Created
October 30, 2015 18:38
-
-
Save kykl/9221c261a1cfb5a77325 to your computer and use it in GitHub Desktop.
Mesosphere CloudFront Using m3.medium as slaves
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "Mappings": { | |
| "RegionToAmi": { | |
| "ap-southeast-2": { | |
| "stable": "ami-8f88c8b5" | |
| }, | |
| "us-east-1": { | |
| "stable": "ami-3d73d356" | |
| }, | |
| "eu-central-1": { | |
| "stable": "ami-bececaa3" | |
| }, | |
| "us-west-2": { | |
| "stable": "ami-85ada4b5" | |
| }, | |
| "eu-west-1": { | |
| "stable": "ami-0e104179" | |
| }, | |
| "sa-east-1": { | |
| "stable": "ami-11e9600c" | |
| }, | |
| "us-gov-west-1": { | |
| "stable": "ami-c75033e4" | |
| }, | |
| "ap-southeast-1": { | |
| "stable": "ami-b6d8d4e4" | |
| }, | |
| "us-west-1": { | |
| "stable": "ami-1db04f59" | |
| }, | |
| "ap-northeast-1": { | |
| "stable": "ami-f2338ff2" | |
| } | |
| }, | |
| "NATAmi": { | |
| "ap-southeast-2": { | |
| "default": "ami-996402a3" | |
| }, | |
| "us-east-1": { | |
| "default": "ami-4c9e4b24" | |
| }, | |
| "eu-central-1": { | |
| "default": "ami-204c7a3d" | |
| }, | |
| "us-west-2": { | |
| "default": "ami-bb69128b" | |
| }, | |
| "eu-west-1": { | |
| "default": "ami-3760b040" | |
| }, | |
| "sa-east-1": { | |
| "default": "ami-b972dba4" | |
| }, | |
| "us-west-1": { | |
| "default": "ami-2b2b296e" | |
| }, | |
| "ap-southeast-1": { | |
| "default": "ami-b082dae2" | |
| }, | |
| "ap-northeast-1": { | |
| "default": "ami-55c29e54" | |
| } | |
| }, | |
| "Parameters": { | |
| "VPCSubnetRange": { | |
| "default": "10.0.0.0/16" | |
| }, | |
| "StackCreationTimeout": { | |
| "default": "PT30M" | |
| }, | |
| "PublicSlaveInstanceType": { | |
| "default": "m3.medium" | |
| }, | |
| "PrivateSubnetRange": { | |
| "default": "10.0.0.0/22" | |
| }, | |
| "MasterInstanceType": { | |
| "default": "m3.medium" | |
| }, | |
| "SlaveInstanceType": { | |
| "default": "m3.medium" | |
| }, | |
| "PublicSubnetRange": { | |
| "default": "10.0.4.0/22" | |
| } | |
| } | |
| }, | |
| "Outputs": { | |
| "DnsAddress": { | |
| "Description": "Mesos Master", | |
| "Value": { | |
| "Fn::GetAtt": [ | |
| "ElasticLoadBalancer", | |
| "DNSName" | |
| ] | |
| } | |
| }, | |
| "PublicSlaveDnsAddress": { | |
| "Description": "Public slaves", | |
| "Value": { | |
| "Fn::GetAtt": [ | |
| "PublicSlaveLoadBalancer", | |
| "DNSName" | |
| ] | |
| } | |
| } | |
| }, | |
| "Metadata": { | |
| "TemplateGenerationDate": "2015-09-29 00:06:56.658930", | |
| "DcosImageCommit": "a4f3879466811e9fb80e1a35762aa48e74365a93" | |
| }, | |
| "Conditions": { | |
| "RegionIsUsEast1": { | |
| "Fn::Equals": [ | |
| { | |
| "Ref": "AWS::Region" | |
| }, | |
| "us-east-1" | |
| ] | |
| } | |
| }, | |
| "Resources": { | |
| "PublicSlaveIngressSix": { | |
| "Type": "AWS::EC2::SecurityGroupIngress", | |
| "Properties": { | |
| "ToPort": "65535", | |
| "CidrIp": "0.0.0.0/0", | |
| "GroupId": { | |
| "Ref": "PublicSlaveSecurityGroup" | |
| }, | |
| "IpProtocol": "udp", | |
| "FromPort": "5052" | |
| } | |
| }, | |
| "PrivateRouteTable": { | |
| "Type": "AWS::EC2::RouteTable", | |
| "Properties": { | |
| "VpcId": { | |
| "Ref": "Vpc" | |
| }, | |
| "Tags": [ | |
| { | |
| "Key": "Application", | |
| "Value": { | |
| "Ref": "AWS::StackName" | |
| } | |
| }, | |
| { | |
| "Key": "Network", | |
| "Value": "Public" | |
| } | |
| ] | |
| } | |
| }, | |
| "PrivateInboundNetworkAclEntry": { | |
| "Type": "AWS::EC2::NetworkAclEntry", | |
| "Properties": { | |
| "RuleNumber": "100", | |
| "Egress": "false", | |
| "RuleAction": "allow", | |
| "CidrBlock": "0.0.0.0/0", | |
| "Protocol": "-1", | |
| "PortRange": { | |
| "To": "65535", | |
| "From": "0" | |
| }, | |
| "NetworkAclId": { | |
| "Ref": "PrivateNetworkAcl" | |
| } | |
| } | |
| }, | |
| "SlaveLaunchConfig": { | |
| "Type": "AWS::AutoScaling::LaunchConfiguration", | |
| "Properties": { | |
| "InstanceType": { | |
| "Fn::FindInMap": [ | |
| "Parameters", | |
| "SlaveInstanceType", | |
| "default" | |
| ] | |
| }, | |
| "BlockDeviceMappings": [ | |
| { | |
| "DeviceName": "/dev/sdb", | |
| "VirtualName": "ephemeral0" | |
| } | |
| ], | |
| "ImageId": { | |
| "Fn::FindInMap": [ | |
| "RegionToAmi", | |
| { | |
| "Ref": "AWS::Region" | |
| }, | |
| "stable" | |
| ] | |
| }, | |
| "SecurityGroups": [ | |
| { | |
| "Ref": "SlaveSecurityGroup" | |
| } | |
| ], | |
| "KeyName": { | |
| "Ref": "KeyName" | |
| }, | |
| "UserData": { | |
| "Fn::Base64": { | |
| "Fn::Join": [ | |
| "", | |
| [ | |
| "#cloud-config\n", | |
| "\"coreos\":\n", | |
| " \"units\":\n", | |
| " - \"command\": |-\n", | |
| " start\n", | |
| " \"content\": |-\n", | |
| " [Unit]\n", | |
| " Description=Write out dynamic config values\n", | |
| " [Service]\n", | |
| " Type=oneshot\n", | |
| " # TODO(cmaloney): Remove these and get rid of the bits that require them.\n", | |
| " ExecStart=/usr/bin/bash -c \"echo EXHIBITOR_HOSTNAME=$(curl -s http://169.254.169.254/latest/meta-data/hostname) >> /etc/mesosphere/setup-packages/dcos-provider-aws--setup/etc/cloudenv\"\n", | |
| " ExecStart=/usr/bin/bash -c \"echo MARATHON_HOSTNAME=$(curl -s http://169.254.169.254/latest/meta-data/hostname) >> /etc/mesosphere/setup-packages/dcos-provider-aws--setup/etc/cloudenv\"\n", | |
| " \"name\": |-\n", | |
| " config-writer.service\n", | |
| " - \"command\": |-\n", | |
| " stop\n", | |
| " \"mask\": !!bool |-\n", | |
| " true\n", | |
| " \"name\": |-\n", | |
| " etcd.service\n", | |
| " - \"command\": |-\n", | |
| " stop\n", | |
| " \"mask\": !!bool |-\n", | |
| " true\n", | |
| " \"name\": |-\n", | |
| " update-engine.service\n", | |
| " - \"command\": |-\n", | |
| " stop\n", | |
| " \"mask\": !!bool |-\n", | |
| " true\n", | |
| " \"name\": |-\n", | |
| " locksmithd.service\n", | |
| " - \"command\": |-\n", | |
| " stop\n", | |
| " \"name\": |-\n", | |
| " systemd-resolved.service\n", | |
| " - \"command\": |-\n", | |
| " start\n", | |
| " \"content\": |\n", | |
| " [Unit]\n", | |
| " Description=Formats the /var/lib ephemeral drive\n", | |
| " Before=var-lib.mount dbus.service\n", | |
| " [Service]\n", | |
| " Type=oneshot\n", | |
| " RemainAfterExit=yes\n", | |
| " ExecStart=/bin/bash -c '(blkid -t TYPE=ext4 | grep xvdb) || (/usr/sbin/mkfs.ext4 -F /dev/xvdb)'\n", | |
| " \"name\": |-\n", | |
| " format-var-lib-ephemeral.service\n", | |
| " - \"command\": |-\n", | |
| " start\n", | |
| " \"content\": |-\n", | |
| " [Unit]\n", | |
| " Description=Mount /var/lib\n", | |
| " Before=dbus.service\n", | |
| " [Mount]\n", | |
| " What=/dev/xvdb\n", | |
| " Where=/var/lib\n", | |
| " Type=ext4\n", | |
| " \"name\": |-\n", | |
| " var-lib.mount\n", | |
| " - \"command\": |-\n", | |
| " start\n", | |
| " \"content\": |\n", | |
| " [Unit]\n", | |
| " Before=dcos.target\n", | |
| " [Service]\n", | |
| " Type=oneshot\n", | |
| " ExecStartPre=/usr/bin/mkdir -p /etc/profile.d\n", | |
| " ExecStart=/usr/bin/ln -sf /opt/mesosphere/environment.export /etc/profile.d/dcos.sh\n", | |
| " \"name\": |-\n", | |
| " link-env.service\n", | |
| " - \"content\": |\n", | |
| " [Unit]\n", | |
| " Description=Download the DCOS\n", | |
| " After=network-online.target\n", | |
| " Wants=network-online.target\n", | |
| " ConditionPathExists=!/opt/mesosphere/\n", | |
| " [Service]\n", | |
| " EnvironmentFile=/etc/mesosphere/setup-flags/bootstrap-id\n", | |
| " Type=oneshot\n", | |
| " ExecStartPre=/usr/bin/bash -c \"until curl -C - -o /tmp/bootstrap.tar.xz https://downloads.mesosphere.com/dcos/stable/bootstrap/${BOOTSTRAP_ID}.bootstrap.tar.xz; do echo 'failed to download'; sleep 5; done\"\n", | |
| " ExecStartPre=/usr/bin/mkdir -p /opt/mesosphere\n", | |
| " ExecStart=/usr/bin/tar -axf /tmp/bootstrap.tar.xz -C /opt/mesosphere\n", | |
| " ExecStartPost=-/usr/bin/rm -f /tmp/bootstrap.tar.xz\n", | |
| " \"name\": |-\n", | |
| " dcos-download.service\n", | |
| " - \"command\": |-\n", | |
| " start\n", | |
| " \"content\": |-\n", | |
| " [Unit]\n", | |
| " Description=Prep the Pkgpanda working directories for this host.\n", | |
| " Requires=dcos-download.service\n", | |
| " After=dcos-download.service\n", | |
| " [Service]\n", | |
| " Type=oneshot\n", | |
| " EnvironmentFile=/opt/mesosphere/environment\n", | |
| " ExecStart=/opt/mesosphere/bin/pkgpanda setup --no-block-systemd\n", | |
| " [Install]\n", | |
| " WantedBy=multi-user.target\n", | |
| " \"enable\": !!bool |-\n", | |
| " true\n", | |
| " \"name\": |-\n", | |
| " dcos-setup.service\n", | |
| " - \"command\": |-\n", | |
| " start\n", | |
| " \"content\": |-\n", | |
| " [Unit]\n", | |
| " Description=Signal CloudFormation Success\n", | |
| " After=dcos.target\n", | |
| " Requires=dcos.target\n", | |
| " ConditionPathExists=!/var/lib/dcos-cfn-signal\n", | |
| " [Service]\n", | |
| " Type=simple\n", | |
| " Restart=on-failure\n", | |
| " StartLimitInterval=0\n", | |
| " RestartSec=15s\n", | |
| " ExecStartPre=/usr/bin/docker pull mbabineau/cfn-bootstrap\n", | |
| " ExecStartPre=/bin/ping -c1 leader.mesos\n", | |
| " ExecStartPre=/usr/bin/docker run --rm mbabineau/cfn-bootstrap \\\n", | |
| " cfn-signal -e 0 \\\n", | |
| " --resource SlaveServerGroup \\\n", | |
| " --stack ", | |
| { | |
| "Ref": "AWS::StackName" | |
| }, | |
| " \\", | |
| "\n", | |
| " --region ", | |
| { | |
| "Ref": "AWS::Region" | |
| }, | |
| "", | |
| "\n", | |
| " ExecStart=/usr/bin/touch /var/lib/dcos-cfn-signal\n", | |
| " \"name\": |-\n", | |
| " dcos-cfn-signal.service\n", | |
| " \"update\":\n", | |
| " \"reboot-strategy\": |-\n", | |
| " off\n", | |
| "\"write_files\":\n", | |
| "- \"content\": |\n", | |
| " {\n", | |
| " \"environment\": {\n", | |
| " \"PROVIDER\": \"aws\"\n", | |
| " }\n", | |
| " }\n", | |
| " \"path\": |-\n", | |
| " /etc/mesosphere/setup-packages/dcos-provider-aws--setup/pkginfo.json\n", | |
| "- \"content\": |\n", | |
| " AWS_REGION=", | |
| { | |
| "Ref": "AWS::Region" | |
| }, | |
| "", | |
| "\n", | |
| " AWS_STACK_ID=", | |
| { | |
| "Ref": "AWS::StackId" | |
| }, | |
| "", | |
| "\n", | |
| " AWS_STACK_NAME=", | |
| { | |
| "Ref": "AWS::StackName" | |
| }, | |
| "", | |
| "\n", | |
| " AWS_ACCESS_KEY_ID=", | |
| { | |
| "Ref": "HostKeys" | |
| }, | |
| "", | |
| "\n", | |
| " AWS_SECRET_ACCESS_KEY=", | |
| { | |
| "Fn::GetAtt": [ | |
| "HostKeys", | |
| "SecretAccessKey" | |
| ] | |
| }, | |
| "", | |
| "\n", | |
| " ZOOKEEPER_CLUSTER_SIZE=1\n", | |
| " MASTER_ELB=", | |
| { | |
| "Fn::GetAtt": [ | |
| "InternalMasterLoadBalancer", | |
| "DNSName" | |
| ] | |
| }, | |
| "", | |
| "\n", | |
| " EXTERNAL_ELB=", | |
| { | |
| "Fn::GetAtt": [ | |
| "ElasticLoadBalancer", | |
| "DNSName" | |
| ] | |
| }, | |
| "", | |
| "\n", | |
| " # Must set FALLBACK_DNS to an AWS region-specific DNS server which returns\n", | |
| " # the internal IP when doing lookups on AWS public hostnames.\n", | |
| " FALLBACK_DNS=10.0.0.2\n", | |
| " \"path\": |-\n", | |
| " /etc/mesosphere/setup-packages/dcos-provider-aws--setup/etc/cloudenv\n", | |
| "- \"content\": |\n", | |
| " MESOS_CLUSTER=", | |
| { | |
| "Ref": "AWS::StackName" | |
| }, | |
| "", | |
| "\n", | |
| " \"path\": |-\n", | |
| " /etc/mesosphere/setup-packages/dcos-provider-aws--setup/etc/mesos-master-provider\n", | |
| "- \"content\": |\n", | |
| " AWS_S3_BUCKET=", | |
| { | |
| "Ref": "ExhibitorS3Bucket" | |
| }, | |
| "", | |
| "\n", | |
| " AWS_S3_PREFIX=", | |
| { | |
| "Ref": "AWS::StackName" | |
| }, | |
| "", | |
| "\n", | |
| " EXHIBITOR_WEB_UI_PORT=8181\n", | |
| " \"path\": |-\n", | |
| " /etc/mesosphere/setup-packages/dcos-provider-aws--setup/etc/exhibitor\n", | |
| "- \"content\": |\n", | |
| " https://downloads.mesosphere.com/dcos/stable\n", | |
| " \"owner\": |-\n", | |
| " root\n", | |
| " \"path\": |-\n", | |
| " /etc/mesosphere/setup-flags/repository-url\n", | |
| " \"permissions\": !!int |-\n", | |
| " 420\n", | |
| "- \"content\": |\n", | |
| " BOOTSTRAP_ID=6a317468b62ec6aba76932e6953bf6b7fd6c34d4\n", | |
| " \"owner\": |-\n", | |
| " root\n", | |
| " \"path\": |-\n", | |
| " /etc/mesosphere/setup-flags/bootstrap-id\n", | |
| " \"permissions\": !!int |-\n", | |
| " 420\n", | |
| "- \"content\": |-\n", | |
| " [\"dcos-config--setup_891e9ea371b5e8c03854155caed8ff8d8f91b815\", \"dcos-detect-ip--setup_891e9ea371b5e8c03854155caed8ff8d8f91b815\"]\n", | |
| " \"owner\": |-\n", | |
| " root\n", | |
| " \"path\": |-\n", | |
| " /etc/mesosphere/setup-flags/cluster-packages.json\n", | |
| " \"permissions\": !!int |-\n", | |
| " 420\n", | |
| "- \"content\": \"\"\n", | |
| " \"path\": |-\n", | |
| " /etc/mesosphere/roles/slave\n", | |
| "- \"content\": \"\"\n", | |
| " \"path\": |-\n", | |
| " /etc/mesosphere/roles/aws\n" | |
| ] | |
| ] | |
| } | |
| }, | |
| "AssociatePublicIpAddress": "false" | |
| } | |
| }, | |
| "HostKeys": { | |
| "Type": "AWS::IAM::AccessKey", | |
| "Properties": { | |
| "UserName": { | |
| "Ref": "IAMUser" | |
| } | |
| } | |
| }, | |
| "PublicSlaveToSlaveIngress": { | |
| "Type": "AWS::EC2::SecurityGroupIngress", | |
| "Properties": { | |
| "ToPort": "65535", | |
| "SourceSecurityGroupId": { | |
| "Ref": "PublicSlaveSecurityGroup" | |
| }, | |
| "GroupId": { | |
| "Ref": "SlaveSecurityGroup" | |
| }, | |
| "IpProtocol": "-1", | |
| "FromPort": "0" | |
| } | |
| }, | |
| "AdminSecurityGroup": { | |
| "Type": "AWS::EC2::SecurityGroup", | |
| "Properties": { | |
| "SecurityGroupIngress": [ | |
| { | |
| "ToPort": "65535", | |
| "CidrIp": { | |
| "Ref": "AdminLocation" | |
| }, | |
| "IpProtocol": "-1", | |
| "FromPort": "0" | |
| } | |
| ], | |
| "GroupDescription": "Enable admin access to servers", | |
| "VpcId": { | |
| "Ref": "Vpc" | |
| } | |
| } | |
| }, | |
| "PublicSlaveToPublicSlaveIngress": { | |
| "Type": "AWS::EC2::SecurityGroupIngress", | |
| "Properties": { | |
| "ToPort": "65535", | |
| "SourceSecurityGroupId": { | |
| "Ref": "PublicSlaveSecurityGroup" | |
| }, | |
| "GroupId": { | |
| "Ref": "PublicSlaveSecurityGroup" | |
| }, | |
| "IpProtocol": "-1", | |
| "FromPort": "0" | |
| } | |
| }, | |
| "PublicNetworkAcl": { | |
| "Type": "AWS::EC2::NetworkAcl", | |
| "Properties": { | |
| "VpcId": { | |
| "Ref": "Vpc" | |
| }, | |
| "Tags": [ | |
| { | |
| "Key": "Application", | |
| "Value": { | |
| "Ref": "AWS::StackName" | |
| } | |
| }, | |
| { | |
| "Key": "Network", | |
| "Value": "Public" | |
| } | |
| ] | |
| } | |
| }, | |
| "SlaveToMasterIngress": { | |
| "Type": "AWS::EC2::SecurityGroupIngress", | |
| "Properties": { | |
| "ToPort": "65535", | |
| "SourceSecurityGroupId": { | |
| "Ref": "SlaveSecurityGroup" | |
| }, | |
| "GroupId": { | |
| "Ref": "MasterSecurityGroup" | |
| }, | |
| "IpProtocol": "-1", | |
| "FromPort": "0" | |
| } | |
| }, | |
| "InternetGateway": { | |
| "Type": "AWS::EC2::InternetGateway", | |
| "Properties": { | |
| "Tags": [ | |
| { | |
| "Key": "Application", | |
| "Value": { | |
| "Ref": "AWS::StackName" | |
| } | |
| }, | |
| { | |
| "Key": "Network", | |
| "Value": "Public" | |
| } | |
| ] | |
| } | |
| }, | |
| "PublicSubnetRouteTableAssociation": { | |
| "Type": "AWS::EC2::SubnetRouteTableAssociation", | |
| "Properties": { | |
| "SubnetId": { | |
| "Ref": "PublicSubnet" | |
| }, | |
| "RouteTableId": { | |
| "Ref": "PublicRouteTable" | |
| } | |
| } | |
| }, | |
| "PublicSlaveLoadBalancer": { | |
| "Type": "AWS::ElasticLoadBalancing::LoadBalancer", | |
| "Properties": { | |
| "HealthCheck": { | |
| "Timeout": "5", | |
| "Target": "HTTP:80/", | |
| "Interval": "30", | |
| "HealthyThreshold": "2", | |
| "UnhealthyThreshold": "2" | |
| }, | |
| "Subnets": [ | |
| { | |
| "Ref": "PublicSubnet" | |
| } | |
| ], | |
| "SecurityGroups": [ | |
| { | |
| "Ref": "PublicSlaveSecurityGroup" | |
| } | |
| ], | |
| "Listeners": [ | |
| { | |
| "InstanceProtocol": "HTTP", | |
| "InstancePort": "80", | |
| "Protocol": "HTTP", | |
| "LoadBalancerPort": "80" | |
| }, | |
| { | |
| "InstanceProtocol": "TCP", | |
| "InstancePort": "443", | |
| "Protocol": "TCP", | |
| "LoadBalancerPort": "443" | |
| } | |
| ] | |
| } | |
| }, | |
| "MasterSecurityGroup": { | |
| "Type": "AWS::EC2::SecurityGroup", | |
| "Properties": { | |
| "SecurityGroupIngress": [ | |
| { | |
| "ToPort": "5050", | |
| "SourceSecurityGroupId": { | |
| "Ref": "LbSecurityGroup" | |
| }, | |
| "IpProtocol": "tcp", | |
| "FromPort": "5050" | |
| }, | |
| { | |
| "ToPort": "80", | |
| "SourceSecurityGroupId": { | |
| "Ref": "LbSecurityGroup" | |
| }, | |
| "IpProtocol": "tcp", | |
| "FromPort": "80" | |
| }, | |
| { | |
| "ToPort": "8080", | |
| "SourceSecurityGroupId": { | |
| "Ref": "LbSecurityGroup" | |
| }, | |
| "IpProtocol": "tcp", | |
| "FromPort": "8080" | |
| }, | |
| { | |
| "ToPort": "8181", | |
| "SourceSecurityGroupId": { | |
| "Ref": "LbSecurityGroup" | |
| }, | |
| "IpProtocol": "tcp", | |
| "FromPort": "8181" | |
| }, | |
| { | |
| "ToPort": "2181", | |
| "SourceSecurityGroupId": { | |
| "Ref": "LbSecurityGroup" | |
| }, | |
| "IpProtocol": "tcp", | |
| "FromPort": "2181" | |
| } | |
| ], | |
| "GroupDescription": "Mesos Masters", | |
| "VpcId": { | |
| "Ref": "Vpc" | |
| } | |
| } | |
| }, | |
| "PublicSlaveLaunchConfig": { | |
| "Type": "AWS::AutoScaling::LaunchConfiguration", | |
| "Properties": { | |
| "InstanceType": { | |
| "Fn::FindInMap": [ | |
| "Parameters", | |
| "PublicSlaveInstanceType", | |
| "default" | |
| ] | |
| }, | |
| "BlockDeviceMappings": [ | |
| { | |
| "DeviceName": "/dev/sdb", | |
| "VirtualName": "ephemeral0" | |
| } | |
| ], | |
| "ImageId": { | |
| "Fn::FindInMap": [ | |
| "RegionToAmi", | |
| { | |
| "Ref": "AWS::Region" | |
| }, | |
| "stable" | |
| ] | |
| }, | |
| "SecurityGroups": [ | |
| { | |
| "Ref": "PublicSlaveSecurityGroup" | |
| } | |
| ], | |
| "KeyName": { | |
| "Ref": "KeyName" | |
| }, | |
| "UserData": { | |
| "Fn::Base64": { | |
| "Fn::Join": [ | |
| "", | |
| [ | |
| "#cloud-config\n", | |
| "\"coreos\":\n", | |
| " \"units\":\n", | |
| " - \"command\": |-\n", | |
| " start\n", | |
| " \"content\": |-\n", | |
| " [Unit]\n", | |
| " Description=Write out dynamic config values\n", | |
| " [Service]\n", | |
| " Type=oneshot\n", | |
| " # TODO(cmaloney): Remove these and get rid of the bits that require them.\n", | |
| " ExecStart=/usr/bin/bash -c \"echo EXHIBITOR_HOSTNAME=$(curl -s http://169.254.169.254/latest/meta-data/hostname) >> /etc/mesosphere/setup-packages/dcos-provider-aws--setup/etc/cloudenv\"\n", | |
| " ExecStart=/usr/bin/bash -c \"echo MARATHON_HOSTNAME=$(curl -s http://169.254.169.254/latest/meta-data/hostname) >> /etc/mesosphere/setup-packages/dcos-provider-aws--setup/etc/cloudenv\"\n", | |
| " \"name\": |-\n", | |
| " config-writer.service\n", | |
| " - \"command\": |-\n", | |
| " stop\n", | |
| " \"mask\": !!bool |-\n", | |
| " true\n", | |
| " \"name\": |-\n", | |
| " etcd.service\n", | |
| " - \"command\": |-\n", | |
| " stop\n", | |
| " \"mask\": !!bool |-\n", | |
| " true\n", | |
| " \"name\": |-\n", | |
| " update-engine.service\n", | |
| " - \"command\": |-\n", | |
| " stop\n", | |
| " \"mask\": !!bool |-\n", | |
| " true\n", | |
| " \"name\": |-\n", | |
| " locksmithd.service\n", | |
| " - \"command\": |-\n", | |
| " stop\n", | |
| " \"name\": |-\n", | |
| " systemd-resolved.service\n", | |
| " - \"command\": |-\n", | |
| " start\n", | |
| " \"content\": |\n", | |
| " [Unit]\n", | |
| " Description=Formats the /var/lib ephemeral drive\n", | |
| " Before=var-lib.mount dbus.service\n", | |
| " [Service]\n", | |
| " Type=oneshot\n", | |
| " RemainAfterExit=yes\n", | |
| " ExecStart=/bin/bash -c '(blkid -t TYPE=ext4 | grep xvdb) || (/usr/sbin/mkfs.ext4 -F /dev/xvdb)'\n", | |
| " \"name\": |-\n", | |
| " format-var-lib-ephemeral.service\n", | |
| " - \"command\": |-\n", | |
| " start\n", | |
| " \"content\": |-\n", | |
| " [Unit]\n", | |
| " Description=Mount /var/lib\n", | |
| " Before=dbus.service\n", | |
| " [Mount]\n", | |
| " What=/dev/xvdb\n", | |
| " Where=/var/lib\n", | |
| " Type=ext4\n", | |
| " \"name\": |-\n", | |
| " var-lib.mount\n", | |
| " - \"command\": |-\n", | |
| " start\n", | |
| " \"content\": |\n", | |
| " [Unit]\n", | |
| " Before=dcos.target\n", | |
| " [Service]\n", | |
| " Type=oneshot\n", | |
| " ExecStartPre=/usr/bin/mkdir -p /etc/profile.d\n", | |
| " ExecStart=/usr/bin/ln -sf /opt/mesosphere/environment.export /etc/profile.d/dcos.sh\n", | |
| " \"name\": |-\n", | |
| " link-env.service\n", | |
| " - \"content\": |\n", | |
| " [Unit]\n", | |
| " Description=Download the DCOS\n", | |
| " After=network-online.target\n", | |
| " Wants=network-online.target\n", | |
| " ConditionPathExists=!/opt/mesosphere/\n", | |
| " [Service]\n", | |
| " EnvironmentFile=/etc/mesosphere/setup-flags/bootstrap-id\n", | |
| " Type=oneshot\n", | |
| " ExecStartPre=/usr/bin/bash -c \"until curl -C - -o /tmp/bootstrap.tar.xz https://downloads.mesosphere.com/dcos/stable/bootstrap/${BOOTSTRAP_ID}.bootstrap.tar.xz; do echo 'failed to download'; sleep 5; done\"\n", | |
| " ExecStartPre=/usr/bin/mkdir -p /opt/mesosphere\n", | |
| " ExecStart=/usr/bin/tar -axf /tmp/bootstrap.tar.xz -C /opt/mesosphere\n", | |
| " ExecStartPost=-/usr/bin/rm -f /tmp/bootstrap.tar.xz\n", | |
| " \"name\": |-\n", | |
| " dcos-download.service\n", | |
| " - \"command\": |-\n", | |
| " start\n", | |
| " \"content\": |-\n", | |
| " [Unit]\n", | |
| " Description=Prep the Pkgpanda working directories for this host.\n", | |
| " Requires=dcos-download.service\n", | |
| " After=dcos-download.service\n", | |
| " [Service]\n", | |
| " Type=oneshot\n", | |
| " EnvironmentFile=/opt/mesosphere/environment\n", | |
| " ExecStart=/opt/mesosphere/bin/pkgpanda setup --no-block-systemd\n", | |
| " [Install]\n", | |
| " WantedBy=multi-user.target\n", | |
| " \"enable\": !!bool |-\n", | |
| " true\n", | |
| " \"name\": |-\n", | |
| " dcos-setup.service\n", | |
| " - \"command\": |-\n", | |
| " start\n", | |
| " \"content\": |-\n", | |
| " [Unit]\n", | |
| " Description=Signal CloudFormation Success\n", | |
| " After=dcos.target\n", | |
| " Requires=dcos.target\n", | |
| " ConditionPathExists=!/var/lib/dcos-cfn-signal\n", | |
| " [Service]\n", | |
| " Type=simple\n", | |
| " Restart=on-failure\n", | |
| " StartLimitInterval=0\n", | |
| " RestartSec=15s\n", | |
| " ExecStartPre=/usr/bin/docker pull mbabineau/cfn-bootstrap\n", | |
| " ExecStartPre=/bin/ping -c1 leader.mesos\n", | |
| " ExecStartPre=/usr/bin/docker run --rm mbabineau/cfn-bootstrap \\\n", | |
| " cfn-signal -e 0 \\\n", | |
| " --resource PublicSlaveServerGroup \\\n", | |
| " --stack ", | |
| { | |
| "Ref": "AWS::StackName" | |
| }, | |
| " \\", | |
| "\n", | |
| " --region ", | |
| { | |
| "Ref": "AWS::Region" | |
| }, | |
| "", | |
| "\n", | |
| " ExecStart=/usr/bin/touch /var/lib/dcos-cfn-signal\n", | |
| " \"name\": |-\n", | |
| " dcos-cfn-signal.service\n", | |
| " \"update\":\n", | |
| " \"reboot-strategy\": |-\n", | |
| " off\n", | |
| "\"write_files\":\n", | |
| "- \"content\": |\n", | |
| " {\n", | |
| " \"environment\": {\n", | |
| " \"PROVIDER\": \"aws\"\n", | |
| " }\n", | |
| " }\n", | |
| " \"path\": |-\n", | |
| " /etc/mesosphere/setup-packages/dcos-provider-aws--setup/pkginfo.json\n", | |
| "- \"content\": |\n", | |
| " AWS_REGION=", | |
| { | |
| "Ref": "AWS::Region" | |
| }, | |
| "", | |
| "\n", | |
| " AWS_STACK_ID=", | |
| { | |
| "Ref": "AWS::StackId" | |
| }, | |
| "", | |
| "\n", | |
| " AWS_STACK_NAME=", | |
| { | |
| "Ref": "AWS::StackName" | |
| }, | |
| "", | |
| "\n", | |
| " AWS_ACCESS_KEY_ID=", | |
| { | |
| "Ref": "HostKeys" | |
| }, | |
| "", | |
| "\n", | |
| " AWS_SECRET_ACCESS_KEY=", | |
| { | |
| "Fn::GetAtt": [ | |
| "HostKeys", | |
| "SecretAccessKey" | |
| ] | |
| }, | |
| "", | |
| "\n", | |
| " ZOOKEEPER_CLUSTER_SIZE=1\n", | |
| " MASTER_ELB=", | |
| { | |
| "Fn::GetAtt": [ | |
| "InternalMasterLoadBalancer", | |
| "DNSName" | |
| ] | |
| }, | |
| "", | |
| "\n", | |
| " EXTERNAL_ELB=", | |
| { | |
| "Fn::GetAtt": [ | |
| "ElasticLoadBalancer", | |
| "DNSName" | |
| ] | |
| }, | |
| "", | |
| "\n", | |
| " # Must set FALLBACK_DNS to an AWS region-specific DNS server which returns\n", | |
| " # the internal IP when doing lookups on AWS public hostnames.\n", | |
| " FALLBACK_DNS=10.0.0.2\n", | |
| " \"path\": |-\n", | |
| " /etc/mesosphere/setup-packages/dcos-provider-aws--setup/etc/cloudenv\n", | |
| "- \"content\": |\n", | |
| " MESOS_CLUSTER=", | |
| { | |
| "Ref": "AWS::StackName" | |
| }, | |
| "", | |
| "\n", | |
| " \"path\": |-\n", | |
| " /etc/mesosphere/setup-packages/dcos-provider-aws--setup/etc/mesos-master-provider\n", | |
| "- \"content\": |\n", | |
| " AWS_S3_BUCKET=", | |
| { | |
| "Ref": "ExhibitorS3Bucket" | |
| }, | |
| "", | |
| "\n", | |
| " AWS_S3_PREFIX=", | |
| { | |
| "Ref": "AWS::StackName" | |
| }, | |
| "", | |
| "\n", | |
| " EXHIBITOR_WEB_UI_PORT=8181\n", | |
| " \"path\": |-\n", | |
| " /etc/mesosphere/setup-packages/dcos-provider-aws--setup/etc/exhibitor\n", | |
| "- \"content\": |\n", | |
| " https://downloads.mesosphere.com/dcos/stable\n", | |
| " \"owner\": |-\n", | |
| " root\n", | |
| " \"path\": |-\n", | |
| " /etc/mesosphere/setup-flags/repository-url\n", | |
| " \"permissions\": !!int |-\n", | |
| " 420\n", | |
| "- \"content\": |\n", | |
| " BOOTSTRAP_ID=6a317468b62ec6aba76932e6953bf6b7fd6c34d4\n", | |
| " \"owner\": |-\n", | |
| " root\n", | |
| " \"path\": |-\n", | |
| " /etc/mesosphere/setup-flags/bootstrap-id\n", | |
| " \"permissions\": !!int |-\n", | |
| " 420\n", | |
| "- \"content\": |-\n", | |
| " [\"dcos-config--setup_891e9ea371b5e8c03854155caed8ff8d8f91b815\", \"dcos-detect-ip--setup_891e9ea371b5e8c03854155caed8ff8d8f91b815\"]\n", | |
| " \"owner\": |-\n", | |
| " root\n", | |
| " \"path\": |-\n", | |
| " /etc/mesosphere/setup-flags/cluster-packages.json\n", | |
| " \"permissions\": !!int |-\n", | |
| " 420\n", | |
| "- \"content\": \"\"\n", | |
| " \"path\": |-\n", | |
| " /etc/mesosphere/roles/slave_public\n", | |
| "- \"content\": \"\"\n", | |
| " \"path\": |-\n", | |
| " /etc/mesosphere/roles/aws\n" | |
| ] | |
| ] | |
| } | |
| }, | |
| "AssociatePublicIpAddress": "true" | |
| } | |
| }, | |
| "MasterToPublicSlaveIngress": { | |
| "Type": "AWS::EC2::SecurityGroupIngress", | |
| "Properties": { | |
| "ToPort": "65535", | |
| "SourceSecurityGroupId": { | |
| "Ref": "MasterSecurityGroup" | |
| }, | |
| "GroupId": { | |
| "Ref": "PublicSlaveSecurityGroup" | |
| }, | |
| "IpProtocol": "-1", | |
| "FromPort": "0" | |
| } | |
| }, | |
| "GatewayToInternet": { | |
| "Type": "AWS::EC2::VPCGatewayAttachment", | |
| "Properties": { | |
| "InternetGatewayId": { | |
| "Ref": "InternetGateway" | |
| }, | |
| "VpcId": { | |
| "Ref": "Vpc" | |
| } | |
| } | |
| }, | |
| "PublicRouteTable": { | |
| "Type": "AWS::EC2::RouteTable", | |
| "Properties": { | |
| "VpcId": { | |
| "Ref": "Vpc" | |
| }, | |
| "Tags": [ | |
| { | |
| "Key": "Application", | |
| "Value": { | |
| "Ref": "AWS::StackName" | |
| } | |
| }, | |
| { | |
| "Key": "Network", | |
| "Value": "Public" | |
| } | |
| ] | |
| } | |
| }, | |
| "Vpc": { | |
| "Type": "AWS::EC2::VPC", | |
| "Properties": { | |
| "Tags": [ | |
| { | |
| "Key": "Application", | |
| "Value": { | |
| "Ref": "AWS::StackName" | |
| } | |
| }, | |
| { | |
| "Key": "Network", | |
| "Value": "Public" | |
| } | |
| ], | |
| "EnableDnsHostnames": "true", | |
| "EnableDnsSupport": "true", | |
| "CidrBlock": { | |
| "Fn::FindInMap": [ | |
| "Parameters", | |
| "VPCSubnetRange", | |
| "default" | |
| ] | |
| } | |
| } | |
| }, | |
| "DHCPOptions": { | |
| "Type": "AWS::EC2::DHCPOptions", | |
| "Properties": { | |
| "DomainName": { | |
| "Fn::If": [ | |
| "RegionIsUsEast1", | |
| "ec2.internal", | |
| { | |
| "Fn::Join": [ | |
| "", | |
| [ | |
| { | |
| "Ref": "AWS::Region" | |
| }, | |
| ".compute.internal" | |
| ] | |
| ] | |
| } | |
| ] | |
| }, | |
| "DomainNameServers": [ | |
| "AmazonProvidedDNS" | |
| ] | |
| } | |
| }, | |
| "InternalMasterLoadBalancer": { | |
| "Type": "AWS::ElasticLoadBalancing::LoadBalancer", | |
| "Properties": { | |
| "HealthCheck": { | |
| "Timeout": "5", | |
| "Target": "HTTP:5050/health", | |
| "Interval": "30", | |
| "HealthyThreshold": "2", | |
| "UnhealthyThreshold": "2" | |
| }, | |
| "Scheme": "internal", | |
| "Subnets": [ | |
| { | |
| "Ref": "PublicSubnet" | |
| } | |
| ], | |
| "SecurityGroups": [ | |
| { | |
| "Ref": "LbSecurityGroup" | |
| }, | |
| { | |
| "Ref": "AdminSecurityGroup" | |
| }, | |
| { | |
| "Ref": "SlaveSecurityGroup" | |
| }, | |
| { | |
| "Ref": "PublicSlaveSecurityGroup" | |
| }, | |
| { | |
| "Ref": "MasterSecurityGroup" | |
| } | |
| ], | |
| "Listeners": [ | |
| { | |
| "InstanceProtocol": "HTTP", | |
| "InstancePort": "5050", | |
| "Protocol": "HTTP", | |
| "LoadBalancerPort": "5050" | |
| }, | |
| { | |
| "InstanceProtocol": "TCP", | |
| "InstancePort": "2181", | |
| "Protocol": "TCP", | |
| "LoadBalancerPort": "2181" | |
| }, | |
| { | |
| "InstanceProtocol": "HTTP", | |
| "InstancePort": "8181", | |
| "Protocol": "HTTP", | |
| "LoadBalancerPort": "8181" | |
| }, | |
| { | |
| "InstanceProtocol": "HTTP", | |
| "InstancePort": "80", | |
| "Protocol": "HTTP", | |
| "LoadBalancerPort": "80" | |
| }, | |
| { | |
| "InstanceProtocol": "TCP", | |
| "InstancePort": "443", | |
| "Protocol": "TCP", | |
| "LoadBalancerPort": "443" | |
| }, | |
| { | |
| "InstanceProtocol": "HTTP", | |
| "InstancePort": "8080", | |
| "Protocol": "HTTP", | |
| "LoadBalancerPort": "8080" | |
| } | |
| ] | |
| } | |
| }, | |
| "PublicSlaveIngressTwo": { | |
| "Type": "AWS::EC2::SecurityGroupIngress", | |
| "Properties": { | |
| "ToPort": "5050", | |
| "CidrIp": "0.0.0.0/0", | |
| "GroupId": { | |
| "Ref": "PublicSlaveSecurityGroup" | |
| }, | |
| "IpProtocol": "tcp", | |
| "FromPort": "23" | |
| } | |
| }, | |
| "LbSecurityGroup": { | |
| "Type": "AWS::EC2::SecurityGroup", | |
| "Properties": { | |
| "GroupDescription": "Mesos Master LB", | |
| "VpcId": { | |
| "Ref": "Vpc" | |
| } | |
| } | |
| }, | |
| "PublicSubnetNetworkAclAssociation": { | |
| "Type": "AWS::EC2::SubnetNetworkAclAssociation", | |
| "Properties": { | |
| "SubnetId": { | |
| "Ref": "PublicSubnet" | |
| }, | |
| "NetworkAclId": { | |
| "Ref": "PublicNetworkAcl" | |
| } | |
| } | |
| }, | |
| "MasterToSlaveIngress": { | |
| "Type": "AWS::EC2::SecurityGroupIngress", | |
| "Properties": { | |
| "ToPort": "65535", | |
| "SourceSecurityGroupId": { | |
| "Ref": "MasterSecurityGroup" | |
| }, | |
| "GroupId": { | |
| "Ref": "SlaveSecurityGroup" | |
| }, | |
| "IpProtocol": "-1", | |
| "FromPort": "0" | |
| } | |
| }, | |
| "PublicSlaveIngressFive": { | |
| "Type": "AWS::EC2::SecurityGroupIngress", | |
| "Properties": { | |
| "ToPort": "5050", | |
| "CidrIp": "0.0.0.0/0", | |
| "GroupId": { | |
| "Ref": "PublicSlaveSecurityGroup" | |
| }, | |
| "IpProtocol": "udp", | |
| "FromPort": "23" | |
| } | |
| }, | |
| "PublicSlaveIngressFour": { | |
| "Type": "AWS::EC2::SecurityGroupIngress", | |
| "Properties": { | |
| "ToPort": "21", | |
| "CidrIp": "0.0.0.0/0", | |
| "GroupId": { | |
| "Ref": "PublicSlaveSecurityGroup" | |
| }, | |
| "IpProtocol": "udp", | |
| "FromPort": "0" | |
| } | |
| }, | |
| "PrivateOutboundNetworkAclEntry": { | |
| "Type": "AWS::EC2::NetworkAclEntry", | |
| "Properties": { | |
| "RuleNumber": "100", | |
| "Egress": "true", | |
| "RuleAction": "allow", | |
| "CidrBlock": "0.0.0.0/0", | |
| "Protocol": "-1", | |
| "PortRange": { | |
| "To": "65535", | |
| "From": "0" | |
| }, | |
| "NetworkAclId": { | |
| "Ref": "PrivateNetworkAcl" | |
| } | |
| } | |
| }, | |
| "PrivateNetworkAcl": { | |
| "Type": "AWS::EC2::NetworkAcl", | |
| "Properties": { | |
| "VpcId": { | |
| "Ref": "Vpc" | |
| }, | |
| "Tags": [ | |
| { | |
| "Key": "Application", | |
| "Value": { | |
| "Ref": "AWS::StackName" | |
| } | |
| }, | |
| { | |
| "Key": "Network", | |
| "Value": "Public" | |
| } | |
| ] | |
| } | |
| }, | |
| "PublicSubnet": { | |
| "Type": "AWS::EC2::Subnet", | |
| "Properties": { | |
| "Tags": [ | |
| { | |
| "Key": "Application", | |
| "Value": { | |
| "Ref": "AWS::StackName" | |
| } | |
| }, | |
| { | |
| "Key": "Network", | |
| "Value": "Public" | |
| } | |
| ], | |
| "VpcId": { | |
| "Ref": "Vpc" | |
| }, | |
| "CidrBlock": { | |
| "Fn::FindInMap": [ | |
| "Parameters", | |
| "PublicSubnetRange", | |
| "default" | |
| ] | |
| } | |
| } | |
| }, | |
| "PublicSlaveServerGroup": { | |
| "CreationPolicy": { | |
| "ResourceSignal": { | |
| "Timeout": { | |
| "Fn::FindInMap": [ | |
| "Parameters", | |
| "StackCreationTimeout", | |
| "default" | |
| ] | |
| }, | |
| "Count": { | |
| "Ref": "PublicSlaveInstanceCount" | |
| } | |
| } | |
| }, | |
| "Type": "AWS::AutoScaling::AutoScalingGroup", | |
| "Properties": { | |
| "MinSize": { | |
| "Ref": "PublicSlaveInstanceCount" | |
| }, | |
| "DesiredCapacity": { | |
| "Ref": "PublicSlaveInstanceCount" | |
| }, | |
| "Tags": [ | |
| { | |
| "PropagateAtLaunch": "true", | |
| "Key": "role", | |
| "Value": "mesos-slave" | |
| } | |
| ], | |
| "AvailabilityZones": [ | |
| { | |
| "Fn::GetAtt": [ | |
| "PublicSubnet", | |
| "AvailabilityZone" | |
| ] | |
| } | |
| ], | |
| "LoadBalancerNames": [ | |
| { | |
| "Ref": "PublicSlaveLoadBalancer" | |
| } | |
| ], | |
| "LaunchConfigurationName": { | |
| "Ref": "PublicSlaveLaunchConfig" | |
| }, | |
| "VPCZoneIdentifier": [ | |
| { | |
| "Ref": "PublicSubnet" | |
| } | |
| ], | |
| "MaxSize": { | |
| "Ref": "PublicSlaveInstanceCount" | |
| } | |
| } | |
| }, | |
| "SlaveServerGroup": { | |
| "CreationPolicy": { | |
| "ResourceSignal": { | |
| "Timeout": { | |
| "Fn::FindInMap": [ | |
| "Parameters", | |
| "StackCreationTimeout", | |
| "default" | |
| ] | |
| }, | |
| "Count": { | |
| "Ref": "SlaveInstanceCount" | |
| } | |
| } | |
| }, | |
| "Type": "AWS::AutoScaling::AutoScalingGroup", | |
| "Properties": { | |
| "MinSize": { | |
| "Ref": "SlaveInstanceCount" | |
| }, | |
| "DesiredCapacity": { | |
| "Ref": "SlaveInstanceCount" | |
| }, | |
| "Tags": [ | |
| { | |
| "PropagateAtLaunch": "true", | |
| "Key": "role", | |
| "Value": "mesos-slave" | |
| } | |
| ], | |
| "AvailabilityZones": [ | |
| { | |
| "Fn::GetAtt": [ | |
| "PrivateSubnet", | |
| "AvailabilityZone" | |
| ] | |
| } | |
| ], | |
| "LaunchConfigurationName": { | |
| "Ref": "SlaveLaunchConfig" | |
| }, | |
| "VPCZoneIdentifier": [ | |
| { | |
| "Ref": "PrivateSubnet" | |
| } | |
| ], | |
| "MaxSize": { | |
| "Ref": "SlaveInstanceCount" | |
| } | |
| } | |
| }, | |
| "PublicRoute": { | |
| "Type": "AWS::EC2::Route", | |
| "DependsOn": "GatewayToInternet", | |
| "Properties": { | |
| "GatewayId": { | |
| "Ref": "InternetGateway" | |
| }, | |
| "RouteTableId": { | |
| "Ref": "PublicRouteTable" | |
| }, | |
| "DestinationCidrBlock": "0.0.0.0/0" | |
| } | |
| }, | |
| "MasterToMasterIngress": { | |
| "Type": "AWS::EC2::SecurityGroupIngress", | |
| "Properties": { | |
| "ToPort": "65535", | |
| "SourceSecurityGroupId": { | |
| "Ref": "MasterSecurityGroup" | |
| }, | |
| "GroupId": { | |
| "Ref": "MasterSecurityGroup" | |
| }, | |
| "IpProtocol": "-1", | |
| "FromPort": "0" | |
| } | |
| }, | |
| "PublicSlaveIngressThree": { | |
| "Type": "AWS::EC2::SecurityGroupIngress", | |
| "Properties": { | |
| "ToPort": "65535", | |
| "CidrIp": "0.0.0.0/0", | |
| "GroupId": { | |
| "Ref": "PublicSlaveSecurityGroup" | |
| }, | |
| "IpProtocol": "tcp", | |
| "FromPort": "5052" | |
| } | |
| }, | |
| "SlaveToMasterLBIngress": { | |
| "Type": "AWS::EC2::SecurityGroupIngress", | |
| "Properties": { | |
| "ToPort": "2181", | |
| "SourceSecurityGroupId": { | |
| "Ref": "SlaveSecurityGroup" | |
| }, | |
| "GroupId": { | |
| "Ref": "LbSecurityGroup" | |
| }, | |
| "IpProtocol": "tcp", | |
| "FromPort": "2181" | |
| } | |
| }, | |
| "InboundNetworkAclEntry": { | |
| "Type": "AWS::EC2::NetworkAclEntry", | |
| "Properties": { | |
| "RuleNumber": "100", | |
| "Egress": "false", | |
| "RuleAction": "allow", | |
| "CidrBlock": "0.0.0.0/0", | |
| "Protocol": "-1", | |
| "PortRange": { | |
| "To": "65535", | |
| "From": "0" | |
| }, | |
| "NetworkAclId": { | |
| "Ref": "PublicNetworkAcl" | |
| } | |
| } | |
| }, | |
| "NATInstance": { | |
| "Type": "AWS::EC2::Instance", | |
| "DependsOn": "GatewayToInternet", | |
| "Properties": { | |
| "KeyName": { | |
| "Ref": "KeyName" | |
| }, | |
| "InstanceType": "m3.medium", | |
| "SourceDestCheck": "false", | |
| "NetworkInterfaces": [ | |
| { | |
| "DeleteOnTermination": "true", | |
| "SubnetId": { | |
| "Ref": "PublicSubnet" | |
| }, | |
| "DeviceIndex": "0", | |
| "AssociatePublicIpAddress": "true", | |
| "GroupSet": [ | |
| { | |
| "Ref": "SlaveSecurityGroup" | |
| }, | |
| { | |
| "Ref": "MasterSecurityGroup" | |
| }, | |
| { | |
| "Ref": "AdminSecurityGroup" | |
| } | |
| ] | |
| } | |
| ], | |
| "ImageId": { | |
| "Fn::FindInMap": [ | |
| "NATAmi", | |
| { | |
| "Ref": "AWS::Region" | |
| }, | |
| "default" | |
| ] | |
| } | |
| } | |
| }, | |
| "ElasticLoadBalancer": { | |
| "Type": "AWS::ElasticLoadBalancing::LoadBalancer", | |
| "Properties": { | |
| "HealthCheck": { | |
| "Timeout": "5", | |
| "Target": "HTTP:5050/health", | |
| "Interval": "30", | |
| "HealthyThreshold": "2", | |
| "UnhealthyThreshold": "2" | |
| }, | |
| "Subnets": [ | |
| { | |
| "Ref": "PublicSubnet" | |
| } | |
| ], | |
| "SecurityGroups": [ | |
| { | |
| "Ref": "LbSecurityGroup" | |
| }, | |
| { | |
| "Ref": "AdminSecurityGroup" | |
| } | |
| ], | |
| "Listeners": [ | |
| { | |
| "InstanceProtocol": "HTTP", | |
| "InstancePort": "80", | |
| "Protocol": "HTTP", | |
| "LoadBalancerPort": "80" | |
| }, | |
| { | |
| "InstanceProtocol": "TCP", | |
| "InstancePort": "443", | |
| "Protocol": "TCP", | |
| "LoadBalancerPort": "443" | |
| } | |
| ] | |
| } | |
| }, | |
| "PrivateRoute": { | |
| "Type": "AWS::EC2::Route", | |
| "Properties": { | |
| "InstanceId": { | |
| "Ref": "NATInstance" | |
| }, | |
| "RouteTableId": { | |
| "Ref": "PrivateRouteTable" | |
| }, | |
| "DestinationCidrBlock": "0.0.0.0/0" | |
| } | |
| }, | |
| "SlaveToSlaveIngress": { | |
| "Type": "AWS::EC2::SecurityGroupIngress", | |
| "Properties": { | |
| "ToPort": "65535", | |
| "SourceSecurityGroupId": { | |
| "Ref": "SlaveSecurityGroup" | |
| }, | |
| "GroupId": { | |
| "Ref": "SlaveSecurityGroup" | |
| }, | |
| "IpProtocol": "-1", | |
| "FromPort": "0" | |
| } | |
| }, | |
| "PrivateSubnetRouteTableAssociation": { | |
| "Type": "AWS::EC2::SubnetRouteTableAssociation", | |
| "Properties": { | |
| "SubnetId": { | |
| "Ref": "PrivateSubnet" | |
| }, | |
| "RouteTableId": { | |
| "Ref": "PrivateRouteTable" | |
| } | |
| } | |
| }, | |
| "MasterInstanceProfile": { | |
| "Type": "AWS::IAM::InstanceProfile", | |
| "Properties": { | |
| "Path": "/", | |
| "Roles": [ | |
| { | |
| "Ref": "MasterRole" | |
| } | |
| ] | |
| } | |
| }, | |
| "PrivateSubnet": { | |
| "Type": "AWS::EC2::Subnet", | |
| "Properties": { | |
| "Tags": [ | |
| { | |
| "Key": "Application", | |
| "Value": { | |
| "Ref": "AWS::StackName" | |
| } | |
| }, | |
| { | |
| "Key": "Network", | |
| "Value": "Private" | |
| } | |
| ], | |
| "VpcId": { | |
| "Ref": "Vpc" | |
| }, | |
| "CidrBlock": { | |
| "Fn::FindInMap": [ | |
| "Parameters", | |
| "PrivateSubnetRange", | |
| "default" | |
| ] | |
| } | |
| } | |
| }, | |
| "PublicSlaveToMasterIngress": { | |
| "Type": "AWS::EC2::SecurityGroupIngress", | |
| "Properties": { | |
| "ToPort": "65535", | |
| "SourceSecurityGroupId": { | |
| "Ref": "PublicSlaveSecurityGroup" | |
| }, | |
| "GroupId": { | |
| "Ref": "MasterSecurityGroup" | |
| }, | |
| "IpProtocol": "-1", | |
| "FromPort": "0" | |
| } | |
| }, | |
| "OutboundNetworkAclEntry": { | |
| "Type": "AWS::EC2::NetworkAclEntry", | |
| "Properties": { | |
| "RuleNumber": "100", | |
| "Egress": "true", | |
| "RuleAction": "allow", | |
| "CidrBlock": "0.0.0.0/0", | |
| "Protocol": "-1", | |
| "PortRange": { | |
| "To": "65535", | |
| "From": "0" | |
| }, | |
| "NetworkAclId": { | |
| "Ref": "PublicNetworkAcl" | |
| } | |
| } | |
| }, | |
| "PublicSlaveIngressOne": { | |
| "Type": "AWS::EC2::SecurityGroupIngress", | |
| "Properties": { | |
| "ToPort": "21", | |
| "CidrIp": "0.0.0.0/0", | |
| "GroupId": { | |
| "Ref": "PublicSlaveSecurityGroup" | |
| }, | |
| "IpProtocol": "tcp", | |
| "FromPort": "0" | |
| } | |
| }, | |
| "ExhibitorS3Bucket": { | |
| "Type": "AWS::S3::Bucket", | |
| "DeletionPolicy": "Retain" | |
| }, | |
| "SlaveToPublicSlaveIngress": { | |
| "Type": "AWS::EC2::SecurityGroupIngress", | |
| "Properties": { | |
| "ToPort": "65535", | |
| "SourceSecurityGroupId": { | |
| "Ref": "SlaveSecurityGroup" | |
| }, | |
| "GroupId": { | |
| "Ref": "PublicSlaveSecurityGroup" | |
| }, | |
| "IpProtocol": "-1", | |
| "FromPort": "0" | |
| } | |
| }, | |
| "VPCDHCPOptionsAssociation": { | |
| "Type": "AWS::EC2::VPCDHCPOptionsAssociation", | |
| "Properties": { | |
| "VpcId": { | |
| "Ref": "Vpc" | |
| }, | |
| "DhcpOptionsId": { | |
| "Ref": "DHCPOptions" | |
| } | |
| } | |
| }, | |
| "PublicSlaveSecurityGroup": { | |
| "Type": "AWS::EC2::SecurityGroup", | |
| "Properties": { | |
| "GroupDescription": "Mesos Slaves Public", | |
| "VpcId": { | |
| "Ref": "Vpc" | |
| } | |
| } | |
| }, | |
| "SlaveSecurityGroup": { | |
| "Type": "AWS::EC2::SecurityGroup", | |
| "Properties": { | |
| "GroupDescription": "Mesos Slaves", | |
| "VpcId": { | |
| "Ref": "Vpc" | |
| } | |
| } | |
| }, | |
| "MasterServerGroup": { | |
| "CreationPolicy": { | |
| "ResourceSignal": { | |
| "Timeout": { | |
| "Fn::FindInMap": [ | |
| "Parameters", | |
| "StackCreationTimeout", | |
| "default" | |
| ] | |
| }, | |
| "Count": 1 | |
| } | |
| }, | |
| "Type": "AWS::AutoScaling::AutoScalingGroup", | |
| "Properties": { | |
| "MinSize": 1, | |
| "DesiredCapacity": 1, | |
| "Tags": [ | |
| { | |
| "PropagateAtLaunch": "true", | |
| "Key": "role", | |
| "Value": "mesos-master" | |
| } | |
| ], | |
| "AvailabilityZones": [ | |
| { | |
| "Fn::GetAtt": [ | |
| "PublicSubnet", | |
| "AvailabilityZone" | |
| ] | |
| } | |
| ], | |
| "LoadBalancerNames": [ | |
| { | |
| "Ref": "ElasticLoadBalancer" | |
| }, | |
| { | |
| "Ref": "InternalMasterLoadBalancer" | |
| } | |
| ], | |
| "LaunchConfigurationName": { | |
| "Ref": "MasterLaunchConfig" | |
| }, | |
| "VPCZoneIdentifier": [ | |
| { | |
| "Ref": "PublicSubnet" | |
| } | |
| ], | |
| "MaxSize": 1 | |
| } | |
| }, | |
| "MasterRole": { | |
| "Type": "AWS::IAM::Role", | |
| "Properties": { | |
| "Path": "/", | |
| "AssumeRolePolicyDocument": { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Effect": "Allow", | |
| "Action": [ | |
| "sts:AssumeRole" | |
| ], | |
| "Principal": { | |
| "Service": [ | |
| "ec2.amazonaws.com" | |
| ] | |
| } | |
| } | |
| ] | |
| }, | |
| "Policies": [ | |
| { | |
| "PolicyDocument": { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Effect": "Allow", | |
| "Resource": [ | |
| { | |
| "Fn::Join": [ | |
| "", | |
| [ | |
| "arn:aws:s3:::", | |
| { | |
| "Ref": "ExhibitorS3Bucket" | |
| }, | |
| "/*" | |
| ] | |
| ] | |
| }, | |
| { | |
| "Fn::Join": [ | |
| "", | |
| [ | |
| "arn:aws:s3:::", | |
| { | |
| "Ref": "ExhibitorS3Bucket" | |
| } | |
| ] | |
| ] | |
| } | |
| ], | |
| "Action": [ | |
| "s3:AbortMultipartUpload", | |
| "s3:DeleteObject", | |
| "s3:GetBucketAcl", | |
| "s3:GetBucketPolicy", | |
| "s3:GetObject", | |
| "s3:GetObjectAcl", | |
| "s3:ListBucket", | |
| "s3:ListBucketMultipartUploads", | |
| "s3:ListMultipartUploadParts", | |
| "s3:PutObject", | |
| "s3:PutObjectAcl" | |
| ] | |
| }, | |
| { | |
| "Effect": "Allow", | |
| "Resource": [ | |
| { | |
| "Ref": "AWS::StackId" | |
| }, | |
| { | |
| "Fn::Join": [ | |
| "", | |
| [ | |
| { | |
| "Ref": "AWS::StackId" | |
| }, | |
| "/*" | |
| ] | |
| ] | |
| } | |
| ], | |
| "Action": [ | |
| "cloudformation:*" | |
| ] | |
| }, | |
| { | |
| "Effect": "Allow", | |
| "Resource": "*", | |
| "Action": [ | |
| "ec2:DescribeKeyPairs", | |
| "ec2:DescribeSubnets", | |
| "autoscaling:DescribeLaunchConfigurations", | |
| "autoscaling:UpdateAutoScalingGroup", | |
| "autoscaling:DescribeAutoScalingGroups", | |
| "autoscaling:DescribeScalingActivities", | |
| "elasticloadbalancing:DescribeLoadBalancers" | |
| ] | |
| } | |
| ] | |
| }, | |
| "PolicyName": "root" | |
| } | |
| ] | |
| } | |
| }, | |
| "PrivateSubnetNetworkAclAssociation": { | |
| "Type": "AWS::EC2::SubnetNetworkAclAssociation", | |
| "Properties": { | |
| "SubnetId": { | |
| "Ref": "PrivateSubnet" | |
| }, | |
| "NetworkAclId": { | |
| "Ref": "PrivateNetworkAcl" | |
| } | |
| } | |
| }, | |
| "MasterLaunchConfig": { | |
| "Type": "AWS::AutoScaling::LaunchConfiguration", | |
| "Properties": { | |
| "InstanceType": { | |
| "Fn::FindInMap": [ | |
| "Parameters", | |
| "MasterInstanceType", | |
| "default" | |
| ] | |
| }, | |
| "BlockDeviceMappings": [ | |
| { | |
| "DeviceName": "/dev/sdb", | |
| "VirtualName": "ephemeral0" | |
| } | |
| ], | |
| "ImageId": { | |
| "Fn::FindInMap": [ | |
| "RegionToAmi", | |
| { | |
| "Ref": "AWS::Region" | |
| }, | |
| "stable" | |
| ] | |
| }, | |
| "SecurityGroups": [ | |
| { | |
| "Ref": "MasterSecurityGroup" | |
| }, | |
| { | |
| "Ref": "AdminSecurityGroup" | |
| } | |
| ], | |
| "IamInstanceProfile": { | |
| "Ref": "MasterInstanceProfile" | |
| }, | |
| "KeyName": { | |
| "Ref": "KeyName" | |
| }, | |
| "UserData": { | |
| "Fn::Base64": { | |
| "Fn::Join": [ | |
| "", | |
| [ | |
| "#cloud-config\n", | |
| "\"coreos\":\n", | |
| " \"units\":\n", | |
| " - \"command\": |-\n", | |
| " start\n", | |
| " \"content\": |-\n", | |
| " [Unit]\n", | |
| " Description=Write out dynamic config values\n", | |
| " [Service]\n", | |
| " Type=oneshot\n", | |
| " # TODO(cmaloney): Remove these and get rid of the bits that require them.\n", | |
| " ExecStart=/usr/bin/bash -c \"echo EXHIBITOR_HOSTNAME=$(curl -s http://169.254.169.254/latest/meta-data/hostname) >> /etc/mesosphere/setup-packages/dcos-provider-aws--setup/etc/cloudenv\"\n", | |
| " ExecStart=/usr/bin/bash -c \"echo MARATHON_HOSTNAME=$(curl -s http://169.254.169.254/latest/meta-data/hostname) >> /etc/mesosphere/setup-packages/dcos-provider-aws--setup/etc/cloudenv\"\n", | |
| " \"name\": |-\n", | |
| " config-writer.service\n", | |
| " - \"command\": |-\n", | |
| " stop\n", | |
| " \"mask\": !!bool |-\n", | |
| " true\n", | |
| " \"name\": |-\n", | |
| " etcd.service\n", | |
| " - \"command\": |-\n", | |
| " stop\n", | |
| " \"mask\": !!bool |-\n", | |
| " true\n", | |
| " \"name\": |-\n", | |
| " update-engine.service\n", | |
| " - \"command\": |-\n", | |
| " stop\n", | |
| " \"mask\": !!bool |-\n", | |
| " true\n", | |
| " \"name\": |-\n", | |
| " locksmithd.service\n", | |
| " - \"command\": |-\n", | |
| " stop\n", | |
| " \"name\": |-\n", | |
| " systemd-resolved.service\n", | |
| " - \"command\": |-\n", | |
| " start\n", | |
| " \"content\": |\n", | |
| " [Unit]\n", | |
| " Description=Formats the /var/lib ephemeral drive\n", | |
| " Before=var-lib.mount dbus.service\n", | |
| " [Service]\n", | |
| " Type=oneshot\n", | |
| " RemainAfterExit=yes\n", | |
| " ExecStart=/bin/bash -c '(blkid -t TYPE=ext4 | grep xvdb) || (/usr/sbin/mkfs.ext4 -F /dev/xvdb)'\n", | |
| " \"name\": |-\n", | |
| " format-var-lib-ephemeral.service\n", | |
| " - \"command\": |-\n", | |
| " start\n", | |
| " \"content\": |-\n", | |
| " [Unit]\n", | |
| " Description=Mount /var/lib\n", | |
| " Before=dbus.service\n", | |
| " [Mount]\n", | |
| " What=/dev/xvdb\n", | |
| " Where=/var/lib\n", | |
| " Type=ext4\n", | |
| " \"name\": |-\n", | |
| " var-lib.mount\n", | |
| " - \"command\": |-\n", | |
| " start\n", | |
| " \"content\": |\n", | |
| " [Unit]\n", | |
| " Before=dcos.target\n", | |
| " [Service]\n", | |
| " Type=oneshot\n", | |
| " ExecStartPre=/usr/bin/mkdir -p /etc/profile.d\n", | |
| " ExecStart=/usr/bin/ln -sf /opt/mesosphere/environment.export /etc/profile.d/dcos.sh\n", | |
| " \"name\": |-\n", | |
| " link-env.service\n", | |
| " - \"content\": |\n", | |
| " [Unit]\n", | |
| " Description=Download the DCOS\n", | |
| " After=network-online.target\n", | |
| " Wants=network-online.target\n", | |
| " ConditionPathExists=!/opt/mesosphere/\n", | |
| " [Service]\n", | |
| " EnvironmentFile=/etc/mesosphere/setup-flags/bootstrap-id\n", | |
| " Type=oneshot\n", | |
| " ExecStartPre=/usr/bin/bash -c \"until curl -C - -o /tmp/bootstrap.tar.xz https://downloads.mesosphere.com/dcos/stable/bootstrap/${BOOTSTRAP_ID}.bootstrap.tar.xz; do echo 'failed to download'; sleep 5; done\"\n", | |
| " ExecStartPre=/usr/bin/mkdir -p /opt/mesosphere\n", | |
| " ExecStart=/usr/bin/tar -axf /tmp/bootstrap.tar.xz -C /opt/mesosphere\n", | |
| " ExecStartPost=-/usr/bin/rm -f /tmp/bootstrap.tar.xz\n", | |
| " \"name\": |-\n", | |
| " dcos-download.service\n", | |
| " - \"command\": |-\n", | |
| " start\n", | |
| " \"content\": |-\n", | |
| " [Unit]\n", | |
| " Description=Prep the Pkgpanda working directories for this host.\n", | |
| " Requires=dcos-download.service\n", | |
| " After=dcos-download.service\n", | |
| " [Service]\n", | |
| " Type=oneshot\n", | |
| " EnvironmentFile=/opt/mesosphere/environment\n", | |
| " ExecStart=/opt/mesosphere/bin/pkgpanda setup --no-block-systemd\n", | |
| " [Install]\n", | |
| " WantedBy=multi-user.target\n", | |
| " \"enable\": !!bool |-\n", | |
| " true\n", | |
| " \"name\": |-\n", | |
| " dcos-setup.service\n", | |
| " - \"command\": |-\n", | |
| " start\n", | |
| " \"content\": |-\n", | |
| " [Unit]\n", | |
| " Description=Signal CloudFormation Success\n", | |
| " After=dcos.target\n", | |
| " Requires=dcos.target\n", | |
| " ConditionPathExists=!/var/lib/dcos-cfn-signal\n", | |
| " [Service]\n", | |
| " Type=simple\n", | |
| " Restart=on-failure\n", | |
| " StartLimitInterval=0\n", | |
| " RestartSec=15s\n", | |
| " ExecStartPre=/usr/bin/docker pull mbabineau/cfn-bootstrap\n", | |
| " ExecStartPre=/bin/ping -c1 leader.mesos\n", | |
| " ExecStartPre=/usr/bin/docker run --rm mbabineau/cfn-bootstrap \\\n", | |
| " cfn-signal -e 0 \\\n", | |
| " --resource MasterServerGroup \\\n", | |
| " --stack ", | |
| { | |
| "Ref": "AWS::StackName" | |
| }, | |
| " \\", | |
| "\n", | |
| " --region ", | |
| { | |
| "Ref": "AWS::Region" | |
| }, | |
| "", | |
| "\n", | |
| " ExecStart=/usr/bin/touch /var/lib/dcos-cfn-signal\n", | |
| " \"name\": |-\n", | |
| " dcos-cfn-signal.service\n", | |
| " \"update\":\n", | |
| " \"reboot-strategy\": |-\n", | |
| " off\n", | |
| "\"write_files\":\n", | |
| "- \"content\": |\n", | |
| " {\n", | |
| " \"environment\": {\n", | |
| " \"PROVIDER\": \"aws\"\n", | |
| " }\n", | |
| " }\n", | |
| " \"path\": |-\n", | |
| " /etc/mesosphere/setup-packages/dcos-provider-aws--setup/pkginfo.json\n", | |
| "- \"content\": |\n", | |
| " AWS_REGION=", | |
| { | |
| "Ref": "AWS::Region" | |
| }, | |
| "", | |
| "\n", | |
| " AWS_STACK_ID=", | |
| { | |
| "Ref": "AWS::StackId" | |
| }, | |
| "", | |
| "\n", | |
| " AWS_STACK_NAME=", | |
| { | |
| "Ref": "AWS::StackName" | |
| }, | |
| "", | |
| "\n", | |
| " AWS_ACCESS_KEY_ID=", | |
| { | |
| "Ref": "HostKeys" | |
| }, | |
| "", | |
| "\n", | |
| " AWS_SECRET_ACCESS_KEY=", | |
| { | |
| "Fn::GetAtt": [ | |
| "HostKeys", | |
| "SecretAccessKey" | |
| ] | |
| }, | |
| "", | |
| "\n", | |
| " ZOOKEEPER_CLUSTER_SIZE=1\n", | |
| " MASTER_ELB=", | |
| { | |
| "Fn::GetAtt": [ | |
| "InternalMasterLoadBalancer", | |
| "DNSName" | |
| ] | |
| }, | |
| "", | |
| "\n", | |
| " EXTERNAL_ELB=", | |
| { | |
| "Fn::GetAtt": [ | |
| "ElasticLoadBalancer", | |
| "DNSName" | |
| ] | |
| }, | |
| "", | |
| "\n", | |
| " # Must set FALLBACK_DNS to an AWS region-specific DNS server which returns\n", | |
| " # the internal IP when doing lookups on AWS public hostnames.\n", | |
| " FALLBACK_DNS=10.0.0.2\n", | |
| " \"path\": |-\n", | |
| " /etc/mesosphere/setup-packages/dcos-provider-aws--setup/etc/cloudenv\n", | |
| "- \"content\": |\n", | |
| " MESOS_CLUSTER=", | |
| { | |
| "Ref": "AWS::StackName" | |
| }, | |
| "", | |
| "\n", | |
| " \"path\": |-\n", | |
| " /etc/mesosphere/setup-packages/dcos-provider-aws--setup/etc/mesos-master-provider\n", | |
| "- \"content\": |\n", | |
| " AWS_S3_BUCKET=", | |
| { | |
| "Ref": "ExhibitorS3Bucket" | |
| }, | |
| "", | |
| "\n", | |
| " AWS_S3_PREFIX=", | |
| { | |
| "Ref": "AWS::StackName" | |
| }, | |
| "", | |
| "\n", | |
| " EXHIBITOR_WEB_UI_PORT=8181\n", | |
| " \"path\": |-\n", | |
| " /etc/mesosphere/setup-packages/dcos-provider-aws--setup/etc/exhibitor\n", | |
| "- \"content\": |\n", | |
| " https://downloads.mesosphere.com/dcos/stable\n", | |
| " \"owner\": |-\n", | |
| " root\n", | |
| " \"path\": |-\n", | |
| " /etc/mesosphere/setup-flags/repository-url\n", | |
| " \"permissions\": !!int |-\n", | |
| " 420\n", | |
| "- \"content\": |\n", | |
| " BOOTSTRAP_ID=6a317468b62ec6aba76932e6953bf6b7fd6c34d4\n", | |
| " \"owner\": |-\n", | |
| " root\n", | |
| " \"path\": |-\n", | |
| " /etc/mesosphere/setup-flags/bootstrap-id\n", | |
| " \"permissions\": !!int |-\n", | |
| " 420\n", | |
| "- \"content\": |-\n", | |
| " [\"dcos-config--setup_891e9ea371b5e8c03854155caed8ff8d8f91b815\", \"dcos-detect-ip--setup_891e9ea371b5e8c03854155caed8ff8d8f91b815\"]\n", | |
| " \"owner\": |-\n", | |
| " root\n", | |
| " \"path\": |-\n", | |
| " /etc/mesosphere/setup-flags/cluster-packages.json\n", | |
| " \"permissions\": !!int |-\n", | |
| " 420\n", | |
| "- \"content\": \"\"\n", | |
| " \"path\": |-\n", | |
| " /etc/mesosphere/roles/master\n", | |
| "- \"content\": \"\"\n", | |
| " \"path\": |-\n", | |
| " /etc/mesosphere/roles/aws_master\n", | |
| "- \"content\": \"\"\n", | |
| " \"path\": |-\n", | |
| " /etc/mesosphere/roles/aws\n" | |
| ] | |
| ] | |
| } | |
| }, | |
| "AssociatePublicIpAddress": "true" | |
| } | |
| }, | |
| "IAMUser": { | |
| "Type": "AWS::IAM::User", | |
| "Properties": { | |
| "Policies": [ | |
| { | |
| "PolicyDocument": { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Effect": "Allow", | |
| "Resource": [ | |
| { | |
| "Fn::Join": [ | |
| "", | |
| [ | |
| "arn:aws:s3:::", | |
| { | |
| "Ref": "ExhibitorS3Bucket" | |
| }, | |
| "/*" | |
| ] | |
| ] | |
| }, | |
| { | |
| "Fn::Join": [ | |
| "", | |
| [ | |
| "arn:aws:s3:::", | |
| { | |
| "Ref": "ExhibitorS3Bucket" | |
| } | |
| ] | |
| ] | |
| } | |
| ], | |
| "Action": [ | |
| "s3:AbortMultipartUpload", | |
| "s3:DeleteObject", | |
| "s3:GetBucketAcl", | |
| "s3:GetBucketPolicy", | |
| "s3:GetObject", | |
| "s3:GetObjectAcl", | |
| "s3:ListBucket", | |
| "s3:ListBucketMultipartUploads", | |
| "s3:ListMultipartUploadParts", | |
| "s3:PutObject", | |
| "s3:PutObjectAcl" | |
| ] | |
| }, | |
| { | |
| "Effect": "Allow", | |
| "Resource": [ | |
| { | |
| "Ref": "AWS::StackId" | |
| }, | |
| { | |
| "Fn::Join": [ | |
| "", | |
| [ | |
| { | |
| "Ref": "AWS::StackId" | |
| }, | |
| "/*" | |
| ] | |
| ] | |
| } | |
| ], | |
| "Action": [ | |
| "cloudformation:*" | |
| ] | |
| }, | |
| { | |
| "Effect": "Allow", | |
| "Resource": "*", | |
| "Action": [ | |
| "ec2:DescribeKeyPairs", | |
| "ec2:DescribeSubnets", | |
| "autoscaling:DescribeLaunchConfigurations", | |
| "autoscaling:UpdateAutoScalingGroup", | |
| "autoscaling:DescribeAutoScalingGroups", | |
| "autoscaling:DescribeScalingActivities", | |
| "elasticloadbalancing:DescribeLoadBalancers" | |
| ] | |
| } | |
| ] | |
| }, | |
| "PolicyName": "root" | |
| } | |
| ] | |
| } | |
| } | |
| }, | |
| "Description": "Launching the Mesosphere DCOS cluster", | |
| "AWSTemplateFormatVersion": "2010-09-09", | |
| "Parameters": { | |
| "KeyName": { | |
| "Description": "Name of SSH key to link", | |
| "Type": "AWS::EC2::KeyPair::KeyName" | |
| }, | |
| "AdminLocation": { | |
| "ConstraintDescription": "must be a valid CIDR.", | |
| "MaxLength": "18", | |
| "Default": "0.0.0.0/0", | |
| "MinLength": "9", | |
| "Description": "The IP range to whitelist for admin access.", | |
| "AllowedPattern": "^([0-9]+\\.){3}[0-9]+\\/[0-9]+$", | |
| "Type": "String" | |
| }, | |
| "SlaveInstanceCount": { | |
| "Description": "Number of slave nodes to launch", | |
| "Type": "Number", | |
| "Default": "5" | |
| }, | |
| "PublicSlaveInstanceCount": { | |
| "Description": "Number of public slave nodes to launch", | |
| "Type": "Number", | |
| "Default": "1" | |
| }, | |
| "AcceptEULA": { | |
| "AllowedValues": [ | |
| "Yes" | |
| ], | |
| "Description": "Please read and agree to our EULA: https://docs.mesosphere.com/community-edition-eula/", | |
| "Type": "String" | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment