Last active
September 18, 2017 16:16
-
-
Save lrakai/a0831f50b5ecc603a030155a7fc18051 to your computer and use it in GitHub Desktop.
DC/OS CloudFormation Template
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"Outputs": { | |
"PublicSlaveDnsAddress": { | |
"Value": { | |
"Fn::GetAtt": [ | |
"PublicSlaveLoadBalancer", | |
"DNSName" | |
] | |
}, | |
"Description": "Public slaves" | |
}, | |
"ExhibitorS3Bucket": { | |
"Value": { | |
"Ref": "ExhibitorS3Bucket" | |
}, | |
"Description": "Exhibitor S3 bucket name" | |
}, | |
"DnsAddress": { | |
"Value": { | |
"Fn::GetAtt": [ | |
"ElasticLoadBalancer", | |
"DNSName" | |
] | |
}, | |
"Description": "Mesos Master" | |
} | |
}, | |
"AWSTemplateFormatVersion": "2010-09-09", | |
"Resources": { | |
"PrivateOutboundNetworkAclEntry": { | |
"Type": "AWS::EC2::NetworkAclEntry", | |
"Properties": { | |
"RuleAction": "allow", | |
"NetworkAclId": { | |
"Ref": "PrivateNetworkAcl" | |
}, | |
"PortRange": { | |
"To": "65535", | |
"From": "0" | |
}, | |
"CidrBlock": "0.0.0.0/0", | |
"RuleNumber": "100", | |
"Egress": "true", | |
"Protocol": "-1" | |
} | |
}, | |
"SlaveToMasterLBIngress": { | |
"Type": "AWS::EC2::SecurityGroupIngress", | |
"Properties": { | |
"FromPort": "2181", | |
"GroupId": { | |
"Ref": "LbSecurityGroup" | |
}, | |
"SourceSecurityGroupId": { | |
"Ref": "SlaveSecurityGroup" | |
}, | |
"IpProtocol": "tcp", | |
"ToPort": "2181" | |
} | |
}, | |
"SlaveToPublicSlaveIngress": { | |
"Type": "AWS::EC2::SecurityGroupIngress", | |
"Properties": { | |
"FromPort": "0", | |
"GroupId": { | |
"Ref": "PublicSlaveSecurityGroup" | |
}, | |
"SourceSecurityGroupId": { | |
"Ref": "SlaveSecurityGroup" | |
}, | |
"IpProtocol": "-1", | |
"ToPort": "65535" | |
} | |
}, | |
"SlaveToMasterIngress": { | |
"Type": "AWS::EC2::SecurityGroupIngress", | |
"Properties": { | |
"FromPort": "0", | |
"GroupId": { | |
"Ref": "MasterSecurityGroup" | |
}, | |
"SourceSecurityGroupId": { | |
"Ref": "SlaveSecurityGroup" | |
}, | |
"IpProtocol": "-1", | |
"ToPort": "65535" | |
} | |
}, | |
"MasterLaunchConfig": { | |
"Type": "AWS::AutoScaling::LaunchConfiguration", | |
"Properties": { | |
"IamInstanceProfile": { | |
"Ref": "MasterInstanceProfile" | |
}, | |
"SecurityGroups": [ | |
{ | |
"Ref": "MasterSecurityGroup" | |
}, | |
{ | |
"Ref": "AdminSecurityGroup" | |
} | |
], | |
"KeyName": { | |
"Ref": "KeyName" | |
}, | |
"AssociatePublicIpAddress": "true", | |
"ImageId": { | |
"Fn::FindInMap": [ | |
"RegionToAmi", | |
{ | |
"Ref": "AWS::Region" | |
}, | |
"stable" | |
] | |
}, | |
"UserData": { | |
"Fn::Base64": { | |
"Fn::Join": [ | |
"", | |
[ | |
"#cloud-config", | |
"\n", | |
"\"coreos\":", | |
"\n", | |
" \"units\":", | |
"\n", | |
" - \"command\": |-", | |
"\n", | |
" start", | |
"\n", | |
" \"content\": |", | |
"\n", | |
" [Unit]", | |
"\n", | |
" Description=AWS Setup: Formats the /var/lib ephemeral drive", | |
"\n", | |
" Before=var-lib.mount dbus.service", | |
"\n", | |
" [Service]", | |
"\n", | |
" Type=oneshot", | |
"\n", | |
" RemainAfterExit=yes", | |
"\n", | |
" ExecStart=/bin/bash -c \"(blkid -t TYPE=ext4 | grep xvdb) || (/usr/sbin/mkfs.ext4 -F /dev/xvdb)\"", | |
"\n", | |
" \"name\": |-", | |
"\n", | |
" format-var-lib-ephemeral.service", | |
"\n", | |
" - \"command\": |-", | |
"\n", | |
" start", | |
"\n", | |
" \"content\": |", | |
"\n", | |
" [Unit]", | |
"\n", | |
" Description=AWS Setup: Mount /var/lib", | |
"\n", | |
" Before=dbus.service", | |
"\n", | |
" [Mount]", | |
"\n", | |
" What=/dev/xvdb", | |
"\n", | |
" Where=/var/lib", | |
"\n", | |
" Type=ext4", | |
"\n", | |
" \"name\": |-", | |
"\n", | |
" var-lib.mount", | |
"\n", | |
" - \"command\": |-", | |
"\n", | |
" stop", | |
"\n", | |
" \"mask\": !!bool |-", | |
"\n", | |
" true", | |
"\n", | |
" \"name\": |-", | |
"\n", | |
" etcd.service", | |
"\n", | |
" - \"command\": |-", | |
"\n", | |
" stop", | |
"\n", | |
" \"mask\": !!bool |-", | |
"\n", | |
" true", | |
"\n", | |
" \"name\": |-", | |
"\n", | |
" update-engine.service", | |
"\n", | |
" - \"command\": |-", | |
"\n", | |
" stop", | |
"\n", | |
" \"mask\": !!bool |-", | |
"\n", | |
" true", | |
"\n", | |
" \"name\": |-", | |
"\n", | |
" locksmithd.service", | |
"\n", | |
" - \"command\": |-", | |
"\n", | |
" stop", | |
"\n", | |
" \"name\": |-", | |
"\n", | |
" systemd-resolved.service", | |
"\n", | |
" - \"command\": |-", | |
"\n", | |
" restart", | |
"\n", | |
" \"name\": |-", | |
"\n", | |
" systemd-journald.service", | |
"\n", | |
" - \"command\": |-", | |
"\n", | |
" restart", | |
"\n", | |
" \"name\": |-", | |
"\n", | |
" docker.service", | |
"\n", | |
" - \"command\": |-", | |
"\n", | |
" start", | |
"\n", | |
" \"content\": |", | |
"\n", | |
" [Unit]", | |
"\n", | |
" Before=dcos.target", | |
"\n", | |
" [Service]", | |
"\n", | |
" Type=oneshot", | |
"\n", | |
" StandardOutput=journal+console", | |
"\n", | |
" StandardError=journal+console", | |
"\n", | |
" ExecStartPre=/usr/bin/mkdir -p /etc/profile.d", | |
"\n", | |
" ExecStart=/usr/bin/ln -sf /opt/mesosphere/bin/add_dcos_path.sh /etc/profile.d/dcos.sh", | |
"\n", | |
" \"name\": |-", | |
"\n", | |
" dcos-link-env.service", | |
"\n", | |
" - \"content\": |", | |
"\n", | |
" [Unit]", | |
"\n", | |
" Description=Pkgpanda: Download DC/OS to this host.", | |
"\n", | |
" After=network-online.target", | |
"\n", | |
" Wants=network-online.target", | |
"\n", | |
" ConditionPathExists=!/opt/mesosphere/", | |
"\n", | |
" [Service]", | |
"\n", | |
" Type=oneshot", | |
"\n", | |
" StandardOutput=journal+console", | |
"\n", | |
" StandardError=journal+console", | |
"\n", | |
" ExecStartPre=/usr/bin/curl --keepalive-time 2 -fLsSv --retry 20 -Y 100000 -y 60 -o /tmp/bootstrap.tar.xz https://downloads.dcos.io/dcos/stable/bootstrap/4d92536e7381176206e71ee15b5ffe454439920c.bootstrap.tar.xz", | |
"\n", | |
" ExecStartPre=/usr/bin/mkdir -p /opt/mesosphere", | |
"\n", | |
" ExecStart=/usr/bin/tar -axf /tmp/bootstrap.tar.xz -C /opt/mesosphere", | |
"\n", | |
" ExecStartPost=-/usr/bin/rm -f /tmp/bootstrap.tar.xz", | |
"\n", | |
" \"name\": |-", | |
"\n", | |
" dcos-download.service", | |
"\n", | |
" - \"command\": |-", | |
"\n", | |
" start", | |
"\n", | |
" \"content\": |", | |
"\n", | |
" [Unit]", | |
"\n", | |
" Description=Pkgpanda: Specialize DC/OS for this host.", | |
"\n", | |
" Requires=dcos-download.service", | |
"\n", | |
" After=dcos-download.service", | |
"\n", | |
" [Service]", | |
"\n", | |
" Type=oneshot", | |
"\n", | |
" StandardOutput=journal+console", | |
"\n", | |
" StandardError=journal+console", | |
"\n", | |
" EnvironmentFile=/opt/mesosphere/environment", | |
"\n", | |
" ExecStart=/opt/mesosphere/bin/pkgpanda setup --no-block-systemd", | |
"\n", | |
" [Install]", | |
"\n", | |
" WantedBy=multi-user.target", | |
"\n", | |
" \"enable\": !!bool |-", | |
"\n", | |
" true", | |
"\n", | |
" \"name\": |-", | |
"\n", | |
" dcos-setup.service", | |
"\n", | |
" \"no_block\": !!bool |-", | |
"\n", | |
" true", | |
"\n", | |
" - \"command\": |-", | |
"\n", | |
" start", | |
"\n", | |
" \"content\": |-", | |
"\n", | |
" [Unit]", | |
"\n", | |
" Description=AWS Setup: Signal CloudFormation Success", | |
"\n", | |
" ConditionPathExists=!/var/lib/dcos-cfn-signal", | |
"\n", | |
" [Service]", | |
"\n", | |
" Type=simple", | |
"\n", | |
" Restart=on-failure", | |
"\n", | |
" StartLimitInterval=0", | |
"\n", | |
" RestartSec=15s", | |
"\n", | |
" EnvironmentFile=/opt/mesosphere/environment", | |
"\n", | |
" EnvironmentFile=/opt/mesosphere/etc/cfn_signal_metadata", | |
"\n", | |
" Environment=\"AWS_CFN_SIGNAL_THIS_RESOURCE=MasterServerGroup\"", | |
"\n", | |
" ExecStartPre=/bin/ping -c1 leader.mesos", | |
"\n", | |
" ExecStartPre=/opt/mesosphere/bin/cfn-signal", | |
"\n", | |
" ExecStart=/usr/bin/touch /var/lib/dcos-cfn-signal", | |
"\n", | |
" \"name\": |-", | |
"\n", | |
" dcos-cfn-signal.service", | |
"\n", | |
" \"no_block\": !!bool |-", | |
"\n", | |
" true", | |
"\n", | |
" \"update\":", | |
"\n", | |
" \"reboot-strategy\": |-", | |
"\n", | |
" off", | |
"\n", | |
"\"write_files\":", | |
"\n", | |
"- \"content\": |", | |
"\n", | |
" https://downloads.dcos.io/dcos/stable", | |
"\n", | |
" \"owner\": |-", | |
"\n", | |
" root", | |
"\n", | |
" \"path\": |-", | |
"\n", | |
" /etc/mesosphere/setup-flags/repository-url", | |
"\n", | |
" \"permissions\": |-", | |
"\n", | |
" 0644", | |
"\n", | |
"- \"content\": |", | |
"\n", | |
" ", | |
{ | |
"Fn::FindInMap": [ | |
"ClusterPackagesJson", | |
"default", | |
"default" | |
] | |
}, | |
"\n", | |
" \"owner\": |-", | |
"\n", | |
" root", | |
"\n", | |
" \"path\": |-", | |
"\n", | |
" /etc/mesosphere/setup-flags/cluster-packages.json", | |
"\n", | |
" \"permissions\": |-", | |
"\n", | |
" 0644", | |
"\n", | |
"- \"content\": |", | |
"\n", | |
" [Journal]", | |
"\n", | |
" MaxLevelConsole=warning", | |
"\n", | |
" RateLimitInterval=1s", | |
"\n", | |
" RateLimitBurst=20000", | |
"\n", | |
" \"owner\": |-", | |
"\n", | |
" root", | |
"\n", | |
" \"path\": |-", | |
"\n", | |
" /etc/systemd/journald.conf.d/dcos.conf", | |
"\n", | |
" \"permissions\": |-", | |
"\n", | |
" 0644", | |
"\n", | |
"- \"content\": |", | |
"\n", | |
" libstorage:", | |
"\n", | |
" integration:", | |
"\n", | |
" volume:", | |
"\n", | |
" operations:", | |
"\n", | |
" unmount:", | |
"\n", | |
" ignoreusedcount: true", | |
"\n", | |
" server:", | |
"\n", | |
" tasks:", | |
"\n", | |
" logTimeout: 5m", | |
"\n", | |
" rexray:", | |
"\n", | |
" loglevel: info", | |
"\n", | |
" service: ebs", | |
"\n", | |
" \"path\": |-", | |
"\n", | |
" /etc/rexray/config.yml", | |
"\n", | |
" \"permissions\": |-", | |
"\n", | |
" 0644", | |
"\n", | |
"- \"content\": |", | |
"\n", | |
" \"bound_values\":", | |
"\n", | |
" \"adminrouter_auth_enabled\": |-", | |
"\n", | |
" ", | |
{ | |
"Ref": "OAuthEnabled" | |
}, | |
"\n", | |
" \"agent_role\": |-", | |
"\n", | |
" ", | |
{ | |
"Ref": "SlaveRole" | |
}, | |
"\n", | |
" \"aws_region\": |-", | |
"\n", | |
" ", | |
{ | |
"Ref": "AWS::Region" | |
}, | |
"\n", | |
" \"aws_stack_id\": |-", | |
"\n", | |
" ", | |
{ | |
"Ref": "AWS::StackId" | |
}, | |
"\n", | |
" \"aws_stack_name\": |-", | |
"\n", | |
" ", | |
{ | |
"Ref": "AWS::StackName" | |
}, | |
"\n", | |
" \"cluster_name\": |-", | |
"\n", | |
" ", | |
{ | |
"Ref": "AWS::StackName" | |
}, | |
"\n", | |
" \"exhibitor_address\": |-", | |
"\n", | |
" ", | |
{ | |
"Fn::GetAtt": [ | |
"InternalMasterLoadBalancer", | |
"DNSName" | |
] | |
}, | |
"\n", | |
" \"master_external_loadbalancer\": |-", | |
"\n", | |
" ", | |
{ | |
"Fn::GetAtt": [ | |
"ElasticLoadBalancer", | |
"DNSName" | |
] | |
}, | |
"\n", | |
" \"master_role\": |-", | |
"\n", | |
" ", | |
{ | |
"Ref": "MasterRole" | |
}, | |
"\n", | |
" \"oauth_enabled\": |-", | |
"\n", | |
" ", | |
{ | |
"Ref": "OAuthEnabled" | |
}, | |
"\n", | |
" \"s3_bucket\": |-", | |
"\n", | |
" ", | |
{ | |
"Ref": "ExhibitorS3Bucket" | |
}, | |
"\n", | |
" \"s3_prefix\": |-", | |
"\n", | |
" ", | |
{ | |
"Ref": "AWS::StackName" | |
}, | |
"\n", | |
" \"late_bound_package_id\": |-", | |
"\n", | |
" dcos-provider-d32e054e113b14d97841dd13b974a222976a8d62-aws--setup", | |
"\n", | |
" \"owner\": |-", | |
"\n", | |
" root", | |
"\n", | |
" \"path\": |-", | |
"\n", | |
" /etc/mesosphere/setup-flags/late-config.yaml", | |
"\n", | |
" \"permissions\": |-", | |
"\n", | |
" 0644", | |
"\n", | |
"- \"content\": \"\"", | |
"\n", | |
" \"path\": |-", | |
"\n", | |
" /etc/mesosphere/roles/master", | |
"\n", | |
"- \"content\": \"\"", | |
"\n", | |
" \"path\": |-", | |
"\n", | |
" /etc/mesosphere/roles/aws_master", | |
"\n", | |
"- \"content\": \"\"", | |
"\n", | |
" \"path\": |-", | |
"\n", | |
" /etc/mesosphere/roles/aws", | |
"\n" | |
] | |
] | |
} | |
}, | |
"EbsOptimized": { | |
"Ref": "EbsOptimizedNodes" | |
}, | |
"BlockDeviceMappings": [ | |
{ | |
"DeviceName": "/dev/sdb", | |
"VirtualName": "ephemeral0" | |
} | |
], | |
"InstanceType": { | |
"Ref": "MasterInstanceType" | |
} | |
} | |
}, | |
"PublicSlaveToSlaveIngress": { | |
"Type": "AWS::EC2::SecurityGroupIngress", | |
"Properties": { | |
"FromPort": "0", | |
"GroupId": { | |
"Ref": "SlaveSecurityGroup" | |
}, | |
"SourceSecurityGroupId": { | |
"Ref": "PublicSlaveSecurityGroup" | |
}, | |
"IpProtocol": "-1", | |
"ToPort": "65535" | |
} | |
}, | |
"OutboundNetworkAclEntry": { | |
"Type": "AWS::EC2::NetworkAclEntry", | |
"Properties": { | |
"RuleAction": "allow", | |
"NetworkAclId": { | |
"Ref": "PublicNetworkAcl" | |
}, | |
"PortRange": { | |
"To": "65535", | |
"From": "0" | |
}, | |
"CidrBlock": "0.0.0.0/0", | |
"RuleNumber": "100", | |
"Egress": "true", | |
"Protocol": "-1" | |
} | |
}, | |
"PublicSlaveIngressSix": { | |
"Type": "AWS::EC2::SecurityGroupIngress", | |
"Properties": { | |
"FromPort": "5052", | |
"GroupId": { | |
"Ref": "PublicSlaveSecurityGroup" | |
}, | |
"CidrIp": "0.0.0.0/0", | |
"IpProtocol": "udp", | |
"ToPort": "32000" | |
} | |
}, | |
"NATInstance": { | |
"Type": "AWS::EC2::Instance", | |
"Properties": { | |
"IamInstanceProfile" : { | |
"Ref": "NatInstanceProfile" | |
}, | |
"NetworkInterfaces": [ | |
{ | |
"DeleteOnTermination": "true", | |
"AssociatePublicIpAddress": "true", | |
"GroupSet": [ | |
{ | |
"Ref": "SlaveSecurityGroup" | |
}, | |
{ | |
"Ref": "MasterSecurityGroup" | |
}, | |
{ | |
"Ref": "AdminSecurityGroup" | |
} | |
], | |
"DeviceIndex": "0", | |
"SubnetId": { | |
"Ref": "PublicSubnet" | |
} | |
} | |
], | |
"InstanceType": "m3.medium", | |
"ImageId": { | |
"Fn::FindInMap": [ | |
"NATAmi", | |
{ | |
"Ref": "AWS::Region" | |
}, | |
"default" | |
] | |
}, | |
"SourceDestCheck": "false", | |
"KeyName": { | |
"Ref": "KeyName" | |
}, | |
"Tags": [ | |
{ | |
"Key": "Name", | |
"Value": "NAT Instance" | |
} | |
] | |
}, | |
"DependsOn": "GatewayToInternet" | |
}, | |
"PublicSlaveIngressOne": { | |
"Type": "AWS::EC2::SecurityGroupIngress", | |
"Properties": { | |
"FromPort": "0", | |
"GroupId": { | |
"Ref": "PublicSlaveSecurityGroup" | |
}, | |
"CidrIp": "0.0.0.0/0", | |
"IpProtocol": "tcp", | |
"ToPort": "21" | |
} | |
}, | |
"MasterServerGroup": { | |
"Type": "AWS::AutoScaling::AutoScalingGroup", | |
"CreationPolicy": { | |
"ResourceSignal": { | |
"Count": 1, | |
"Timeout": { | |
"Fn::FindInMap": [ | |
"Parameters", | |
"StackCreationTimeout", | |
"default" | |
] | |
} | |
} | |
}, | |
"Properties": { | |
"MinSize": "1", | |
"LaunchConfigurationName": { | |
"Ref": "MasterLaunchConfig" | |
}, | |
"MaxSize": "1", | |
"DesiredCapacity": "1", | |
"Tags": [ | |
{ | |
"PropagateAtLaunch": "true", | |
"Key": "role", | |
"Value": "mesos-master" | |
}, | |
{ | |
"PropagateAtLaunch": "true", | |
"Key": "Name", | |
"Value": "Master" | |
} | |
], | |
"VPCZoneIdentifier": [ | |
{ | |
"Ref": "PublicSubnet" | |
} | |
], | |
"AvailabilityZones": [ | |
{ | |
"Fn::GetAtt": [ | |
"PublicSubnet", | |
"AvailabilityZone" | |
] | |
} | |
], | |
"LoadBalancerNames": [ | |
{ | |
"Ref": "ElasticLoadBalancer" | |
}, | |
{ | |
"Ref": "InternalMasterLoadBalancer" | |
} | |
] | |
}, | |
"DependsOn": "GatewayToInternet" | |
}, | |
"PublicSubnetRouteTableAssociation": { | |
"Type": "AWS::EC2::SubnetRouteTableAssociation", | |
"Properties": { | |
"RouteTableId": { | |
"Ref": "PublicRouteTable" | |
}, | |
"SubnetId": { | |
"Ref": "PublicSubnet" | |
} | |
} | |
}, | |
"PublicNetworkAcl": { | |
"Type": "AWS::EC2::NetworkAcl", | |
"Properties": { | |
"Tags": [ | |
{ | |
"Key": "Application", | |
"Value": { | |
"Ref": "AWS::StackName" | |
} | |
}, | |
{ | |
"Key": "Network", | |
"Value": "Public" | |
} | |
], | |
"VpcId": { | |
"Ref": "Vpc" | |
} | |
} | |
}, | |
"PrivateSubnetNetworkAclAssociation": { | |
"Type": "AWS::EC2::SubnetNetworkAclAssociation", | |
"Properties": { | |
"NetworkAclId": { | |
"Ref": "PrivateNetworkAcl" | |
}, | |
"SubnetId": { | |
"Ref": "PrivateSubnet" | |
} | |
} | |
}, | |
"PrivateInboundNetworkAclEntry": { | |
"Type": "AWS::EC2::NetworkAclEntry", | |
"Properties": { | |
"RuleAction": "allow", | |
"NetworkAclId": { | |
"Ref": "PrivateNetworkAcl" | |
}, | |
"PortRange": { | |
"To": "65535", | |
"From": "0" | |
}, | |
"CidrBlock": "0.0.0.0/0", | |
"RuleNumber": "100", | |
"Egress": "false", | |
"Protocol": "-1" | |
} | |
}, | |
"ExhibitorS3Bucket": { | |
"Type": "AWS::S3::Bucket" | |
}, | |
"ExhibitorS3BucketPolicy": { | |
"Type": "AWS::S3::BucketPolicy", | |
"Properties": { | |
"Bucket": { | |
"Ref": "ExhibitorS3Bucket" | |
}, | |
"PolicyDocument": { | |
"Statement": [ | |
{ | |
"Action": [ | |
"s3:GetObject" | |
], | |
"Effect": "Allow", | |
"Resource": { | |
"Fn::Join": [ | |
"", | |
[ | |
"arn:aws:s3:::", | |
{ | |
"Ref": "ExhibitorS3Bucket" | |
}, | |
"/*" | |
] | |
] | |
}, | |
"Principal": "*" | |
} | |
] | |
} | |
} | |
}, | |
"PublicRoute": { | |
"Type": "AWS::EC2::Route", | |
"Properties": { | |
"RouteTableId": { | |
"Ref": "PublicRouteTable" | |
}, | |
"DestinationCidrBlock": "0.0.0.0/0", | |
"GatewayId": { | |
"Ref": "InternetGateway" | |
} | |
}, | |
"DependsOn": "GatewayToInternet" | |
}, | |
"PublicSlaveLaunchConfig": { | |
"Type": "AWS::AutoScaling::LaunchConfiguration", | |
"Properties": { | |
"IamInstanceProfile": { | |
"Ref": "SlaveInstanceProfile" | |
}, | |
"SecurityGroups": [ | |
{ | |
"Ref": "PublicSlaveSecurityGroup" | |
} | |
], | |
"KeyName": { | |
"Ref": "KeyName" | |
}, | |
"AssociatePublicIpAddress": "true", | |
"ImageId": { | |
"Fn::FindInMap": [ | |
"RegionToAmi", | |
{ | |
"Ref": "AWS::Region" | |
}, | |
"stable" | |
] | |
}, | |
"UserData": { | |
"Fn::Base64": { | |
"Fn::Join": [ | |
"", | |
[ | |
"#cloud-config", | |
"\n", | |
"\"coreos\":", | |
"\n", | |
" \"units\":", | |
"\n", | |
" - \"command\": |-", | |
"\n", | |
" start", | |
"\n", | |
" \"content\": |", | |
"\n", | |
" [Unit]", | |
"\n", | |
" Description=AWS Setup: Formats the /var/lib ephemeral drive", | |
"\n", | |
" Before=var-lib.mount dbus.service", | |
"\n", | |
" [Service]", | |
"\n", | |
" Type=oneshot", | |
"\n", | |
" RemainAfterExit=yes", | |
"\n", | |
" ExecStart=/bin/bash -c \"(blkid -t TYPE=ext4 | grep xvdb) || (/usr/sbin/mkfs.ext4 -F /dev/xvdb)\"", | |
"\n", | |
" \"name\": |-", | |
"\n", | |
" format-var-lib-ephemeral.service", | |
"\n", | |
" - \"command\": |-", | |
"\n", | |
" start", | |
"\n", | |
" \"content\": |", | |
"\n", | |
" [Unit]", | |
"\n", | |
" Description=AWS Setup: Mount /var/lib", | |
"\n", | |
" Before=dbus.service", | |
"\n", | |
" [Mount]", | |
"\n", | |
" What=/dev/xvdb", | |
"\n", | |
" Where=/var/lib", | |
"\n", | |
" Type=ext4", | |
"\n", | |
" \"name\": |-", | |
"\n", | |
" var-lib.mount", | |
"\n", | |
" - \"command\": |-", | |
"\n", | |
" stop", | |
"\n", | |
" \"mask\": !!bool |-", | |
"\n", | |
" true", | |
"\n", | |
" \"name\": |-", | |
"\n", | |
" etcd.service", | |
"\n", | |
" - \"command\": |-", | |
"\n", | |
" stop", | |
"\n", | |
" \"mask\": !!bool |-", | |
"\n", | |
" true", | |
"\n", | |
" \"name\": |-", | |
"\n", | |
" update-engine.service", | |
"\n", | |
" - \"command\": |-", | |
"\n", | |
" stop", | |
"\n", | |
" \"mask\": !!bool |-", | |
"\n", | |
" true", | |
"\n", | |
" \"name\": |-", | |
"\n", | |
" locksmithd.service", | |
"\n", | |
" - \"command\": |-", | |
"\n", | |
" stop", | |
"\n", | |
" \"name\": |-", | |
"\n", | |
" systemd-resolved.service", | |
"\n", | |
" - \"command\": |-", | |
"\n", | |
" restart", | |
"\n", | |
" \"name\": |-", | |
"\n", | |
" systemd-journald.service", | |
"\n", | |
" - \"command\": |-", | |
"\n", | |
" restart", | |
"\n", | |
" \"name\": |-", | |
"\n", | |
" docker.service", | |
"\n", | |
" - \"command\": |-", | |
"\n", | |
" start", | |
"\n", | |
" \"content\": |", | |
"\n", | |
" [Unit]", | |
"\n", | |
" Before=dcos.target", | |
"\n", | |
" [Service]", | |
"\n", | |
" Type=oneshot", | |
"\n", | |
" StandardOutput=journal+console", | |
"\n", | |
" StandardError=journal+console", | |
"\n", | |
" ExecStartPre=/usr/bin/mkdir -p /etc/profile.d", | |
"\n", | |
" ExecStart=/usr/bin/ln -sf /opt/mesosphere/bin/add_dcos_path.sh /etc/profile.d/dcos.sh", | |
"\n", | |
" \"name\": |-", | |
"\n", | |
" dcos-link-env.service", | |
"\n", | |
" - \"content\": |", | |
"\n", | |
" [Unit]", | |
"\n", | |
" Description=Pkgpanda: Download DC/OS to this host.", | |
"\n", | |
" After=network-online.target", | |
"\n", | |
" Wants=network-online.target", | |
"\n", | |
" ConditionPathExists=!/opt/mesosphere/", | |
"\n", | |
" [Service]", | |
"\n", | |
" Type=oneshot", | |
"\n", | |
" StandardOutput=journal+console", | |
"\n", | |
" StandardError=journal+console", | |
"\n", | |
" ExecStartPre=/usr/bin/curl --keepalive-time 2 -fLsSv --retry 20 -Y 100000 -y 60 -o /tmp/bootstrap.tar.xz https://downloads.dcos.io/dcos/stable/bootstrap/4d92536e7381176206e71ee15b5ffe454439920c.bootstrap.tar.xz", | |
"\n", | |
" ExecStartPre=/usr/bin/mkdir -p /opt/mesosphere", | |
"\n", | |
" ExecStart=/usr/bin/tar -axf /tmp/bootstrap.tar.xz -C /opt/mesosphere", | |
"\n", | |
" ExecStartPost=-/usr/bin/rm -f /tmp/bootstrap.tar.xz", | |
"\n", | |
" \"name\": |-", | |
"\n", | |
" dcos-download.service", | |
"\n", | |
" - \"command\": |-", | |
"\n", | |
" start", | |
"\n", | |
" \"content\": |", | |
"\n", | |
" [Unit]", | |
"\n", | |
" Description=Pkgpanda: Specialize DC/OS for this host.", | |
"\n", | |
" Requires=dcos-download.service", | |
"\n", | |
" After=dcos-download.service", | |
"\n", | |
" [Service]", | |
"\n", | |
" Type=oneshot", | |
"\n", | |
" StandardOutput=journal+console", | |
"\n", | |
" StandardError=journal+console", | |
"\n", | |
" EnvironmentFile=/opt/mesosphere/environment", | |
"\n", | |
" ExecStart=/opt/mesosphere/bin/pkgpanda setup --no-block-systemd", | |
"\n", | |
" [Install]", | |
"\n", | |
" WantedBy=multi-user.target", | |
"\n", | |
" \"enable\": !!bool |-", | |
"\n", | |
" true", | |
"\n", | |
" \"name\": |-", | |
"\n", | |
" dcos-setup.service", | |
"\n", | |
" \"no_block\": !!bool |-", | |
"\n", | |
" true", | |
"\n", | |
" - \"command\": |-", | |
"\n", | |
" start", | |
"\n", | |
" \"content\": |-", | |
"\n", | |
" [Unit]", | |
"\n", | |
" Description=AWS Setup: Signal CloudFormation Success", | |
"\n", | |
" ConditionPathExists=!/var/lib/dcos-cfn-signal", | |
"\n", | |
" [Service]", | |
"\n", | |
" Type=simple", | |
"\n", | |
" Restart=on-failure", | |
"\n", | |
" StartLimitInterval=0", | |
"\n", | |
" RestartSec=15s", | |
"\n", | |
" EnvironmentFile=/opt/mesosphere/environment", | |
"\n", | |
" EnvironmentFile=/opt/mesosphere/etc/cfn_signal_metadata", | |
"\n", | |
" Environment=\"AWS_CFN_SIGNAL_THIS_RESOURCE=PublicSlaveServerGroup\"", | |
"\n", | |
" ExecStartPre=/bin/ping -c1 leader.mesos", | |
"\n", | |
" ExecStartPre=/opt/mesosphere/bin/cfn-signal", | |
"\n", | |
" ExecStart=/usr/bin/touch /var/lib/dcos-cfn-signal", | |
"\n", | |
" \"name\": |-", | |
"\n", | |
" dcos-cfn-signal.service", | |
"\n", | |
" \"no_block\": !!bool |-", | |
"\n", | |
" true", | |
"\n", | |
" \"update\":", | |
"\n", | |
" \"reboot-strategy\": |-", | |
"\n", | |
" off", | |
"\n", | |
"\"write_files\":", | |
"\n", | |
"- \"content\": |", | |
"\n", | |
" https://downloads.dcos.io/dcos/stable", | |
"\n", | |
" \"owner\": |-", | |
"\n", | |
" root", | |
"\n", | |
" \"path\": |-", | |
"\n", | |
" /etc/mesosphere/setup-flags/repository-url", | |
"\n", | |
" \"permissions\": |-", | |
"\n", | |
" 0644", | |
"\n", | |
"- \"content\": |", | |
"\n", | |
" ", | |
{ | |
"Fn::FindInMap": [ | |
"ClusterPackagesJson", | |
"default", | |
"default" | |
] | |
}, | |
"\n", | |
" \"owner\": |-", | |
"\n", | |
" root", | |
"\n", | |
" \"path\": |-", | |
"\n", | |
" /etc/mesosphere/setup-flags/cluster-packages.json", | |
"\n", | |
" \"permissions\": |-", | |
"\n", | |
" 0644", | |
"\n", | |
"- \"content\": |", | |
"\n", | |
" [Journal]", | |
"\n", | |
" MaxLevelConsole=warning", | |
"\n", | |
" RateLimitInterval=1s", | |
"\n", | |
" RateLimitBurst=20000", | |
"\n", | |
" \"owner\": |-", | |
"\n", | |
" root", | |
"\n", | |
" \"path\": |-", | |
"\n", | |
" /etc/systemd/journald.conf.d/dcos.conf", | |
"\n", | |
" \"permissions\": |-", | |
"\n", | |
" 0644", | |
"\n", | |
"- \"content\": |", | |
"\n", | |
" libstorage:", | |
"\n", | |
" integration:", | |
"\n", | |
" volume:", | |
"\n", | |
" operations:", | |
"\n", | |
" unmount:", | |
"\n", | |
" ignoreusedcount: true", | |
"\n", | |
" server:", | |
"\n", | |
" tasks:", | |
"\n", | |
" logTimeout: 5m", | |
"\n", | |
" rexray:", | |
"\n", | |
" loglevel: info", | |
"\n", | |
" service: ebs", | |
"\n", | |
" \"path\": |-", | |
"\n", | |
" /etc/rexray/config.yml", | |
"\n", | |
" \"permissions\": |-", | |
"\n", | |
" 0644", | |
"\n", | |
"- \"content\": |", | |
"\n", | |
" \"bound_values\":", | |
"\n", | |
" \"adminrouter_auth_enabled\": |-", | |
"\n", | |
" ", | |
{ | |
"Ref": "OAuthEnabled" | |
}, | |
"\n", | |
" \"agent_role\": |-", | |
"\n", | |
" ", | |
{ | |
"Ref": "SlaveRole" | |
}, | |
"\n", | |
" \"aws_region\": |-", | |
"\n", | |
" ", | |
{ | |
"Ref": "AWS::Region" | |
}, | |
"\n", | |
" \"aws_stack_id\": |-", | |
"\n", | |
" ", | |
{ | |
"Ref": "AWS::StackId" | |
}, | |
"\n", | |
" \"aws_stack_name\": |-", | |
"\n", | |
" ", | |
{ | |
"Ref": "AWS::StackName" | |
}, | |
"\n", | |
" \"cluster_name\": |-", | |
"\n", | |
" ", | |
{ | |
"Ref": "AWS::StackName" | |
}, | |
"\n", | |
" \"exhibitor_address\": |-", | |
"\n", | |
" ", | |
{ | |
"Fn::GetAtt": [ | |
"InternalMasterLoadBalancer", | |
"DNSName" | |
] | |
}, | |
"\n", | |
" \"master_external_loadbalancer\": |-", | |
"\n", | |
" ", | |
{ | |
"Fn::GetAtt": [ | |
"ElasticLoadBalancer", | |
"DNSName" | |
] | |
}, | |
"\n", | |
" \"master_role\": |-", | |
"\n", | |
" ", | |
{ | |
"Ref": "MasterRole" | |
}, | |
"\n", | |
" \"oauth_enabled\": |-", | |
"\n", | |
" ", | |
{ | |
"Ref": "OAuthEnabled" | |
}, | |
"\n", | |
" \"s3_bucket\": |-", | |
"\n", | |
" ", | |
{ | |
"Ref": "ExhibitorS3Bucket" | |
}, | |
"\n", | |
" \"s3_prefix\": |-", | |
"\n", | |
" ", | |
{ | |
"Ref": "AWS::StackName" | |
}, | |
"\n", | |
" \"late_bound_package_id\": |-", | |
"\n", | |
" dcos-provider-d32e054e113b14d97841dd13b974a222976a8d62-aws--setup", | |
"\n", | |
" \"owner\": |-", | |
"\n", | |
" root", | |
"\n", | |
" \"path\": |-", | |
"\n", | |
" /etc/mesosphere/setup-flags/late-config.yaml", | |
"\n", | |
" \"permissions\": |-", | |
"\n", | |
" 0644", | |
"\n", | |
"- \"content\": \"\"", | |
"\n", | |
" \"path\": |-", | |
"\n", | |
" /etc/mesosphere/roles/slave_public", | |
"\n", | |
"- \"content\": \"\"", | |
"\n", | |
" \"path\": |-", | |
"\n", | |
" /etc/mesosphere/roles/aws", | |
"\n" | |
] | |
] | |
} | |
}, | |
"EbsOptimized": { | |
"Ref": "EbsOptimizedNodes" | |
}, | |
"BlockDeviceMappings": [ | |
{ | |
"DeviceName": "/dev/sdb", | |
"VirtualName": "ephemeral0" | |
} | |
], | |
"InstanceType": { | |
"Ref": "PublicSlaveInstanceType" | |
} | |
} | |
}, | |
"SlaveLaunchConfig": { | |
"Type": "AWS::AutoScaling::LaunchConfiguration", | |
"Properties": { | |
"AssociatePublicIpAddress": "false", | |
"IamInstanceProfile": { | |
"Ref": "SlaveInstanceProfile" | |
}, | |
"SecurityGroups": [ | |
{ | |
"Ref": "SlaveSecurityGroup" | |
} | |
], | |
"KeyName": { | |
"Ref": "KeyName" | |
}, | |
"EbsOptimized": { | |
"Ref": "EbsOptimizedNodes" | |
}, | |
"ImageId": { | |
"Fn::FindInMap": [ | |
"RegionToAmi", | |
{ | |
"Ref": "AWS::Region" | |
}, | |
"stable" | |
] | |
}, | |
"UserData": { | |
"Fn::Base64": { | |
"Fn::Join": [ | |
"", | |
[ | |
"#cloud-config", | |
"\n", | |
"\"coreos\":", | |
"\n", | |
" \"units\":", | |
"\n", | |
" - \"command\": |-", | |
"\n", | |
" start", | |
"\n", | |
" \"content\": |", | |
"\n", | |
" [Unit]", | |
"\n", | |
" Description=AWS Setup: Formats the /var/lib ephemeral drive", | |
"\n", | |
" Before=var-lib.mount dbus.service", | |
"\n", | |
" [Service]", | |
"\n", | |
" Type=oneshot", | |
"\n", | |
" RemainAfterExit=yes", | |
"\n", | |
" ExecStart=/bin/bash -c \"(blkid -t TYPE=ext4 | grep xvdb) || (/usr/sbin/mkfs.ext4 -F /dev/xvdb)\"", | |
"\n", | |
" \"name\": |-", | |
"\n", | |
" format-var-lib-ephemeral.service", | |
"\n", | |
" - \"command\": |-", | |
"\n", | |
" start", | |
"\n", | |
" \"content\": |", | |
"\n", | |
" [Unit]", | |
"\n", | |
" Description=AWS Setup: Mount /var/lib", | |
"\n", | |
" Before=dbus.service", | |
"\n", | |
" [Mount]", | |
"\n", | |
" What=/dev/xvdb", | |
"\n", | |
" Where=/var/lib", | |
"\n", | |
" Type=ext4", | |
"\n", | |
" \"name\": |-", | |
"\n", | |
" var-lib.mount", | |
"\n", | |
" - \"command\": |-", | |
"\n", | |
" stop", | |
"\n", | |
" \"mask\": !!bool |-", | |
"\n", | |
" true", | |
"\n", | |
" \"name\": |-", | |
"\n", | |
" etcd.service", | |
"\n", | |
" - \"command\": |-", | |
"\n", | |
" stop", | |
"\n", | |
" \"mask\": !!bool |-", | |
"\n", | |
" true", | |
"\n", | |
" \"name\": |-", | |
"\n", | |
" update-engine.service", | |
"\n", | |
" - \"command\": |-", | |
"\n", | |
" stop", | |
"\n", | |
" \"mask\": !!bool |-", | |
"\n", | |
" true", | |
"\n", | |
" \"name\": |-", | |
"\n", | |
" locksmithd.service", | |
"\n", | |
" - \"command\": |-", | |
"\n", | |
" stop", | |
"\n", | |
" \"name\": |-", | |
"\n", | |
" systemd-resolved.service", | |
"\n", | |
" - \"command\": |-", | |
"\n", | |
" restart", | |
"\n", | |
" \"name\": |-", | |
"\n", | |
" systemd-journald.service", | |
"\n", | |
" - \"command\": |-", | |
"\n", | |
" restart", | |
"\n", | |
" \"name\": |-", | |
"\n", | |
" docker.service", | |
"\n", | |
" - \"command\": |-", | |
"\n", | |
" start", | |
"\n", | |
" \"content\": |", | |
"\n", | |
" [Unit]", | |
"\n", | |
" Before=dcos.target", | |
"\n", | |
" [Service]", | |
"\n", | |
" Type=oneshot", | |
"\n", | |
" StandardOutput=journal+console", | |
"\n", | |
" StandardError=journal+console", | |
"\n", | |
" ExecStartPre=/usr/bin/mkdir -p /etc/profile.d", | |
"\n", | |
" ExecStart=/usr/bin/ln -sf /opt/mesosphere/bin/add_dcos_path.sh /etc/profile.d/dcos.sh", | |
"\n", | |
" \"name\": |-", | |
"\n", | |
" dcos-link-env.service", | |
"\n", | |
" - \"content\": |", | |
"\n", | |
" [Unit]", | |
"\n", | |
" Description=Pkgpanda: Download DC/OS to this host.", | |
"\n", | |
" After=network-online.target", | |
"\n", | |
" Wants=network-online.target", | |
"\n", | |
" ConditionPathExists=!/opt/mesosphere/", | |
"\n", | |
" [Service]", | |
"\n", | |
" Type=oneshot", | |
"\n", | |
" StandardOutput=journal+console", | |
"\n", | |
" StandardError=journal+console", | |
"\n", | |
" ExecStartPre=/usr/bin/curl --keepalive-time 2 -fLsSv --retry 20 -Y 100000 -y 60 -o /tmp/bootstrap.tar.xz https://downloads.dcos.io/dcos/stable/bootstrap/4d92536e7381176206e71ee15b5ffe454439920c.bootstrap.tar.xz", | |
"\n", | |
" ExecStartPre=/usr/bin/mkdir -p /opt/mesosphere", | |
"\n", | |
" ExecStart=/usr/bin/tar -axf /tmp/bootstrap.tar.xz -C /opt/mesosphere", | |
"\n", | |
" ExecStartPost=-/usr/bin/rm -f /tmp/bootstrap.tar.xz", | |
"\n", | |
" \"name\": |-", | |
"\n", | |
" dcos-download.service", | |
"\n", | |
" - \"command\": |-", | |
"\n", | |
" start", | |
"\n", | |
" \"content\": |", | |
"\n", | |
" [Unit]", | |
"\n", | |
" Description=Pkgpanda: Specialize DC/OS for this host.", | |
"\n", | |
" Requires=dcos-download.service", | |
"\n", | |
" After=dcos-download.service", | |
"\n", | |
" [Service]", | |
"\n", | |
" Type=oneshot", | |
"\n", | |
" StandardOutput=journal+console", | |
"\n", | |
" StandardError=journal+console", | |
"\n", | |
" EnvironmentFile=/opt/mesosphere/environment", | |
"\n", | |
" ExecStart=/opt/mesosphere/bin/pkgpanda setup --no-block-systemd", | |
"\n", | |
" [Install]", | |
"\n", | |
" WantedBy=multi-user.target", | |
"\n", | |
" \"enable\": !!bool |-", | |
"\n", | |
" true", | |
"\n", | |
" \"name\": |-", | |
"\n", | |
" dcos-setup.service", | |
"\n", | |
" \"no_block\": !!bool |-", | |
"\n", | |
" true", | |
"\n", | |
" - \"command\": |-", | |
"\n", | |
" start", | |
"\n", | |
" \"content\": |-", | |
"\n", | |
" [Unit]", | |
"\n", | |
" Description=AWS Setup: Signal CloudFormation Success", | |
"\n", | |
" ConditionPathExists=!/var/lib/dcos-cfn-signal", | |
"\n", | |
" [Service]", | |
"\n", | |
" Type=simple", | |
"\n", | |
" Restart=on-failure", | |
"\n", | |
" StartLimitInterval=0", | |
"\n", | |
" RestartSec=15s", | |
"\n", | |
" EnvironmentFile=/opt/mesosphere/environment", | |
"\n", | |
" EnvironmentFile=/opt/mesosphere/etc/cfn_signal_metadata", | |
"\n", | |
" Environment=\"AWS_CFN_SIGNAL_THIS_RESOURCE=SlaveServerGroup\"", | |
"\n", | |
" ExecStartPre=/bin/ping -c1 leader.mesos", | |
"\n", | |
" ExecStartPre=/opt/mesosphere/bin/cfn-signal", | |
"\n", | |
" ExecStart=/usr/bin/touch /var/lib/dcos-cfn-signal", | |
"\n", | |
" \"name\": |-", | |
"\n", | |
" dcos-cfn-signal.service", | |
"\n", | |
" \"no_block\": !!bool |-", | |
"\n", | |
" true", | |
"\n", | |
" \"update\":", | |
"\n", | |
" \"reboot-strategy\": |-", | |
"\n", | |
" off", | |
"\n", | |
"\"write_files\":", | |
"\n", | |
"- \"content\": |", | |
"\n", | |
" https://downloads.dcos.io/dcos/stable", | |
"\n", | |
" \"owner\": |-", | |
"\n", | |
" root", | |
"\n", | |
" \"path\": |-", | |
"\n", | |
" /etc/mesosphere/setup-flags/repository-url", | |
"\n", | |
" \"permissions\": |-", | |
"\n", | |
" 0644", | |
"\n", | |
"- \"content\": |", | |
"\n", | |
" ", | |
{ | |
"Fn::FindInMap": [ | |
"ClusterPackagesJson", | |
"default", | |
"default" | |
] | |
}, | |
"\n", | |
" \"owner\": |-", | |
"\n", | |
" root", | |
"\n", | |
" \"path\": |-", | |
"\n", | |
" /etc/mesosphere/setup-flags/cluster-packages.json", | |
"\n", | |
" \"permissions\": |-", | |
"\n", | |
" 0644", | |
"\n", | |
"- \"content\": |", | |
"\n", | |
" [Journal]", | |
"\n", | |
" MaxLevelConsole=warning", | |
"\n", | |
" RateLimitInterval=1s", | |
"\n", | |
" RateLimitBurst=20000", | |
"\n", | |
" \"owner\": |-", | |
"\n", | |
" root", | |
"\n", | |
" \"path\": |-", | |
"\n", | |
" /etc/systemd/journald.conf.d/dcos.conf", | |
"\n", | |
" \"permissions\": |-", | |
"\n", | |
" 0644", | |
"\n", | |
"- \"content\": |", | |
"\n", | |
" libstorage:", | |
"\n", | |
" integration:", | |
"\n", | |
" volume:", | |
"\n", | |
" operations:", | |
"\n", | |
" unmount:", | |
"\n", | |
" ignoreusedcount: true", | |
"\n", | |
" server:", | |
"\n", | |
" tasks:", | |
"\n", | |
" logTimeout: 5m", | |
"\n", | |
" rexray:", | |
"\n", | |
" loglevel: info", | |
"\n", | |
" service: ebs", | |
"\n", | |
" \"path\": |-", | |
"\n", | |
" /etc/rexray/config.yml", | |
"\n", | |
" \"permissions\": |-", | |
"\n", | |
" 0644", | |
"\n", | |
"- \"content\": |", | |
"\n", | |
" \"bound_values\":", | |
"\n", | |
" \"adminrouter_auth_enabled\": |-", | |
"\n", | |
" ", | |
{ | |
"Ref": "OAuthEnabled" | |
}, | |
"\n", | |
" \"agent_role\": |-", | |
"\n", | |
" ", | |
{ | |
"Ref": "SlaveRole" | |
}, | |
"\n", | |
" \"aws_region\": |-", | |
"\n", | |
" ", | |
{ | |
"Ref": "AWS::Region" | |
}, | |
"\n", | |
" \"aws_stack_id\": |-", | |
"\n", | |
" ", | |
{ | |
"Ref": "AWS::StackId" | |
}, | |
"\n", | |
" \"aws_stack_name\": |-", | |
"\n", | |
" ", | |
{ | |
"Ref": "AWS::StackName" | |
}, | |
"\n", | |
" \"cluster_name\": |-", | |
"\n", | |
" ", | |
{ | |
"Ref": "AWS::StackName" | |
}, | |
"\n", | |
" \"exhibitor_address\": |-", | |
"\n", | |
" ", | |
{ | |
"Fn::GetAtt": [ | |
"InternalMasterLoadBalancer", | |
"DNSName" | |
] | |
}, | |
"\n", | |
" \"master_external_loadbalancer\": |-", | |
"\n", | |
" ", | |
{ | |
"Fn::GetAtt": [ | |
"ElasticLoadBalancer", | |
"DNSName" | |
] | |
}, | |
"\n", | |
" \"master_role\": |-", | |
"\n", | |
" ", | |
{ | |
"Ref": "MasterRole" | |
}, | |
"\n", | |
" \"oauth_enabled\": |-", | |
"\n", | |
" ", | |
{ | |
"Ref": "OAuthEnabled" | |
}, | |
"\n", | |
" \"s3_bucket\": |-", | |
"\n", | |
" ", | |
{ | |
"Ref": "ExhibitorS3Bucket" | |
}, | |
"\n", | |
" \"s3_prefix\": |-", | |
"\n", | |
" ", | |
{ | |
"Ref": "AWS::StackName" | |
}, | |
"\n", | |
" \"late_bound_package_id\": |-", | |
"\n", | |
" dcos-provider-d32e054e113b14d97841dd13b974a222976a8d62-aws--setup", | |
"\n", | |
" \"owner\": |-", | |
"\n", | |
" root", | |
"\n", | |
" \"path\": |-", | |
"\n", | |
" /etc/mesosphere/setup-flags/late-config.yaml", | |
"\n", | |
" \"permissions\": |-", | |
"\n", | |
" 0644", | |
"\n", | |
"- \"content\": \"\"", | |
"\n", | |
" \"path\": |-", | |
"\n", | |
" /etc/mesosphere/roles/slave", | |
"\n", | |
"- \"content\": \"\"", | |
"\n", | |
" \"path\": |-", | |
"\n", | |
" /etc/mesosphere/roles/aws", | |
"\n" | |
] | |
] | |
} | |
}, | |
"BlockDeviceMappings": [ | |
{ | |
"DeviceName": "/dev/sdb", | |
"VirtualName": "ephemeral0" | |
} | |
], | |
"InstanceType": { | |
"Ref": "SlaveInstanceType" | |
} | |
} | |
}, | |
"PrivateSubnet": { | |
"Type": "AWS::EC2::Subnet", | |
"Properties": { | |
"Tags": [ | |
{ | |
"Key": "Application", | |
"Value": { | |
"Ref": "AWS::StackName" | |
} | |
}, | |
{ | |
"Key": "Network", | |
"Value": "Private" | |
} | |
], | |
"VpcId": { | |
"Ref": "Vpc" | |
}, | |
"CidrBlock": { | |
"Fn::FindInMap": [ | |
"Parameters", | |
"PrivateSubnetRange", | |
"default" | |
] | |
} | |
}, | |
"DependsOn": "Vpc" | |
}, | |
"PublicSlaveSecurityGroup": { | |
"Type": "AWS::EC2::SecurityGroup", | |
"Properties": { | |
"VpcId": { | |
"Ref": "Vpc" | |
}, | |
"GroupDescription": "Mesos Slaves Public" | |
} | |
}, | |
"AdminSecurityGroup": { | |
"Type": "AWS::EC2::SecurityGroup", | |
"Properties": { | |
"VpcId": { | |
"Ref": "Vpc" | |
}, | |
"SecurityGroupIngress": [ | |
{ | |
"FromPort": "22", | |
"CidrIp": { | |
"Ref": "AdminLocation" | |
}, | |
"IpProtocol": "tcp", | |
"ToPort": "22" | |
}, | |
{ | |
"FromPort": "80", | |
"CidrIp": { | |
"Ref": "AdminLocation" | |
}, | |
"IpProtocol": "tcp", | |
"ToPort": "80" | |
}, | |
{ | |
"FromPort": "443", | |
"CidrIp": { | |
"Ref": "AdminLocation" | |
}, | |
"IpProtocol": "tcp", | |
"ToPort": "443" | |
} | |
], | |
"GroupDescription": "Enable admin access to servers" | |
} | |
}, | |
"SlaveToSlaveIngress": { | |
"Type": "AWS::EC2::SecurityGroupIngress", | |
"Properties": { | |
"FromPort": "0", | |
"GroupId": { | |
"Ref": "SlaveSecurityGroup" | |
}, | |
"SourceSecurityGroupId": { | |
"Ref": "SlaveSecurityGroup" | |
}, | |
"IpProtocol": "-1", | |
"ToPort": "65535" | |
} | |
}, | |
"GatewayToInternet": { | |
"Type": "AWS::EC2::VPCGatewayAttachment", | |
"Properties": { | |
"InternetGatewayId": { | |
"Ref": "InternetGateway" | |
}, | |
"VpcId": { | |
"Ref": "Vpc" | |
} | |
}, | |
"DependsOn": "InternetGateway" | |
}, | |
"SlaveServerGroup": { | |
"Type": "AWS::AutoScaling::AutoScalingGroup", | |
"CreationPolicy": { | |
"ResourceSignal": { | |
"Count": { | |
"Ref": "SlaveInstanceCount" | |
}, | |
"Timeout": { | |
"Fn::FindInMap": [ | |
"Parameters", | |
"StackCreationTimeout", | |
"default" | |
] | |
} | |
} | |
}, | |
"Properties": { | |
"MinSize": { | |
"Ref": "SlaveInstanceCount" | |
}, | |
"LaunchConfigurationName": { | |
"Ref": "SlaveLaunchConfig" | |
}, | |
"MaxSize": { | |
"Ref": "SlaveInstanceCount" | |
}, | |
"DesiredCapacity": { | |
"Ref": "SlaveInstanceCount" | |
}, | |
"Tags": [ | |
{ | |
"PropagateAtLaunch": "true", | |
"Key": "role", | |
"Value": "mesos-slave" | |
}, | |
{ | |
"PropagateAtLaunch": "true", | |
"Key": "Name", | |
"Value": "Private Agent" | |
} | |
], | |
"VPCZoneIdentifier": [ | |
{ | |
"Ref": "PrivateSubnet" | |
} | |
], | |
"AvailabilityZones": [ | |
{ | |
"Fn::GetAtt": [ | |
"PrivateSubnet", | |
"AvailabilityZone" | |
] | |
} | |
] | |
}, | |
"DependsOn": [ | |
"PrivateOutboundNetworkAclEntry", | |
"NATInstance" | |
] | |
}, | |
"PrivateRoute": { | |
"Type": "AWS::EC2::Route", | |
"Properties": { | |
"RouteTableId": { | |
"Ref": "PrivateRouteTable" | |
}, | |
"DestinationCidrBlock": "0.0.0.0/0", | |
"InstanceId": { | |
"Ref": "NATInstance" | |
} | |
} | |
}, | |
"PrivateSubnetRouteTableAssociation": { | |
"Type": "AWS::EC2::SubnetRouteTableAssociation", | |
"Properties": { | |
"RouteTableId": { | |
"Ref": "PrivateRouteTable" | |
}, | |
"SubnetId": { | |
"Ref": "PrivateSubnet" | |
} | |
} | |
}, | |
"DHCPOptions": { | |
"Type": "AWS::EC2::DHCPOptions", | |
"Properties": { | |
"DomainNameServers": [ | |
"AmazonProvidedDNS" | |
], | |
"DomainName": { | |
"Fn::Join": [ | |
"", | |
[ | |
{ | |
"Ref": "AWS::Region" | |
}, | |
".compute.internal" | |
] | |
] | |
} | |
} | |
}, | |
"MasterRole": { | |
"Type": "AWS::IAM::Role", | |
"Properties": { | |
"Path": "/", | |
"Policies": [ | |
{ | |
"PolicyName": "root", | |
"PolicyDocument": { | |
"Version": "2012-10-17", | |
"Statement": [ | |
{ | |
"Effect": "Allow", | |
"Resource": [ | |
{ | |
"Fn::Join": [ | |
"", | |
[ | |
"arn:aws:s3:::", | |
{ | |
"Ref": "ExhibitorS3Bucket" | |
}, | |
"/*" | |
] | |
] | |
}, | |
{ | |
"Fn::Join": [ | |
"", | |
[ | |
"arn:aws:s3:::", | |
{ | |
"Ref": "ExhibitorS3Bucket" | |
} | |
] | |
] | |
} | |
], | |
"Action": [ | |
"s3:AbortMultipartUpload", | |
"s3:DeleteObject", | |
"s3:GetBucketAcl", | |
"s3:GetBucketPolicy", | |
"s3:GetObject", | |
"s3:GetObjectAcl", | |
"s3:ListBucket", | |
"s3:ListBucketMultipartUploads", | |
"s3:ListMultipartUploadParts", | |
"s3:PutObject", | |
"s3:PutObjectAcl" | |
] | |
}, | |
{ | |
"Effect": "Allow", | |
"Action": [ | |
"cloudformation:DescribeChangeSet", | |
"cloudformation:DescribeStackEvents", | |
"cloudformation:DescribeStackResource", | |
"cloudformation:DescribeStackResources", | |
"cloudformation:DescribeStacks", | |
"cloudformation:GetStackPolicy", | |
"cloudformation:GetTemplate", | |
"cloudformation:GetTemplateSummary", | |
"cloudformation:ListChangeSets", | |
"cloudformation:ListStackResources", | |
"cloudformation:ListStacks", | |
"cloudformation:SignalResource" | |
], | |
"Resource": [ | |
{ | |
"Ref": "AWS::StackId" | |
}, | |
{ | |
"Fn::Join": [ | |
"", | |
[ | |
{ | |
"Ref": "AWS::StackId" | |
}, | |
"/*" | |
] | |
] | |
} | |
] | |
}, | |
{ | |
"Effect": "Allow", | |
"Action": [ | |
"ec2:DescribeKeyPairs", | |
"ec2:DescribeSubnets", | |
"autoscaling:DescribeLaunchConfigurations", | |
"autoscaling:UpdateAutoScalingGroup", | |
"autoscaling:DescribeAutoScalingGroups", | |
"autoscaling:DescribeScalingActivities", | |
"elasticloadbalancing:DescribeLoadBalancers" | |
], | |
"Resource": "*" | |
} | |
] | |
} | |
} | |
], | |
"AssumeRolePolicyDocument": { | |
"Version": "2012-10-17", | |
"Statement": [ | |
{ | |
"Effect": "Allow", | |
"Principal": { | |
"Service": [ | |
"ec2.amazonaws.com" | |
] | |
}, | |
"Action": [ | |
"sts:AssumeRole" | |
] | |
} | |
] | |
} | |
} | |
}, | |
"SlaveSecurityGroup": { | |
"Type": "AWS::EC2::SecurityGroup", | |
"Properties": { | |
"VpcId": { | |
"Ref": "Vpc" | |
}, | |
"GroupDescription": "Mesos Slaves" | |
} | |
}, | |
"PublicSubnetNetworkAclAssociation": { | |
"Type": "AWS::EC2::SubnetNetworkAclAssociation", | |
"Properties": { | |
"NetworkAclId": { | |
"Ref": "PublicNetworkAcl" | |
}, | |
"SubnetId": { | |
"Ref": "PublicSubnet" | |
} | |
} | |
}, | |
"PublicSlaveToPublicSlaveIngress": { | |
"Type": "AWS::EC2::SecurityGroupIngress", | |
"Properties": { | |
"FromPort": "0", | |
"GroupId": { | |
"Ref": "PublicSlaveSecurityGroup" | |
}, | |
"SourceSecurityGroupId": { | |
"Ref": "PublicSlaveSecurityGroup" | |
}, | |
"IpProtocol": "-1", | |
"ToPort": "65535" | |
} | |
}, | |
"InboundNetworkAclEntry": { | |
"Type": "AWS::EC2::NetworkAclEntry", | |
"Properties": { | |
"RuleAction": "allow", | |
"NetworkAclId": { | |
"Ref": "PublicNetworkAcl" | |
}, | |
"PortRange": { | |
"To": "65535", | |
"From": "0" | |
}, | |
"CidrBlock": "0.0.0.0/0", | |
"RuleNumber": "100", | |
"Egress": "false", | |
"Protocol": "-1" | |
} | |
}, | |
"Vpc": { | |
"Type": "AWS::EC2::VPC", | |
"Properties": { | |
"Tags": [ | |
{ | |
"Key": "Application", | |
"Value": { | |
"Ref": "AWS::StackName" | |
} | |
}, | |
{ | |
"Key": "Network", | |
"Value": "Public" | |
} | |
], | |
"EnableDnsHostnames": "true", | |
"EnableDnsSupport": "true", | |
"CidrBlock": { | |
"Fn::FindInMap": [ | |
"Parameters", | |
"VPCSubnetRange", | |
"default" | |
] | |
} | |
} | |
}, | |
"VPCDHCPOptionsAssociation": { | |
"Type": "AWS::EC2::VPCDHCPOptionsAssociation", | |
"Properties": { | |
"VpcId": { | |
"Ref": "Vpc" | |
}, | |
"DhcpOptionsId": { | |
"Ref": "DHCPOptions" | |
} | |
}, | |
"DependsOn": "Vpc" | |
}, | |
"PublicSlaveServerGroup": { | |
"Type": "AWS::AutoScaling::AutoScalingGroup", | |
"CreationPolicy": { | |
"ResourceSignal": { | |
"Count": { | |
"Ref": "PublicSlaveInstanceCount" | |
}, | |
"Timeout": { | |
"Fn::FindInMap": [ | |
"Parameters", | |
"StackCreationTimeout", | |
"default" | |
] | |
} | |
} | |
}, | |
"Properties": { | |
"MinSize": { | |
"Ref": "PublicSlaveInstanceCount" | |
}, | |
"LaunchConfigurationName": { | |
"Ref": "PublicSlaveLaunchConfig" | |
}, | |
"MaxSize": { | |
"Ref": "PublicSlaveInstanceCount" | |
}, | |
"DesiredCapacity": { | |
"Ref": "PublicSlaveInstanceCount" | |
}, | |
"Tags": [ | |
{ | |
"PropagateAtLaunch": "true", | |
"Key": "role", | |
"Value": "mesos-slave" | |
}, | |
{ | |
"PropagateAtLaunch": "true", | |
"Key": "Name", | |
"Value": "Public Agent" | |
} | |
], | |
"VPCZoneIdentifier": [ | |
{ | |
"Ref": "PublicSubnet" | |
} | |
], | |
"AvailabilityZones": [ | |
{ | |
"Fn::GetAtt": [ | |
"PublicSubnet", | |
"AvailabilityZone" | |
] | |
} | |
], | |
"LoadBalancerNames": [ | |
{ | |
"Ref": "PublicSlaveLoadBalancer" | |
} | |
] | |
}, | |
"DependsOn": "GatewayToInternet" | |
}, | |
"InternetGateway": { | |
"Type": "AWS::EC2::InternetGateway", | |
"Properties": { | |
"Tags": [ | |
{ | |
"Key": "Application", | |
"Value": { | |
"Ref": "AWS::StackName" | |
} | |
}, | |
{ | |
"Key": "Network", | |
"Value": "Public" | |
} | |
] | |
}, | |
"DependsOn": "Vpc" | |
}, | |
"PublicSubnet": { | |
"Type": "AWS::EC2::Subnet", | |
"Properties": { | |
"Tags": [ | |
{ | |
"Key": "Application", | |
"Value": { | |
"Ref": "AWS::StackName" | |
} | |
}, | |
{ | |
"Key": "Network", | |
"Value": "Public" | |
} | |
], | |
"VpcId": { | |
"Ref": "Vpc" | |
}, | |
"CidrBlock": { | |
"Fn::FindInMap": [ | |
"Parameters", | |
"PublicSubnetRange", | |
"default" | |
] | |
} | |
}, | |
"DependsOn": "Vpc" | |
}, | |
"PublicSlaveToMasterIngress": { | |
"Type": "AWS::EC2::SecurityGroupIngress", | |
"Properties": { | |
"FromPort": "0", | |
"GroupId": { | |
"Ref": "MasterSecurityGroup" | |
}, | |
"SourceSecurityGroupId": { | |
"Ref": "PublicSlaveSecurityGroup" | |
}, | |
"IpProtocol": "-1", | |
"ToPort": "65535" | |
} | |
}, | |
"LbSecurityGroup": { | |
"Type": "AWS::EC2::SecurityGroup", | |
"Properties": { | |
"VpcId": { | |
"Ref": "Vpc" | |
}, | |
"GroupDescription": "Mesos Master LB" | |
} | |
}, | |
"PrivateNetworkAcl": { | |
"Type": "AWS::EC2::NetworkAcl", | |
"Properties": { | |
"Tags": [ | |
{ | |
"Key": "Application", | |
"Value": { | |
"Ref": "AWS::StackName" | |
} | |
}, | |
{ | |
"Key": "Network", | |
"Value": "Public" | |
} | |
], | |
"VpcId": { | |
"Ref": "Vpc" | |
} | |
} | |
}, | |
"MasterToSlaveIngress": { | |
"Type": "AWS::EC2::SecurityGroupIngress", | |
"Properties": { | |
"FromPort": "0", | |
"GroupId": { | |
"Ref": "SlaveSecurityGroup" | |
}, | |
"SourceSecurityGroupId": { | |
"Ref": "MasterSecurityGroup" | |
}, | |
"IpProtocol": "-1", | |
"ToPort": "65535" | |
} | |
}, | |
"ElasticLoadBalancer": { | |
"Type": "AWS::ElasticLoadBalancing::LoadBalancer", | |
"Properties": { | |
"HealthCheck": { | |
"HealthyThreshold": "2", | |
"Interval": "30", | |
"UnhealthyThreshold": "2", | |
"Timeout": "5", | |
"Target": "TCP:5050" | |
}, | |
"Listeners": [ | |
{ | |
"InstanceProtocol": "TCP", | |
"Protocol": "TCP", | |
"LoadBalancerPort": "80", | |
"InstancePort": "80" | |
}, | |
{ | |
"InstanceProtocol": "TCP", | |
"Protocol": "TCP", | |
"LoadBalancerPort": "443", | |
"InstancePort": "443" | |
} | |
], | |
"Subnets": [ | |
{ | |
"Ref": "PublicSubnet" | |
} | |
], | |
"SecurityGroups": [ | |
{ | |
"Ref": "LbSecurityGroup" | |
}, | |
{ | |
"Ref": "AdminSecurityGroup" | |
} | |
] | |
}, | |
"DependsOn": "GatewayToInternet" | |
}, | |
"PublicSlaveIngressThree": { | |
"Type": "AWS::EC2::SecurityGroupIngress", | |
"Properties": { | |
"FromPort": "5052", | |
"GroupId": { | |
"Ref": "PublicSlaveSecurityGroup" | |
}, | |
"CidrIp": "0.0.0.0/0", | |
"IpProtocol": "tcp", | |
"ToPort": "32000" | |
} | |
}, | |
"PublicSlaveIngressFive": { | |
"Type": "AWS::EC2::SecurityGroupIngress", | |
"Properties": { | |
"FromPort": "23", | |
"GroupId": { | |
"Ref": "PublicSlaveSecurityGroup" | |
}, | |
"CidrIp": "0.0.0.0/0", | |
"IpProtocol": "udp", | |
"ToPort": "5050" | |
} | |
}, | |
"PublicSlaveIngressFour": { | |
"Type": "AWS::EC2::SecurityGroupIngress", | |
"Properties": { | |
"FromPort": "0", | |
"GroupId": { | |
"Ref": "PublicSlaveSecurityGroup" | |
}, | |
"CidrIp": "0.0.0.0/0", | |
"IpProtocol": "udp", | |
"ToPort": "21" | |
} | |
}, | |
"PublicSlaveIngressTwo": { | |
"Type": "AWS::EC2::SecurityGroupIngress", | |
"Properties": { | |
"FromPort": "23", | |
"GroupId": { | |
"Ref": "PublicSlaveSecurityGroup" | |
}, | |
"CidrIp": "0.0.0.0/0", | |
"IpProtocol": "tcp", | |
"ToPort": "5050" | |
} | |
}, | |
"PrivateRouteTable": { | |
"Type": "AWS::EC2::RouteTable", | |
"Properties": { | |
"Tags": [ | |
{ | |
"Key": "Application", | |
"Value": { | |
"Ref": "AWS::StackName" | |
} | |
}, | |
{ | |
"Key": "Network", | |
"Value": "Public" | |
} | |
], | |
"VpcId": { | |
"Ref": "Vpc" | |
} | |
} | |
}, | |
"NatRole": { | |
"Type": "AWS::IAM::Role", | |
"Properties": { | |
"Policies": [ | |
{ | |
"PolicyName": "NAT", | |
"PolicyDocument": { | |
"Version": "2012-10-17", | |
"Statement": [ | |
{ | |
"Effect": "Allow", | |
"Action": [ | |
"s3:GetBucketLocation", | |
"s3:ListAllMyBuckets" | |
], | |
"Resource": "arn:aws:s3:::*" | |
}, | |
{ | |
"Effect": "Allow", | |
"Action": [ | |
"s3:ListBucket" | |
], | |
"Resource": [ | |
{ | |
"Fn::Join": [ | |
"", | |
[ | |
"arn:aws:s3:::", | |
{ | |
"Ref": "ExhibitorS3Bucket" | |
} | |
] | |
] | |
} | |
] | |
}, | |
{ | |
"Effect": "Allow", | |
"Action": [ | |
"s3:PutObject", | |
"s3:GetObject", | |
"s3:DeleteObject" | |
], | |
"Resource": [ | |
{ | |
"Fn::Join": [ | |
"", | |
[ | |
"arn:aws:s3:::", | |
{ | |
"Ref": "ExhibitorS3Bucket" | |
}, | |
"/*" | |
] | |
] | |
} | |
] | |
} | |
] | |
} | |
} | |
], | |
"AssumeRolePolicyDocument": { | |
"Version": "2012-10-17", | |
"Statement": [ | |
{ | |
"Effect": "Allow", | |
"Principal": { | |
"Service": [ | |
"ec2.amazonaws.com" | |
] | |
}, | |
"Action": [ | |
"sts:AssumeRole" | |
] | |
} | |
] | |
} | |
} | |
}, | |
"SlaveRole": { | |
"Type": "AWS::IAM::Role", | |
"Properties": { | |
"Policies": [ | |
{ | |
"PolicyName": "Slaves", | |
"PolicyDocument": { | |
"Version": "2012-10-17", | |
"Statement": [ | |
{ | |
"Effect": "Allow", | |
"Action": [ | |
"cloudformation:DescribeChangeSet", | |
"cloudformation:DescribeStackEvents", | |
"cloudformation:DescribeStackResource", | |
"cloudformation:DescribeStackResources", | |
"cloudformation:DescribeStacks", | |
"cloudformation:GetStackPolicy", | |
"cloudformation:GetTemplate", | |
"cloudformation:GetTemplateSummary", | |
"cloudformation:ListChangeSets", | |
"cloudformation:ListStackResources", | |
"cloudformation:ListStacks", | |
"cloudformation:SignalResource" | |
], | |
"Resource": [ | |
{ | |
"Ref": "AWS::StackId" | |
}, | |
{ | |
"Fn::Join": [ | |
"", | |
[ | |
{ | |
"Ref": "AWS::StackId" | |
}, | |
"/*" | |
] | |
] | |
} | |
] | |
}, | |
{ | |
"Effect": "Allow", | |
"Action": [ | |
"ec2:CreateTags", | |
"ec2:DescribeInstances", | |
"ec2:CreateVolume", | |
"ec2:DeleteVolume", | |
"ec2:AttachVolume", | |
"ec2:DetachVolume", | |
"ec2:DescribeVolumes", | |
"ec2:DescribeVolumeStatus", | |
"ec2:DescribeVolumeAttribute", | |
"ec2:CreateSnapshot", | |
"ec2:CopySnapshot", | |
"ec2:DeleteSnapshot", | |
"ec2:DescribeSnapshots", | |
"ec2:DescribeSnapshotAttribute", | |
"autoscaling:DescribeAutoScalingGroups", | |
"cloudwatch:PutMetricData" | |
], | |
"Resource": "*" | |
} | |
] | |
} | |
} | |
], | |
"AssumeRolePolicyDocument": { | |
"Version": "2012-10-17", | |
"Statement": [ | |
{ | |
"Effect": "Allow", | |
"Principal": { | |
"Service": [ | |
"ec2.amazonaws.com" | |
] | |
}, | |
"Action": [ | |
"sts:AssumeRole" | |
] | |
} | |
] | |
} | |
} | |
}, | |
"MasterToMasterIngress": { | |
"Type": "AWS::EC2::SecurityGroupIngress", | |
"Properties": { | |
"FromPort": "0", | |
"GroupId": { | |
"Ref": "MasterSecurityGroup" | |
}, | |
"SourceSecurityGroupId": { | |
"Ref": "MasterSecurityGroup" | |
}, | |
"IpProtocol": "-1", | |
"ToPort": "65535" | |
} | |
}, | |
"NatInstanceProfile": { | |
"Type": "AWS::IAM::InstanceProfile", | |
"Properties": { | |
"Roles": [ | |
{ | |
"Ref": "NatRole" | |
} | |
], | |
"Path": "/" | |
} | |
}, | |
"SlaveInstanceProfile": { | |
"Type": "AWS::IAM::InstanceProfile", | |
"Properties": { | |
"Roles": [ | |
{ | |
"Ref": "SlaveRole" | |
} | |
], | |
"Path": "/" | |
} | |
}, | |
"InternalMasterLoadBalancer": { | |
"Type": "AWS::ElasticLoadBalancing::LoadBalancer", | |
"Properties": { | |
"Scheme": "internal", | |
"Listeners": [ | |
{ | |
"InstanceProtocol": "HTTP", | |
"Protocol": "HTTP", | |
"LoadBalancerPort": "5050", | |
"InstancePort": "5050" | |
}, | |
{ | |
"InstanceProtocol": "TCP", | |
"Protocol": "TCP", | |
"LoadBalancerPort": "2181", | |
"InstancePort": "2181" | |
}, | |
{ | |
"InstanceProtocol": "HTTP", | |
"Protocol": "HTTP", | |
"LoadBalancerPort": "8181", | |
"InstancePort": "8181" | |
}, | |
{ | |
"InstanceProtocol": "TCP", | |
"Protocol": "TCP", | |
"LoadBalancerPort": "80", | |
"InstancePort": "80" | |
}, | |
{ | |
"InstanceProtocol": "TCP", | |
"Protocol": "TCP", | |
"LoadBalancerPort": "443", | |
"InstancePort": "443" | |
}, | |
{ | |
"InstanceProtocol": "HTTP", | |
"Protocol": "HTTP", | |
"LoadBalancerPort": "8080", | |
"InstancePort": "8080" | |
} | |
], | |
"HealthCheck": { | |
"HealthyThreshold": "2", | |
"Interval": "30", | |
"UnhealthyThreshold": "2", | |
"Timeout": "5", | |
"Target": "TCP:5050" | |
}, | |
"Subnets": [ | |
{ | |
"Ref": "PublicSubnet" | |
} | |
], | |
"SecurityGroups": [ | |
{ | |
"Ref": "LbSecurityGroup" | |
}, | |
{ | |
"Ref": "AdminSecurityGroup" | |
}, | |
{ | |
"Ref": "SlaveSecurityGroup" | |
}, | |
{ | |
"Ref": "PublicSlaveSecurityGroup" | |
}, | |
{ | |
"Ref": "MasterSecurityGroup" | |
} | |
] | |
} | |
}, | |
"PublicSlaveLoadBalancer": { | |
"Type": "AWS::ElasticLoadBalancing::LoadBalancer", | |
"Properties": { | |
"HealthCheck": { | |
"HealthyThreshold": "2", | |
"Interval": "5", | |
"UnhealthyThreshold": "2", | |
"Timeout": "2", | |
"Target": "HTTP:9090/_haproxy_health_check" | |
}, | |
"Listeners": [ | |
{ | |
"InstanceProtocol": "TCP", | |
"Protocol": "TCP", | |
"LoadBalancerPort": "80", | |
"InstancePort": "80" | |
}, | |
{ | |
"InstanceProtocol": "TCP", | |
"Protocol": "TCP", | |
"LoadBalancerPort": "443", | |
"InstancePort": "443" | |
} | |
], | |
"Subnets": [ | |
{ | |
"Ref": "PublicSubnet" | |
} | |
], | |
"SecurityGroups": [ | |
{ | |
"Ref": "PublicSlaveSecurityGroup" | |
} | |
] | |
}, | |
"DependsOn": "GatewayToInternet" | |
}, | |
"PublicRouteTable": { | |
"Type": "AWS::EC2::RouteTable", | |
"Properties": { | |
"Tags": [ | |
{ | |
"Key": "Application", | |
"Value": { | |
"Ref": "AWS::StackName" | |
} | |
}, | |
{ | |
"Key": "Network", | |
"Value": "Public" | |
} | |
], | |
"VpcId": { | |
"Ref": "Vpc" | |
} | |
}, | |
"DependsOn": "Vpc" | |
}, | |
"MasterInstanceProfile": { | |
"Type": "AWS::IAM::InstanceProfile", | |
"Properties": { | |
"Roles": [ | |
{ | |
"Ref": "MasterRole" | |
} | |
], | |
"Path": "/" | |
} | |
}, | |
"MasterSecurityGroup": { | |
"Type": "AWS::EC2::SecurityGroup", | |
"Properties": { | |
"VpcId": { | |
"Ref": "Vpc" | |
}, | |
"SecurityGroupIngress": [ | |
{ | |
"FromPort": "5050", | |
"SourceSecurityGroupId": { | |
"Ref": "LbSecurityGroup" | |
}, | |
"IpProtocol": "tcp", | |
"ToPort": "5050" | |
}, | |
{ | |
"FromPort": "80", | |
"SourceSecurityGroupId": { | |
"Ref": "LbSecurityGroup" | |
}, | |
"IpProtocol": "tcp", | |
"ToPort": "80" | |
}, | |
{ | |
"FromPort": "443", | |
"SourceSecurityGroupId": { | |
"Ref": "LbSecurityGroup" | |
}, | |
"IpProtocol": "tcp", | |
"ToPort": "443" | |
}, | |
{ | |
"FromPort": "8080", | |
"SourceSecurityGroupId": { | |
"Ref": "LbSecurityGroup" | |
}, | |
"IpProtocol": "tcp", | |
"ToPort": "8080" | |
}, | |
{ | |
"FromPort": "8181", | |
"SourceSecurityGroupId": { | |
"Ref": "LbSecurityGroup" | |
}, | |
"IpProtocol": "tcp", | |
"ToPort": "8181" | |
}, | |
{ | |
"FromPort": "2181", | |
"SourceSecurityGroupId": { | |
"Ref": "LbSecurityGroup" | |
}, | |
"IpProtocol": "tcp", | |
"ToPort": "2181" | |
} | |
], | |
"GroupDescription": "Mesos Masters" | |
} | |
}, | |
"MasterToPublicSlaveIngress": { | |
"Type": "AWS::EC2::SecurityGroupIngress", | |
"Properties": { | |
"FromPort": "0", | |
"GroupId": { | |
"Ref": "PublicSlaveSecurityGroup" | |
}, | |
"SourceSecurityGroupId": { | |
"Ref": "MasterSecurityGroup" | |
}, | |
"IpProtocol": "-1", | |
"ToPort": "65535" | |
} | |
} | |
}, | |
"Metadata": { | |
"TemplateGenerationDate": "2017-09-08 20:52:17.774025", | |
"DcosImageCommit": "e38ab2aa282077c8eb7bf103c6fff7b0f08db1a4" | |
}, | |
"Parameters": { | |
"OAuthEnabled": { | |
"Default": "false", | |
"AllowedValues": [ | |
"true", | |
"false" | |
], | |
"Type": "String", | |
"Description": "\nEnable OAuth authentication" | |
}, | |
"AdminLocation": { | |
"AllowedPattern": "^([0-9]+\\.){3}[0-9]+\\/[0-9]+$", | |
"Type": "String", | |
"MaxLength": "18", | |
"Default": "0.0.0.0/0", | |
"ConstraintDescription": "must be a valid CIDR.", | |
"MinLength": "9", | |
"Description": "Optional: Specify the IP range to whitelist for access to the admin zone. Must be a valid CIDR." | |
}, | |
"PublicSlaveInstanceCount": { | |
"Default": "1", | |
"Type": "Number", | |
"Description": "Required: Specify the number of public agent nodes or accept the default." | |
}, | |
"SlaveInstanceCount": { | |
"Default": "2", | |
"Type": "Number", | |
"Description": "Required: Specify the number of private agent nodes or accept the default." | |
}, | |
"KeyName": { | |
"Description": "Keypair name", | |
"Type": "String", | |
"Default": "{KeyName}" | |
}, | |
"EbsOptimizedNodes": { | |
"Default": "false", | |
"AllowedValues": [ | |
"true", | |
"false" | |
], | |
"Type": "String", | |
"Description": "Enable EBS Optimized if desired and using m3.xlarge instances" | |
}, | |
"MasterInstanceType": { | |
"Default": "m3.medium", | |
"AllowedValues": [ | |
"m3.medium", | |
"m3.xlarge" | |
], | |
"Type": "String", | |
"Description": "Master Instance Type" | |
}, | |
"PublicSlaveInstanceType": { | |
"Default": "m3.medium", | |
"AllowedValues": [ | |
"m3.medium", | |
"m3.xlarge" | |
], | |
"Type": "String", | |
"Description": "Public Slave Instance Type" | |
}, | |
"SlaveInstanceType": { | |
"Default": "m3.medium", | |
"AllowedValues": [ | |
"m3.medium", | |
"m3.xlarge" | |
], | |
"Type": "String", | |
"Description": "Private Slave Instance Type" | |
} | |
}, | |
"Mappings": { | |
"ClusterPackagesJson": { | |
"default": { | |
"default": "[\"adminrouter--1166a3736442e7963a68d1d644bf5f54ca3cb01d\", \"avro-cpp--9cb0ee14e3cd5bbdb171efcc72a84d16862ea02d\", \"boost-libs--8d515c2f703c666ae1b6c5ccc35cc0f8fa36677f\", \"bootstrap--c1bc86593e212cf9fe83db2246bacd129a6b3adc\", \"boto--3890cb2817c00b874ba033abe784b5b343caa3c7\", \"check-time--79e3f6ab99125471e1d94d5f6bc0fea88446831c\", \"cni--7a8572e385c3f5262945c52c8003d1bbb22cf7aa\", \"cosmos--e84c5bf3259405df90d682536ba445cc4839a324\", \"curl--17866a8ae9305826aa5f357a09db2c1f2b2c2ad0\", \"dcos-checks--8fd33919e6f163dba1bd13e4c7e4e0523919a719\", \"dcos-cni--12a77c1e9bebd4cbd600524a864c2bd8483330d3\", \"dcos-config--setup_d32e054e113b14d97841dd13b974a222976a8d62\", \"dcos-diagnostics--e3b557b0ec8e98617d0cd0fdf136ef9dded96316\", \"dcos-history--23de88ddc1a5f9018dd11b279c5be6a768a18de4\", \"dcos-image--df630d8e930d6650ce3d0ade519660142233d862\", \"dcos-image-deps--81d23d00b1acddb316c9b15fd8499c2b10f6b697\", \"dcos-integration-test--9ec173650d4e73ba494603324e7583d23970e4b8\", \"dcos-log--d2af4b1a47d3755a51823e95fbc6c366cf0f9269\", \"dcos-metadata--setup_d32e054e113b14d97841dd13b974a222976a8d62\", \"dcos-metrics--2a26c0b50b0b6564f86c48d50aa86f681c9af93c\", \"dcos-oauth--445bb1388670981c6acc667b2529fc32d4c1fbd4\", \"dcos-signal--4366023212ea49a64c5c9aef1965e5a3133c4b61\", \"dcos-test-utils--1066d896d25f4c1e3f6d9a5e7f9c1c6e8c675bb7\", \"dcos-ui--cc2e3d26537ea190efacd6f899dd4cc2210d45b7\", \"dnspython--0be432372a3820eafcfa66975943c9536dbe1164\", \"docker-gc--89f5535aea154dca504f84cd60eac6f61836aef9\", \"dvdcli--ee85411e3cb9f0988ed54b5cc0789172b887f12f\", \"erlang--d693172f6f033707c7f07ff78fc18ac543d66b41\", \"exhibitor--c3e48bbae19c0ed9c30d7f9396305d1e77130658\", \"flask--6d0f985ad677e8422c7190cbe207424acd813c3b\", \"java--ce5ff19502fca31eaf4a9af86d50a10a8c212a5b\", \"libevent--05dc18bc0ab7434b2738318c5ebaa2e61a311f50\", \"libffi--0e5b99b94f296b2a9a1b75e9fe5f74f5446f5e9b\", \"libsodium--e7056355f1fe160ade83aac0d11352a2bf3844e6\", \"logrotate--877aece1fd506af3b9167b6938c316adfa79d4f5\", \"marathon--accdc43bafeca02da1be340baba4b55011eadf63\", \"mesos--0677ce2b7d2e8c45091f6481884542f1f765c3d5\", \"mesos-dns--600da87080b7634f2380594499004a7ff0b34662\", \"mesos-modules--1f5c4860450949db92ed27326c3146526041e681\", \"metronome--2ec6f56be44ed822e7228cb66c4dae6a78345789\", \"navstar--c66f92f01d837433de3e2b19d221c64d26cc54b1\", \"ncurses--030fd6b08ed46a7ecce001c36901f5b4ad5d2af5\", \"octarine--4e37c062d2f145f9c2ce01d30dadf72c2aac5c4a\", \"openssl--44777d19d54a3c33cc19543f2201cb20bf085d98\", \"pkgpanda-api--30cb1e68f92ed5d4b89d57ca526f8a69b44132c8\", \"pkgpanda-role--612a6734567cc0c7c2ae1d508f03172f4bc7beed\", \"pytest--5e26c8ed9fd2c325672d56fe558299bfbd0f7018\", \"python--5a4285ff7296548732203950bf73d360ea67f6ab\", \"python-azure-mgmt-resource--26cbe8349f3fe139f7dc8bff7f0cb735382314fc\", \"python-cryptography--0d83d8afef4a8faddf0d8b713619d9d76e510a9e\", \"python-dateutil--519201adebeba186049ecd79a9f358f614173b10\", \"python-docopt--0af809c220a922f7f6c58f15beafebaa043477c7\", \"python-gunicorn--2ceb53716237da0736f67f4004682083f6ac68e1\", \"python-isodate--c9efb5859a0cfb06d82f25220cc5b387914af85d\", \"python-jinja2--601a1443aa4c649ab1da10c2a6d7a4477a263fb3\", \"python-kazoo--0ff8e6ef528f58c6f36f0a9df6dc27d3871e5c27\", \"python-markupsafe--1388c95920b4eb920c7a753d620a1ad07fc8b64d\", \"python-passlib--4691268be760073188b555dc436f836c6706b37a\", \"python-pyyaml--d8a775d6e43da5eb239af5cccdf1d3fceeb0335f\", \"python-requests--db0474fab16019ba29a609a354285f221c1a2859\", \"python-retrying--37dd25bf69bcbefe0c50139085d6bb2e22ccf439\", \"python-tox--322c468e2a75c5b143cb06af460b5e801ee34342\", \"rexray--da7f17f8a4b772c0bac3f8d289a08abd4ff272b4\", \"six--93734bac9907087744815f9cb5b6152e9a198fae\", \"spartan--c3d8005b1340bcbc3a00496861745b2d0bb2d697\", \"strace--9be573456909e3931a890785eb6474af7e0dcce4\", \"teamcity-messages--073793b16cf369e58ebdb6348b93ed14b0e5e59a\", \"toybox--0c49f879bfe2f99e6f99b397136894fa5096fa0c\"]" | |
} | |
}, | |
"Parameters": { | |
"StackCreationTimeout": { | |
"default": "PT45M" | |
}, | |
"PublicSubnetRange": { | |
"default": "10.0.4.0/22" | |
}, | |
"PrivateSubnetRange": { | |
"default": "10.0.0.0/22" | |
}, | |
"VPCSubnetRange": { | |
"default": "10.0.0.0/16" | |
} | |
}, | |
"RegionToAmi": { | |
"us-west-2": { | |
"stable": "ami-2551d145" | |
} | |
}, | |
"NATAmi": { | |
"us-west-2": { | |
"default": "ami-bb69128b" | |
} | |
} | |
}, | |
"Description": "Cloud Academy DC/OS AWS CloudFormation Template" | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment