Skip to content

Instantly share code, notes, and snippets.

@ngerasimatos

ngerasimatos/qwiklabs-cloudformation.yml

Created July 19, 2017 17:05
Show Gist options
  • Save ngerasimatos/070b51dd1dc4cf9010b33c92f6dd416f to your computer and use it in GitHub Desktop.
Save ngerasimatos/070b51dd1dc4cf9010b33c92f6dd416f to your computer and use it in GitHub Desktop.
Download ZIP
qwiklabs-cloudformation.yml
Raw
qwiklabs-cloudformation.yml
---
AWSTemplateFormatVersion: 2010-09-09
Description: Cloudformation for OpenShift Admin Test Drive
Parameters:
PublicHostedZone:
Type: String
Default: "ocp-admin.aws.openshifttestdrive.com"
ConstraintDescription: DNS zone for Instances and OpenShift
InfraInstanceType:
Type: String
Default: m4.large
AllowedValues:
- m4.large
- m4.xlarge
ConstraintDescription: Must be a valid EC2 instance type.
WorkerInstanceType:
Type: String
Default: m4.large
AllowedValues:
- m4.large
- m4.xlarge
MasterInstanceType:
Type: String
Default: m4.large
AllowedValues:
- m4.large
- m4.xlarge
ConstraintDescription: Must be a valid EC2 instance type.
IdmInstanceType:
Type: String
Default: t2.medium
AllowedValues:
- t2.medium
ConstraintDescription: Must be a valid EC2 instance type.
GuideInstanceType:
Type: String
Default: t2.small
AllowedValues:
- t2.small
ConstraintDescription: Must be a valid EC2 instance type.
KeyName:
Type: AWS::EC2::KeyPair::KeyName
Default: generic-qwiklab
ConstraintDescription: Must be the name of an existing EC2 key pair.
QwiklabId:
Type: String
Default: lab-8675309
ConstraintDescription: qwikLAB lab identifier
Mappings:
AWSRegion2AMI:
us-east-1:
ami: ami-47464851
us-east-2:
ami: NOT_SUPPORTED
us-west-1:
ami: NOT_SUPPORTED
us-west-2:
ami: ami-0e081477
eu-west-1:
ami: ami-d37597aa
eu-central-1:
ami: ami-8a2686e5
ap-northeast-1:
ami: NOT_SUPPORTED
ap-northeast-2:
ami: NOT_SUPPORTED
ap-southeast-1:
ami: NOT_SUPPORTED
ap-southeast-2:
ami: NOT_SUPPORTED
sa-east-1:
ami: NOT_SUPPORTED
Subnet2Cidr:
vpc:
cidr: 10.0.0.0/16
public1:
cidr: 10.0.1.0/24
public2:
cidr: 10.0.3.0/24
public3:
cidr: 10.0.4.0/24
DNSMapping:
us-east-1:
domain: ec2.internal
us-west-1:
domain: us-west-1.compute.internal
us-west-2:
domain: us-west-2.compute.internal
eu-west-1:
domain: eu-west-1.compute.internal
eu-central-1:
domain: eu-central-1.compute.internal
ap-northeast-1:
domain: ap-northeast-1.compute.internal
ap-northeast-2:
domain: ap-northeast-2.compute.internal
ap-southeast-1:
domain: ap-southeast-1.compute.internal
ap-southeast-2:
domain: ap-southeast-2.compute.internal
sa-east-1:
domain: sa-east-1.compute.internal
Resources:
VPC:
Type: AWS::EC2::VPC
Properties:
CidrBlock:
Fn::FindInMap:
- Subnet2Cidr
- vpc
- cidr
EnableDnsSupport: 'true'
EnableDnsHostnames: 'true'
Tags:
- Key: Application
Value:
Ref: AWS::StackId
InternetGateway:
Type: AWS::EC2::InternetGateway
Properties:
Tags:
- Key: Application
Value:
Ref: AWS::StackId
InternetGatewayAttachement:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
VpcId:
Ref: VPC
InternetGatewayId:
Ref: InternetGateway
PublicRouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId:
Ref: VPC
Tags:
- Key: Application
Value:
Ref: AWS::StackId
PublicRouteTableDefaultRoute1:
Type: AWS::EC2::Route
DependsOn: InternetGatewayAttachement
Properties:
RouteTableId:
Ref: PublicRouteTable
DestinationCidrBlock: 0.0.0.0/0
GatewayId:
Ref: InternetGateway
PublicSubnet1:
Type: AWS::EC2::Subnet
Properties:
VpcId:
Ref: VPC
CidrBlock:
Fn::FindInMap:
- Subnet2Cidr
- public1
- cidr
MapPublicIpOnLaunch: 'true'
AvailabilityZone:
Fn::Select:
- 0
- Fn::GetAZs: ""
Tags:
- Key: Application
Value:
Ref: AWS::StackId
PublicSubnetRouteTableAssociation1:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId:
Ref: PublicSubnet1
RouteTableId:
Ref: PublicRouteTable
PublicSubnet2:
Type: AWS::EC2::Subnet
Properties:
VpcId:
Ref: VPC
CidrBlock:
Fn::FindInMap:
- Subnet2Cidr
- public2
- cidr
MapPublicIpOnLaunch: 'true'
AvailabilityZone:
Fn::Select:
- 1
- Fn::GetAZs: ""
Tags:
- Key: Application
Value:
Ref: AWS::StackId
PublicSubnetRouteTableAssociation2:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId:
Ref: PublicSubnet2
RouteTableId:
Ref: PublicRouteTable
PublicSubnet3:
Type: AWS::EC2::Subnet
Properties:
VpcId:
Ref: VPC
CidrBlock:
Fn::FindInMap:
- Subnet2Cidr
- public3
- cidr
MapPublicIpOnLaunch: 'true'
AvailabilityZone:
Fn::Select:
- 2
- Fn::GetAZs: ""
Tags:
- Key: Application
Value:
Ref: AWS::StackId
PublicSubnetRouteTableAssociation3:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId:
Ref: PublicSubnet3
RouteTableId:
Ref: PublicRouteTable
NodeSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
VpcId:
Ref: VPC
GroupDescription: Firewall definition for OpenShift Node
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 4789
ToPort: 4789
CidrIp: !FindInMap [ Subnet2Cidr, vpc, cidr ]
- IpProtocol: udp
FromPort: 4789
ToPort: 4789
CidrIp: !FindInMap [ Subnet2Cidr, vpc, cidr ]
- IpProtocol: tcp
FromPort: 10250
ToPort: 10250
CidrIp: !FindInMap [ Subnet2Cidr, vpc, cidr ]
- IpProtocol: tcp
FromPort: 10250
ToPort: 10250
CidrIp: !FindInMap [ Subnet2Cidr, vpc, cidr ]
- IpProtocol: tcp
FromPort: 22
ToPort: 22
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 2222
ToPort: 2222
CidrIp: !FindInMap [ Subnet2Cidr, vpc, cidr ]
- IpProtocol: tcp
FromPort: 24007
ToPort: 24008
CidrIp: !FindInMap [ Subnet2Cidr, vpc, cidr ]
- IpProtocol: tcp
FromPort: 49152
ToPort: 49664
CidrIp: !FindInMap [ Subnet2Cidr, vpc, cidr ]
- IpProtocol: tcp
FromPort: 389
ToPort: 389
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 88
ToPort: 88
CidrIp: !FindInMap [ Subnet2Cidr, vpc, cidr ]
- IpProtocol: udp
FromPort: 88
ToPort: 88
CidrIp: !FindInMap [ Subnet2Cidr, vpc, cidr ]
- IpProtocol: udp
FromPort: 123
ToPort: 123
CidrIp: !FindInMap [ Subnet2Cidr, vpc, cidr ]
- IpProtocol: udp
FromPort: 464
ToPort: 464
CidrIp: !FindInMap [ Subnet2Cidr, vpc, cidr ]
- IpProtocol: tcp
FromPort: 464
ToPort: 464
CidrIp: !FindInMap [ Subnet2Cidr, vpc, cidr ]
- IpProtocol: tcp
FromPort: 749
ToPort: 749
CidrIp: !FindInMap [ Subnet2Cidr, vpc, cidr ]
- IpProtocol: tcp
FromPort: 636
ToPort: 636
CidrIp: !FindInMap [ Subnet2Cidr, vpc, cidr ]
- IpProtocol: tcp
FromPort: 22
ToPort: 22
CidrIp: !FindInMap [ Subnet2Cidr, vpc, cidr ]
- IpProtocol: tcp
FromPort: 80
ToPort: 80
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 443
ToPort: 443
CidrIp: 0.0.0.0/0
- IpProtocol: icmp
FromPort: -1
ToPort: -1
CidrIp: !FindInMap [ Subnet2Cidr, vpc, cidr ]
SecurityGroupEgress:
- IpProtocol: -1
FromPort: 0
ToPort: 65535
CidrIp: 0.0.0.0/0
MasterSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
VpcId:
Ref: VPC
GroupDescription: Firewall definition for OpenShift Master and Heketi
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 443
ToPort: 443
CidrIp: !FindInMap [ Subnet2Cidr, vpc, cidr ]
- IpProtocol: tcp
FromPort: 80
ToPort: 80
CidrIp: !FindInMap [ Subnet2Cidr, vpc, cidr ]
- IpProtocol: tcp
FromPort: 4789
ToPort: 4789
CidrIp: !FindInMap [ Subnet2Cidr, vpc, cidr ]
- IpProtocol: udp
FromPort: 4789
ToPort: 4789
CidrIp: !FindInMap [ Subnet2Cidr, vpc, cidr ]
- IpProtocol: udp
FromPort: 2049
ToPort: 2049
CidrIp: !FindInMap [ Subnet2Cidr, vpc, cidr ]
- IpProtocol: tcp
FromPort: 8053
ToPort: 8053
CidrIp: !FindInMap [ Subnet2Cidr, vpc, cidr ]
- IpProtocol: tcp
FromPort: 53
ToPort: 53
CidrIp: !FindInMap [ Subnet2Cidr, vpc, cidr ]
- IpProtocol: udp
FromPort: 53
ToPort: 53
CidrIp: !FindInMap [ Subnet2Cidr, vpc, cidr ]
- IpProtocol: udp
FromPort: 8053
ToPort: 8053
CidrIp: !FindInMap [ Subnet2Cidr, vpc, cidr ]
- IpProtocol: tcp
FromPort: 8080
ToPort: 8080
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 80
ToPort: 80
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 443
ToPort: 443
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 22
ToPort: 22
CidrIp: 0.0.0.0/0
- IpProtocol: icmp
FromPort: -1
ToPort: -1
CidrIp: 0.0.0.0/0
SecurityGroupEgress:
- IpProtocol: -1
FromPort: 0
ToPort: 65535
CidrIp: 0.0.0.0/0
HostedZone:
Type: AWS::Route53::HostedZone
Properties:
Name: !Ref 'PublicHostedZone'
VPCs:
-
VPCId: !Ref VPC
VPCRegion: !Ref AWS::Region
Route53Records:
Type: AWS::Route53::RecordSetGroup
DependsOn:
- Master1
- InfraNode1
- IdmNode1
- WorkerNode1
- WorkerNode2
- WorkerNode3
Properties:
HostedZoneName: !Join ['', [!Ref 'PublicHostedZone', .]]
RecordSets:
- Name: !Join ['', [master., !Ref 'QwiklabId', ., !Ref 'PublicHostedZone', .]]
Type: A
TTL: '900'
ResourceRecords:
- !GetAtt Master1.PublicIp
- Name: !Join ['', [openshift., !Ref 'QwiklabId', ., !Ref 'PublicHostedZone', .]]
Type: A
TTL: '900'
ResourceRecords:
- !GetAtt Master1.PublicIp
- Name: !Join ['', [infra., !Ref 'QwiklabId', ., !Ref 'PublicHostedZone', .]]
Type: A
TTL: '900'
ResourceRecords:
- !GetAtt InfraNode1.PublicIp
- Name: !Join ['', ["*", ., apps., !Ref 'QwiklabId', ., !Ref 'PublicHostedZone', .]]
Type: A
TTL: '900'
ResourceRecords:
- !GetAtt InfraNode1.PublicIp
- Name: !Join ['', [idm., !Ref QwiklabId, ., !Ref 'PublicHostedZone', .]]
Type: A
TTL: '900'
ResourceRecords:
- !GetAtt IdmNode1.PublicIp
- Name: !Join ['', [guide., !Ref QwiklabId, ., !Ref 'PublicHostedZone', .]]
Type: A
TTL: '900'
ResourceRecords:
- !GetAtt GuideNode.PublicIp
- Name: !Join ['', [node01., !Ref QwiklabId, ., !Ref 'PublicHostedZone', .]]
Type: A
TTL: '900'
ResourceRecords:
- !GetAtt WorkerNode1.PublicIp
- Name: !Join ['', [node02., !Ref QwiklabId, ., !Ref 'PublicHostedZone', .]]
Type: A
TTL: '900'
ResourceRecords:
- !GetAtt WorkerNode2.PublicIp
- Name: !Join ['', [node03., !Ref QwiklabId, ., !Ref 'PublicHostedZone', .]]
Type: A
TTL: '900'
ResourceRecords:
- !GetAtt WorkerNode3.PublicIp
Master1:
Type: AWS::EC2::Instance
Properties:
ImageId:
Fn::FindInMap:
- AWSRegion2AMI
- Ref: AWS::Region
- ami
InstanceType:
Ref: MasterInstanceType
SubnetId:
Ref: PublicSubnet1
KeyName:
Ref: KeyName
SecurityGroupIds:
- !GetAtt MasterSecurityGroup.GroupId
Tags:
- Key: Application
Value:
Ref: AWS::StackId
- Key: Name
Value: !Join [ ., [master, !Ref 'QwiklabId', !Ref 'PublicHostedZone' ] ]
BlockDeviceMappings:
- DeviceName: /dev/sda1
Ebs:
VolumeSize: '10'
VolumeType: 'gp2'
DeleteOnTermination: 'true'
- DeviceName: /dev/xvdb
Ebs:
VolumeSize: '20'
VolumeType: 'gp2'
DeleteOnTermination: 'true'
- DeviceName: /dev/xvdc
Ebs:
VolumeSize: '5'
VolumeType: 'gp2'
DeleteOnTermination: 'true'
UserData:
Fn::Base64:
!Sub |
#cloud-config
cloud_config_modules:
- disk_setup
- mounts
- runcmd
fs_setup:
- label: etcd_storage
filesystem: xfs
device: /dev/xvdc
partition: auto
fqdn: master.${QwiklabId}.${PublicHostedZone}
manage_etc_hosts: true
write_files:
- content: |
DEVS='/dev/xvdb'
VG=docker_vol
DATA_SIZE=95%VG
EXTRA_DOCKER_STORAGE_OPTIONS="--storage-opt dm.basesize=3G"
path: /etc/sysconfig/docker-storage-setup
owner: root:root
users:
- default
system_info:
default_user:
name: ec2-user
write_files:
- content: |
[OSEv3:children]
masters
nodes
etcd
[OSEv3:vars]
ansible_ssh_user=ec2-user
ansible_ssh_private_key_file=/home/ec2-user/.ssh/id_rsa
ansible_ssh_extra_args="-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=false"
ansible_become=true
deployment_type=openshift-enterprise
containerized=true
openshift_master_api_port=443
openshift_master_console_port=443
openshift_master_identity_providers=[{'name': 'idm', 'challenge': 'true', 'login': 'true', 'kind': 'LDAPPasswordIdentityProvider', 'attributes': {'id': ['dn'], 'email': ['mail'], 'name': ['cn'], 'preferredUsername': ['uid']}, 'bindDN': 'uid=admin,cn=users,cn=accounts,<DC>', 'bindPassword': 'ldapadmin', 'ca': '/etc/origin/master/ipa-ca.crt', 'insecure': 'false', 'url': 'ldap://IDM/cn=users,cn=accounts,<DC>?uid?sub?(memberOf=cn=ose-user,cn=groups,cn=accounts,<DC>)'}]
openshift_image_tag=v3.5.5.26
openshift_pkg_version=-3.5.5.26-1
openshift_master_default_subdomain=apps.${QwiklabId}.${PublicHostedZone}
openshift_master_cluster_public_hostname=openshift.${QwiklabId}.${PublicHostedZone}
openshift_router_selector='region=infra'
openshift_registry_selector='region=infra'
osm_default_node_selector='region=apps'
openshift_examples_modify_imagestreams=true
openshift_metrics_install_metrics=false
openshift_hosted_logging_deploy=false
[etcd]
master.${QwiklabId}.${PublicHostedZone}
[masters]
master.${QwiklabId}.${PublicHostedZone}
[nodes]
master.${QwiklabId}.${PublicHostedZone}
infra.${QwiklabId}.${PublicHostedZone} openshift_node_labels="{'region': 'infra'}"
node01.${QwiklabId}.${PublicHostedZone} openshift_node_labels="{'region': 'apps'}"
node02.${QwiklabId}.${PublicHostedZone} openshift_node_labels="{'region': 'apps'}"
node03.${QwiklabId}.${PublicHostedZone} openshift_node_labels="{'region': 'apps'}"
[cns]
node01.${QwiklabId}.${PublicHostedZone} openshift_node_labels="{'region': 'apps'}"
node02.${QwiklabId}.${PublicHostedZone} openshift_node_labels="{'region': 'apps'}"
node03.${QwiklabId}.${PublicHostedZone} openshift_node_labels="{'region': 'apps'}"
path: /etc/ansible/hosts
- content: |
{
"clusters": [
{
"nodes": [
{
"node": {
"hostnames": {
"manage": [
"${WorkerNode1.PrivateDnsName}"
],
"storage": [
"${WorkerNode1.PrivateIp}"
]
},
"zone": 1
},
"devices": [
"/dev/xvdd"
]
},
{
"node": {
"hostnames": {
"manage": [
"${WorkerNode2.PrivateDnsName}"
],
"storage": [
"${WorkerNode2.PrivateIp}"
]
},
"zone": 2
},
"devices": [
"/dev/xvdd"
]
},
{
"node": {
"hostnames": {
"manage": [
"${WorkerNode3.PrivateDnsName}"
],
"storage": [
"${WorkerNode3.PrivateIp}"
]
},
"zone": 3
},
"devices": [
"/dev/xvdd"
]
}
]
}
]
}
path: /home/ec2-user/topology.json
owner: ec2-user
group: ec2-user
runcmd:
- /usr/local/bin/inventory-patch
- mkdir -p /var/lib/etcd
- /usr/local/bin/idm-cert
- [ systemctl, stop, firewalld ]
- [ systemctl, disable, firewalld ]
- [ systemctl, enable, iptables ]
- [ systemctl, restart, iptables ]
mounts:
- [ /dev/xvdc, /var/lib/etcd, xfs, "defaults" ]
InfraNode1:
Type: AWS::EC2::Instance
Properties:
ImageId:
Fn::FindInMap:
- AWSRegion2AMI
- Ref: AWS::Region
- ami
InstanceType:
Ref: InfraInstanceType
SubnetId:
Ref: PublicSubnet1
KeyName:
Ref: KeyName
SecurityGroupIds:
- !GetAtt NodeSecurityGroup.GroupId
BlockDeviceMappings:
- DeviceName: /dev/sda1
Ebs:
VolumeSize: '10'
VolumeType: 'gp2'
DeleteOnTermination: 'true'
- DeviceName: /dev/xvdb
Ebs:
VolumeSize: '20'
VolumeType: 'gp2'
DeleteOnTermination: 'true'
- DeviceName: /dev/xvdc
Ebs:
VolumeSize: '20'
VolumeType: 'gp2'
DeleteOnTermination: 'true'
Tags:
- Key: Application
Value:
Ref: AWS::StackId
- Key: Name
Value: !Join [ ., [infra, !Ref QwiklabId, !Ref 'PublicHostedZone' ] ]
UserData:
Fn::Base64:
!Sub |
#cloud-config
fqdn: infra.${QwiklabId}.${PublicHostedZone}
manage_etc_hosts: true
write_files:
- content: |
DEVS='/dev/xvdb'
VG=docker_vol
DATA_SIZE=95%VG
EXTRA_DOCKER_STORAGE_OPTIONS="--storage-opt dm.basesize=3G"
path: /etc/sysconfig/docker-storage-setup
owner: root:root
users:
- default
system_info:
default_user:
name: ec2-user
runcmd:
- mkdir -p /var/lib/origin/openshift.local.volumes
- [ systemctl, stop, firewalld ]
- [ systemctl, disable, firewalld ]
- [ systemctl, enable, iptables ]
- [ systemctl, restart, iptables ]
mounts:
- [ /dev/xvdc, /var/lib/origin/openshift.local.volumes, xfs, "defaults,gquota" ]
IdmNode1:
Type: AWS::EC2::Instance
Properties:
ImageId:
Fn::FindInMap:
- AWSRegion2AMI
- Ref: AWS::Region
- ami
InstanceType:
Ref: IdmInstanceType
SubnetId:
Ref: PublicSubnet1
KeyName:
Ref: KeyName
SecurityGroupIds:
- !GetAtt NodeSecurityGroup.GroupId
BlockDeviceMappings:
- DeviceName: /dev/sda1
Ebs:
VolumeSize: '10'
VolumeType: 'gp2'
DeleteOnTermination: 'true'
Tags:
- Key: Application
Value:
Ref: AWS::StackId
- Key: Name
Value: !Join [ ., [idm, !Ref 'QwiklabId', !Ref 'PublicHostedZone' ] ]
UserData:
Fn::Base64:
!Sub |
#cloud-config
fqdn: idm.${QwiklabId}.${PublicHostedZone}
manage_etc_hosts: true
runcmd:
- /usr/local/bin/idm-install
- [ systemctl, start, haveged ]
- [ firewall-cmd, --reload ]
GuideNode:
Type: AWS::EC2::Instance
Properties:
ImageId:
Fn::FindInMap:
- AWSRegion2AMI
- Ref: AWS::Region
- ami
InstanceType:
Ref: GuideInstanceType
SubnetId:
Ref: PublicSubnet1
KeyName:
Ref: KeyName
SecurityGroupIds:
- !GetAtt NodeSecurityGroup.GroupId
BlockDeviceMappings:
- DeviceName: /dev/sda1
Ebs:
VolumeSize: '10'
VolumeType: 'gp2'
DeleteOnTermination: 'true'
- DeviceName: /dev/xvdb
Ebs:
VolumeSize: '20'
VolumeType: 'gp2'
DeleteOnTermination: 'true'
Tags:
- Key: Application
Value:
Ref: AWS::StackId
- Key: Name
Value: !Join [ ., [labguide, !Ref QwiklabId, !Ref 'PublicHostedZone' ] ]
UserData:
Fn::Base64:
!Sub |
#cloud-config
cloud_config_modules:
- disk_setup
- mounts
- runcmd
fqdn: guide.${QwiklabId}.${PublicHostedZone}
manage_etc_hosts: true
write_files:
- content: |
DEVS='/dev/xvdb'
VG=docker_vol
DATA_SIZE=95%VG
EXTRA_DOCKER_STORAGE_OPTIONS="--storage-opt dm.basesize=3G"
path: /etc/sysconfig/docker-storage-setup
owner: root:root
- content: |
WORKSHOPS_URLS="https://raw.githubusercontent.com/openshift/openshift-cns-testdrive/production/labguide/_ocp_admin_testdrive.yaml"
CONTENT_URL_PREFIX="https://raw.githubusercontent.com/openshift/openshift-cns-testdrive/production/labguide"
OCP_ROUTING_SUFFIX="apps.${QwiklabId}.${PublicHostedZone}"
MASTER_HOSTNAME="master"
MASTER_EXTERNAL_FQDN="master.${QwiklabId}.${PublicHostedZone}"
MASTER_INTERNAL_FQDN="${Master1.PrivateDnsName}"
NODE1_HOSTNAME="node01"
NODE1_EXTERNAL_FQDN="node01.${QwiklabId}.${PublicHostedZone}"
NODE1_INTERNAL_FQDN="${WorkerNode1.PrivateDnsName}"
NODE1_INTERNAL_IP="${WorkerNode1.PrivateIp}"
NODE2_HOSTNAME="node02"
NODE2_EXTERNAL_FQDN="node02.${QwiklabId}.${PublicHostedZone}"
NODE2_INTERNAL_FQDN="${WorkerNode2.PrivateDnsName}"
NODE2_INTERNAL_IP="${WorkerNode2.PrivateIp}"
NODE3_HOSTNAME="node03"
NODE3_EXTERNAL_FQDN="node03.${QwiklabId}.${PublicHostedZone}"
NODE3_INTERNAL_FQDN="${WorkerNode3.PrivateDnsName}"
NODE3_INTERNAL_IP="${WorkerNode3.PrivateIp}"
NODE_BRICK_DEVICE="/dev/xvdd"
CNS_NAMESPACE="container-native-storage"
HEKETI_ADMIN_PW="myS3cr3tpassw0rd"
HEKETI_USER_PW="mys3rs3cr3tpassw0rd"
path: /etc/sysconfig/workshopper
owner: root:root
users:
- default
system_info:
default_user:
name: ec2-user
runcmd:
- [ systemctl, start, firewalld ]
- [ systemctl, daemon-reload ]
- [ systemctl, enable, workshopper ]
- [ systemctl, start, workshopper ]
- [ firewall-cmd, --zone=public, --add-service=http, --permanent ]
- [ firewall-cmd, --zone=public, --add-service=http ]
WorkerNode1:
Type: AWS::EC2::Instance
Properties:
ImageId:
Fn::FindInMap:
- AWSRegion2AMI
- Ref: AWS::Region
- ami
InstanceType:
Ref: WorkerInstanceType
SubnetId:
Ref: PublicSubnet1
KeyName:
Ref: KeyName
SecurityGroupIds:
- !GetAtt NodeSecurityGroup.GroupId
BlockDeviceMappings:
- DeviceName: /dev/sda1
Ebs:
VolumeSize: '10'
VolumeType: 'gp2'
DeleteOnTermination: 'true'
- DeviceName: /dev/xvdb
Ebs:
VolumeSize: '20'
VolumeType: 'gp2'
DeleteOnTermination: 'true'
- DeviceName: /dev/xvdc
Ebs:
VolumeSize: '10'
VolumeType: 'gp2'
DeleteOnTermination: 'true'
- DeviceName: /dev/xvdd
Ebs:
VolumeSize: '50'
VolumeType: 'gp2'
DeleteOnTermination: 'true'
Tags:
- Key: Application
Value:
Ref: AWS::StackId
- Key: Name
Value: !Join [ ., [node01, !Ref QwiklabId, !Ref 'PublicHostedZone' ] ]
UserData:
Fn::Base64:
!Sub |
#cloud-config
cloud_config_modules:
- disk_setup
- mounts
fqdn: node01.${QwiklabId}.${PublicHostedZone}
manage_etc_hosts: true
fs_setup:
- label: emptydir
filesystem: xfs
device: /dev/xvdb
partition: auto
runcmd:
- mkdir -p /var/lib/origin/openshift.local.volumes
- [ systemctl, stop, firewalld ]
- [ systemctl, disable, firewalld ]
- [ systemctl, enable, iptables ]
- [ systemctl, restart, iptables ]
mounts:
- [ /dev/xvdc, /var/lib/origin/openshift.local.volumes, xfs, "defaults,gquota" ]
write_files:
- content: |
DEVS='/dev/xvdb'
VG=docker_vol
DATA_SIZE=95%VG
EXTRA_DOCKER_STORAGE_OPTIONS="--storage-opt dm.basesize=3G"
path: /etc/sysconfig/docker-storage-setup
owner: root:root
users:
- default
system_info:
default_user:
name: ec2-user
WorkerNode2:
Type: AWS::EC2::Instance
Properties:
ImageId:
Fn::FindInMap:
- AWSRegion2AMI
- Ref: AWS::Region
- ami
InstanceType:
Ref: WorkerInstanceType
SubnetId:
Ref: PublicSubnet2
KeyName:
Ref: KeyName
SecurityGroupIds:
- !GetAtt NodeSecurityGroup.GroupId
BlockDeviceMappings:
- DeviceName: /dev/sda1
Ebs:
VolumeSize: '10'
VolumeType: 'gp2'
DeleteOnTermination: 'true'
- DeviceName: /dev/xvdb
Ebs:
VolumeSize: '20'
VolumeType: 'gp2'
DeleteOnTermination: 'true'
- DeviceName: /dev/xvdc
Ebs:
VolumeSize: '10'
VolumeType: 'gp2'
DeleteOnTermination: 'true'
- DeviceName: /dev/xvdd
Ebs:
VolumeSize: '50'
VolumeType: 'gp2'
DeleteOnTermination: 'true'
Tags:
- Key: Application
Value:
Ref: AWS::StackId
- Key: Name
Value: !Join [ ., [node02, !Ref QwiklabId, !Ref 'PublicHostedZone' ] ]
UserData:
Fn::Base64:
!Sub |
#cloud-config
cloud_config_modules:
- disk_setup
- mounts
fqdn: node02.${QwiklabId}.${PublicHostedZone}
manage_etc_hosts: true
fs_setup:
- label: emptydir
filesystem: xfs
device: /dev/xvdc
partition: auto
runcmd:
- mkdir -p /var/lib/origin/openshift.local.volumes
- [ systemctl, stop, firewalld ]
- [ systemctl, disable, firewalld ]
- [ systemctl, enable, iptables ]
- [ systemctl, restart, iptables ]
mounts:
- [ /dev/xvdc, /var/lib/origin/openshift.local.volumes, xfs, "defaults,gquota" ]
write_files:
- content: |
DEVS='/dev/xvdb'
VG=docker_vol
DATA_SIZE=95%VG
EXTRA_DOCKER_STORAGE_OPTIONS="--storage-opt dm.basesize=3G"
path: /etc/sysconfig/docker-storage-setup
owner: root:root
users:
- default
system_info:
default_user:
name: ec2-user
WorkerNode3:
Type: AWS::EC2::Instance
Properties:
ImageId:
Fn::FindInMap:
- AWSRegion2AMI
- Ref: AWS::Region
- ami
InstanceType:
Ref: WorkerInstanceType
SubnetId:
Ref: PublicSubnet3
KeyName:
Ref: KeyName
SecurityGroupIds:
- !GetAtt NodeSecurityGroup.GroupId
BlockDeviceMappings:
- DeviceName: /dev/sda1
Ebs:
VolumeSize: '10'
VolumeType: 'gp2'
DeleteOnTermination: 'true'
- DeviceName: /dev/xvdb
Ebs:
VolumeSize: '20'
VolumeType: 'gp2'
DeleteOnTermination: 'true'
- DeviceName: /dev/xvdc
Ebs:
VolumeSize: '10'
VolumeType: 'gp2'
DeleteOnTermination: 'true'
- DeviceName: /dev/xvdd
Ebs:
VolumeSize: '50'
VolumeType: 'gp2'
DeleteOnTermination: 'true'
Tags:
- Key: Application
Value:
Ref: AWS::StackId
- Key: Name
Value: !Join [ ., [node03, !Ref QwiklabId, !Ref 'PublicHostedZone' ] ]
UserData:
Fn::Base64:
!Sub |
#cloud-config
cloud_config_modules:
- disk_setup
- mounts
fqdn: node03.${QwiklabId}.${PublicHostedZone}
manage_etc_hosts: true
fs_setup:
- label: emptydir
filesystem: xfs
device: /dev/xvdc
partition: auto
runcmd:
- mkdir -p /var/lib/origin/openshift.local.volumes
- [ systemctl, stop, firewalld ]
- [ systemctl, disable, firewalld ]
- [ systemctl, enable, iptables ]
- [ systemctl, restart, iptables ]
mounts:
- [ /dev/xvdc, /var/lib/origin/openshift.local.volumes, xfs, "defaults,gquota" ]
write_files:
- content: |
DEVS='/dev/xvdb'
VG=docker_vol
DATA_SIZE=95%VG
EXTRA_DOCKER_STORAGE_OPTIONS="--storage-opt dm.basesize=3G"
path: /etc/sysconfig/docker-storage-setup
owner: root:root
users:
- default
system_info:
default_user:
name: ec2-user
Outputs:
UserName:
Description: "OpenShift Node Login"
Value: "admin"
Password:
Description: "OpenShift Node Login Password"
Value: "r3dh4t"
SSHLoginUser:
Description: "User name on the Master node to connect via SSH and PEM file"
Value: "ec2-user"
LabguideURL:
Description: "Student Lab Guide"
Value: !Sub "http://${GuideNode.PublicIp}.nip.io/"
MasterIPAddress:
Description: "Public IP of the OpenShift Master node"
Value: !GetAtt Master1.PublicIp
OpenShiftURL:
Description: "Public IP of the OpenShift Master node"
Value: !Sub "https://${Master1.PublicIp}.nip.io:8443/"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment