \"s3_bucket\": |-", "\n", " ", {"Ref": "ExhibitorS3Bucket"}, "\n", " \"s3_prefix\": |-", "\n", " ", {"Ref": "AWS::StackName"}, "\n", " \"late_bound_package_id\": |-", "\n", " dcos-provider-c8b0f5aa0ebe94250a9bc77fdfa5bdc7965ed03e-aws--setup", "\n", " \"owner\": |-", "\n", " root", "\n", " \"path\": |-", "\n", " /etc/mesosphere/setup-flags/late-config.yaml", "\n", " \"permissions\": |-", "\n", " 0644", "\n", "- \"content\": \"\"", "\n", " \"path\": |-", "\n", " /etc/mesosphere/roles/slave", "\n", "- \"content\": \"\"", "\n", " \"path\": |-", "\n", " /etc/mesosphere/roles/aws", "\n"]]}}}}, "PublicSlaveServerGroup": {"Type": "AWS::AutoScaling::AutoScalingGroup", "DependsOn": "GatewayToInternet", "Properties": {"AvailabilityZones": [{"Fn::GetAtt": ["PublicSubnet", "AvailabilityZone"]}], "LaunchConfigurationName": {"Ref": "PublicSlaveLaunchConfig"}, "MinSize": {"Ref": "PublicSlaveInstanceCount"}, "MaxSize": {"Ref": "PublicSlaveInstanceCount"}, "DesiredCapacity": {"Ref": "PublicSlaveInstanceCount"}, "LoadBalancerNames": [{"Ref": "PublicSlaveLoadBalancer"}], "VPCZoneIdentifier": [{"Ref": "PublicSubnet"}], "Tags": [{"Key": "role", "Value": "mesos-slave", "PropagateAtLaunch": "true"}]}, "CreationPolicy": {"ResourceSignal": {"Timeout": {"Fn::FindInMap": ["Parameters", "StackCreationTimeout", "default"]}, "Count": {"Ref": "PublicSlaveInstanceCount"}}}}, "PublicSlaveLaunchConfig": {"Type": "AWS::AutoScaling::LaunchConfiguration", "Properties": {"KeyName": {"Ref": "KeyName"}, "ImageId": {"Fn::FindInMap": ["RegionToAmi", {"Ref": "AWS::Region"}, "stable"]}, "BlockDeviceMappings": [{"DeviceName": "/dev/xvda", "Ebs": {"VolumeSize": 150, "VolumeType": "gp2", "DeleteOnTermination": true}}, {"DeviceName": "/dev/xvdb", "Ebs": {"VolumeSize": 80, "VolumeType": "gp2", "DeleteOnTermination": true}}], "SecurityGroups": [{"Ref": "PublicSlaveSecurityGroup"}], "IamInstanceProfile": {"Ref": "SlaveInstanceProfile"}, "AssociatePublicIpAddress": "true", "EbsOptimized": "true", "InstanceType": {"Ref": "DefaultInstanceType"}, "UserData": {"Fn::Base64": {"Fn::Join": ["", ["#cloud-config", "\n", "\"coreos\":", "\n", " \"units\":", "\n", " - \"command\": |-", "\n", " start", "\n", " \"content\": |", "\n", " [Unit]", "\n", " Description=AWS Setup: Formats the /var/lib ephemeral drive", "\n", " Before=var-lib.mount dbus.service", "\n", " [Service]", "\n", " Type=oneshot", "\n", " RemainAfterExit=yes", "\n", " ExecStart=/bin/bash -c \"(blkid -t TYPE=ext4 | grep xvdb) || (/usr/sbin/mkfs.ext4 -F /dev/xvdb)\"", "\n", " \"name\": |-", "\n", " format-var-lib-ephemeral.service", "\n", " - \"command\": |-", "\n", " start", "\n", " \"content\": |", "\n", " [Unit]", "\n", " Description=AWS Setup: Mount /var/lib", "\n", " Before=dbus.service", "\n", " [Mount]", "\n", " What=/dev/xvdb", "\n", " Where=/var/lib", "\n", " Type=ext4", "\n", " \"name\": |-", "\n", " var-lib.mount", "\n", " - \"command\": |-", "\n", " stop", "\n", " \"mask\": !!bool |-", "\n", " true", "\n", " \"name\": |-", "\n", " etcd.service", "\n", " - \"command\": |-", "\n", " stop", "\n", " \"mask\": !!bool |-", "\n", " true", "\n", " \"name\": |-", "\n", " update-engine.service", "\n", " - \"command\": |-", "\n", " stop", "\n", " \"mask\": !!bool |-", "\n", " true", "\n", " \"name\": |-", "\n", " locksmithd.service", "\n", " - \"command\": |-", "\n", " restart", "\n", " \"name\": |-", "\n", " systemd-journald.service", "\n", " - \"command\": |-", "\n", " restart", "\n", " \"name\": |-", "\n", " docker.service", "\n", " - \"command\": |-", "\n", " start", "\n", " \"content\": |", "\n", " [Unit]", "\n", " Before=dcos.target", "\n", " [Service]", "\n", " Type=oneshot", "\n", " StandardOutput=journal+console", "\n", " StandardError=journal+console", "\n", " ExecStartPre=/usr/bin/mkdir -p /etc/profile.d", "\n", " ExecStart=/usr/bin/ln -sf /opt/mesosphere/bin/add_dcos_path.sh /etc/profile.d/dcos.sh", "\n", " \"name\": |-", "\n", " dcos-link-env.service", "\n", " - \"content\": |", "\n", " [Unit]", "\n", " Description=Pkgpanda: Download DC/OS to this host.", "\n", " After=network-online.target", "\n", " Wants=network-online.target", "\n", " ConditionPathExists=!/opt/mesosphere/active/", "\n", " [Service]", "\n", " Type=oneshot", "\n", " StandardOutput=journal+console", "\n", " StandardError=journal+console", "\n", " ExecStartPre=/usr/bin/curl --keepalive-time 2 -fLsSv --retry 20 -Y 100000 -y 60 -o /tmp/bootstrap.tar.xz https://s3.amazonaws.com/downloads.mesosphere.io/dcos-enterprise-aws-advanced/testing/1.11.5/permissive/bootstrap/d712f32036ba9aaa916dd8f109f24c628c64e893.bootstrap.tar.xz", "\n", " ExecStartPre=/usr/bin/mkdir -p /opt/mesosphere", "\n", " ExecStart=/usr/bin/tar -axf /tmp/bootstrap.tar.xz -C /opt/mesosphere", "\n", " ExecStartPost=-/usr/bin/rm -f /tmp/bootstrap.tar.xz", "\n", " \"name\": |-", "\n", " dcos-download.service", "\n", " - \"command\": |-", "\n", " start", "\n", " \"content\": |", "\n", " [Unit]", "\n", " Description=Pkgpanda: Specialize DC/OS for this host.", "\n", " Requires=dcos-download.service", "\n", " After=dcos-download.service", "\n", " [Service]", "\n", " Type=oneshot", "\n", " StandardOutput=journal+console", "\n", " StandardError=journal+console", "\n", " EnvironmentFile=/opt/mesosphere/environment", "\n", " ExecStart=/opt/mesosphere/bin/pkgpanda setup --no-block-systemd", "\n", " [Install]", "\n", " WantedBy=multi-user.target", "\n", " \"enable\": !!bool |-", "\n", " true", "\n", " \"name\": |-", "\n", " dcos-setup.service", "\n", " \"no_block\": !!bool |-", "\n", " true", "\n", " - \"command\": |-", "\n", " start", "\n", " \"content\": |-", "\n", " [Unit]", "\n", " Description=AWS Setup: Signal CloudFormation Success", "\n", " ConditionPathExists=!/var/lib/dcos-cfn-signal", "\n", " [Service]", "\n", " Type=simple", "\n", " Restart=on-failure", "\n", " StartLimitInterval=0", "\n", " RestartSec=15s", "\n", " EnvironmentFile=/opt/mesosphere/environment", "\n", " EnvironmentFile=/opt/mesosphere/etc/cfn_signal_metadata", "\n", " Environment=\"AWS_CFN_SIGNAL_THIS_RESOURCE=PublicSlaveServerGroup\"", "\n", " ExecStartPre=/bin/ping -c1 leader.mesos", "\n", " ExecStartPre=/opt/mesosphere/bin/dcos-diagnostics check node-poststart", "\n", " ExecStartPre=/opt/mesosphere/bin/cfn-signal", "\n", " ExecStart=/usr/bin/touch /var/lib/dcos-cfn-signal", "\n", " \"name\": |-", "\n", " dcos-cfn-signal.service", "\n", " \"no_block\": !!bool |-", "\n", " true", "\n", " \"update\":", "\n", " \"reboot-strategy\": |-", "\n", " off", "\n", "\"write_files\":", "\n", "- \"content\": |", "\n", " https://s3.amazonaws.com/downloads.mesosphere.io/dcos-enterprise-aws-advanced/testing/1.11.5/permissive", "\n", " \"owner\": |-", "\n", " root", "\n", " \"path\": |-", "\n", " /etc/mesosphere/setup-flags/repository-url", "\n", " \"permissions\": |-", "\n", " 0644", "\n", "- \"content\": |", "\n", " 8a5913571bee7cd29ec5b7d09ea740cbcbb77942", "\n", " \"owner\": |-", "\n", " root", "\n", " \"path\": |-", "\n", " /etc/mesosphere/setup-flags/cluster-package-list", "\n", " \"permissions\": |-", "\n", " 0644", "\n", "- \"content\": |", "\n", " [Journal]", "\n", " MaxLevelConsole=warning", "\n", " RateLimitInterval=1s", "\n", " RateLimitBurst=20000", "\n", " \"owner\": |-", "\n", " root", "\n", " \"path\": |-", "\n", " /etc/systemd/journald.conf.d/dcos.conf", "\n", " \"permissions\": |-", "\n", " 0644", "\n", "- \"content\": |", "\n", " libstorage:", "\n", " integration:", "\n", " volume:", "\n", " operations:", "\n", " unmount:", "\n", " ignoreusedcount: true", "\n", " server:", "\n", " tasks:", "\n", " logTimeout: 5m", "\n", " rexray:", "\n", " loglevel: info", "\n", " service: ebs", "\n", " \"path\": |-", "\n", " /etc/rexray/config.yml", "\n", " \"permissions\": |-", "\n", " 0644", "\n", "- \"content\": |", "\n", " \"bound_values\":", "\n", " \"agent_role\": |-", "\n", " ", {"Ref": "SlaveRole"}, "\n", " \"aws_region\": |-", "\n", " ", {"Ref": "AWS::Region"}, "\n", " \"aws_stack_id\": |-", "\n", " ", {"Ref": "AWS::StackId"}, "\n", " \"aws_stack_name\": |-", "\n", " ", {"Ref": "AWS::StackName"}, "\n", " \"cluster_name\": |-", "\n", " ", {"Ref": "AWS::StackName"}, "\n", " \"exhibitor_address\": |-", "\n", " ", {"Fn::GetAtt": ["InternalMasterLoadBalancer", "DNSName"]}, "\n", " \"license_key_contents\": |-", "\n", " ", {"Ref": "LicenseKey"}, "\n", " \"master_external_loadbalancer\": |-", "\n", " ", {"Fn::GetAtt": ["ElasticLoadBalancer", "DNSName"]}, "\n", " \"master_role\": |-", "\n", " ", {"Ref": "MasterRole"}, "\n", " \"s3_bucket\": |-", "\n", " ", {"Ref": "ExhibitorS3Bucket"}, "\n", " \"s3_prefix\": |-", "\n", " ", {"Ref": "AWS::StackName"}, "\n", " \"late_bound_package_id\": |-", "\n", " dcos-provider-c8b0f5aa0ebe94250a9bc77fdfa5bdc7965ed03e-aws--setup", "\n", " \"owner\": |-", "\n", " root", "\n", " \"path\": |-", "\n", " /etc/mesosphere/setup-flags/late-config.yaml", "\n", " \"permissions\": |-", "\n", " 0644", "\n", "- \"content\": \"\"", "\n", " \"path\": |-", "\n", " /etc/mesosphere/roles/slave_public", "\n", "- \"content\": \"\"", "\n", " \"path\": |-", "\n", " /etc/mesosphere/roles/aws", "\n"]]}}}}, "SlaveSecurityGroup": {"Type": "AWS::EC2::SecurityGroup", "Properties": {"GroupDescription": "Slaves", "VpcId": {"Ref": "Vpc"}}}, "MasterToSlaveIngress": {"Type": "AWS::EC2::SecurityGroupIngress", "Properties": {"GroupId": {"Ref": "SlaveSecurityGroup"}, "IpProtocol": "-1", "FromPort": "0", "ToPort": "65535", "SourceSecurityGroupId": {"Ref": "MasterSecurityGroup"}}}, "SlaveToMasterIngress": {"Type": "AWS::EC2::SecurityGroupIngress", "Properties": {"GroupId": {"Ref": "MasterSecurityGroup"}, "IpProtocol": "-1", "FromPort": "0", "ToPort": "65535", "SourceSecurityGroupId": {"Ref": "SlaveSecurityGroup"}}}, "SlaveToMasterLBIngress": {"Type": "AWS::EC2::SecurityGroupIngress", "Properties": {"GroupId": {"Ref": "LbSecurityGroup"}, "IpProtocol": "tcp", "FromPort": "2181", "ToPort": "2181", "SourceSecurityGroupId": {"Ref": "SlaveSecurityGroup"}}}, "SlaveToSlaveIngress": {"Type": "AWS::EC2::SecurityGroupIngress", "Properties": {"GroupId": {"Ref": "SlaveSecurityGroup"}, "IpProtocol": "-1", "FromPort": "0", "ToPort": "65535", "SourceSecurityGroupId": {"Ref": "SlaveSecurityGroup"}}}, "PublicSlaveToSlaveIngress": {"Type": "AWS::EC2::SecurityGroupIngress", "Properties": {"GroupId": {"Ref": "SlaveSecurityGroup"}, "IpProtocol": "-1", "FromPort": "0", "ToPort": "65535", "SourceSecurityGroupId": {"Ref": "PublicSlaveSecurityGroup"}}}, "SlaveToPublicSlaveIngress": {"Type": "AWS::EC2::SecurityGroupIngress", "Properties": {"GroupId": {"Ref": "PublicSlaveSecurityGroup"}, "IpProtocol": "-1", "FromPort": "0", "ToPort": "65535", "SourceSecurityGroupId": {"Ref": "SlaveSecurityGroup"}}}, "PublicSlaveToPublicSlaveIngress": {"Type": "AWS::EC2::SecurityGroupIngress", "Properties": {"GroupId": {"Ref": "PublicSlaveSecurityGroup"}, "IpProtocol": "-1", "FromPort": "0", "ToPort": "65535", "SourceSecurityGroupId": {"Ref": "PublicSlaveSecurityGroup"}}}, "PublicSlaveSecurityGroup": {"Type": "AWS::EC2::SecurityGroup", "Properties": {"GroupDescription": "Public slave", "VpcId": {"Ref": "Vpc"}}}, "MasterToPublicSlaveIngress": {"Type": "AWS::EC2::SecurityGroupIngress", "Properties": {"GroupId": {"Ref": "PublicSlaveSecurityGroup"}, "IpProtocol": "-1", "FromPort": "0", "ToPort": "65535", "SourceSecurityGroupId": {"Ref": "MasterSecurityGroup"}}}, "PublicSlaveToMasterIngress": {"Type": "AWS::EC2::SecurityGroupIngress", "Properties": {"GroupId": {"Ref": "MasterSecurityGroup"}, "IpProtocol": "-1", "FromPort": "0", "ToPort": "65535", "SourceSecurityGroupId": {"Ref": "PublicSlaveSecurityGroup"}}}, "PublicSlaveIngressOne": {"Type": "AWS::EC2::SecurityGroupIngress", "Properties": {"GroupId": {"Ref": "PublicSlaveSecurityGroup"}, "IpProtocol": "tcp", "FromPort": "0", "ToPort": "21", "CidrIp": "0.0.0.0/0"}}, "PublicSlaveIngressTwo": {"Type": "AWS::EC2::SecurityGroupIngress", "Properties": {"GroupId": {"Ref": "PublicSlaveSecurityGroup"}, "IpProtocol": "tcp", "FromPort": "23", "ToPort": "5050", "CidrIp": "0.0.0.0/0"}}, "PublicSlaveIngressThree": {"Type": "AWS::EC2::SecurityGroupIngress", "Properties": {"GroupId": {"Ref": "PublicSlaveSecurityGroup"}, "IpProtocol": "tcp", "FromPort": "5052", "ToPort": "32000", "CidrIp": "0.0.0.0/0"}}, "PublicSlaveIngressFour": {"Type": "AWS::EC2::SecurityGroupIngress", "Properties": {"GroupId": {"Ref": "PublicSlaveSecurityGroup"}, "IpProtocol": "udp", "FromPort": "0", "ToPort": "21", "CidrIp": "0.0.0.0/0"}}, "PublicSlaveIngressFive": {"Type": "AWS::EC2::SecurityGroupIngress", "Properties": {"GroupId": {"Ref": "PublicSlaveSecurityGroup"}, "IpProtocol": "udp", "FromPort": "23", "ToPort": "5050", "CidrIp": "0.0.0.0/0"}}, "PublicSlaveIngressSix": {"Type": "AWS::EC2::SecurityGroupIngress", "Properties": {"GroupId": {"Ref": "PublicSlaveSecurityGroup"}, "IpProtocol": "udp", "FromPort": "5052", "ToPort": "32000", "CidrIp": "0.0.0.0/0"}}}, "Outputs": {"DnsAddress": {"Description": "Master", "Value": {"Fn::GetAtt": ["ElasticLoadBalancer", "DNSName"]}}, "PublicSlaveDnsAddress": {"Description": "Public slaves", "Value": {"Fn::GetAtt": ["PublicSlaveLoadBalancer", "DNSName"]}}, "ExhibitorS3Bucket": {"Description": "Exhibitor bucket", "Value": {"Ref": "ExhibitorS3Bucket"}}}} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment