Phil Porada pgporada

## gist:935bf59e7bf14d01c36ca3bff8cec2c3
[root@default-centos-7 ~]# ls -al /var/log/messages
-rw-------. 1 root root 397726 Jan 20 19:19 /var/log/messages

[root@default-centos-7 ~]# getfacl /var/log/messages
getfacl: Removing leading '/' from absolute path names
# file: var/log/messages
# owner: root
# group: root
user::rw-
group::---

## isempty.py
'''
AUTHOR: philporada@gmail.com
WHAT:
  This will prevent us from doing ugly shit like this
  {% if not((docker_host_tcp is undefined) or (docker_host_tcp is none) or (docker_host_tcp|trim == '')) %}
  and start being able to have a nice filter like
  {% if not(docker_host_tcp|empty) %}

DOCS:
  http://stackoverflow.com/questions/14017996/python-optional-parameter

## gist:dd7ae79d135835eadec8905d2a81795b
#- hosts: test-kitchen
#  vars:
#   docker_compose_install: true
#    docker_compose_version: 1.8.1
#    #docker_host_tcp: "tcp://0.0.0.0:2375"
#    docker_host_unixsocket:


ExecStart=/usr/bin/docker daemon -H fd:// --bip={{ docker_bridge_ip_range }} --storage-driver={{ docker_storage_driver | default ('devicemapper') }} --log-driver={{ docker_logging_driver | default('json-file') }}{% if docker_host_tcp|default(None,true) %} -H {{ docker_host_tcp }}{% endif %}{% if docker_host_unixsocket|default(None,true) %} -H {{ docker_host_unixsocket }}{% endif %}

## partial bastion.tf module file
variable "env"              {}
variable "instance_type"    {}
variable "bastion_key_name" {}
variable "bastion_key_path" {}
variable "vpc_id"           {}
variable "vpc_cidr"         {}
variable "peered_vpc_cidr"  {}
variable "subnet_ids"       {}
variable "shell_username"   {}
variable "public_zone_id"   {}

## init.sh user_data script
#!/bin/bash
set -x

# Ensure dependencies are installed
yum install -y epel-release
yum update -y epel-release
yum install -y python-pip python-devel git openssl-devel libffi-devel
pip install --upgrade pip
pip install --upgrade setuptools
yum install -y awscli python-six ansible

## mysql_thingy defaults.yml
---
mysql_build_cluster: false
mysql_verify_cluster: false

# It's always
mysql_
mysql_
mysql_
# It's never about MEsql
...

## gist:b846eb500db636a3a5f3118b1bea9463
data "template_file" "kibana" {
  template = "${file("${path.module}/init.sh")}"

  vars {
    TERRAFORM_env  = "${var.env}"
    TERRAFORM_user = "${var.shell_username}"
    TERRAFORM_role = "kibana"
  }
}

## gist:1d2dcc3a10d347c7e13b57d4c50d87b0
resource "aws_iam_role_policy" "instance_policy" {
    name   = xxxxxxx
    role   = "${aws_iam_role.instance_role.id}"
    policy = xxxxxxx

    # Allows the IAM role enough time to propagate through AWS
    provisioner "local-exec" {
        command = <<EOT
            echo "Sleeping for 10 seconds to allow the IAM role enough time to propagate through AWS";
            sleep 10;

## bats
#!/usr/bin/env bats

@test "Kibana is installed" {
    run rpm -q kibana
    [ "$status" -eq 0 ]
}

@test "Kibana is running" {
    run systemctl is-active kibana
    [ "$status" -eq 0 ]

## serverspec.sh
$ cat scripts/serverspec.sh
#!/bin/bash
# WHAT: Run serverspec tests that Packer copies up to the server. You'll need a ruby environment with bundler and gem.

cd /tmp/tests
/usr/local/bin/bundler install --no-deployment
/usr/local/bin/bundler exec rake spec
cd /tmp
rm -rf /tmp/tests
	[root@default-centos-7 ~]# ls -al /var/log/messages
	-rw-------. 1 root root 397726 Jan 20 19:19 /var/log/messages

	[root@default-centos-7 ~]# getfacl /var/log/messages
	getfacl: Removing leading '/' from absolute path names
	# file: var/log/messages
	# owner: root
	# group: root
	user::rw-
	group::---
	'''
	AUTHOR: philporada@gmail.com
	WHAT:
	This will prevent us from doing ugly shit like this
	{% if not((docker_host_tcp is undefined) or (docker_host_tcp is none) or (docker_host_tcp\|trim == '')) %}
	and start being able to have a nice filter like
	{% if not(docker_host_tcp\|empty) %}

	DOCS:
	http://stackoverflow.com/questions/14017996/python-optional-parameter
	#- hosts: test-kitchen
	# vars:
	# docker_compose_install: true
	# docker_compose_version: 1.8.1
	# #docker_host_tcp: "tcp://0.0.0.0:2375"
	# docker_host_unixsocket:



	ExecStart=/usr/bin/docker daemon -H fd:// --bip={{ docker_bridge_ip_range }} --storage-driver={{ docker_storage_driver \| default ('devicemapper') }} --log-driver={{ docker_logging_driver \| default('json-file') }}{% if docker_host_tcp\|default(None,true) %} -H {{ docker_host_tcp }}{% endif %}{% if docker_host_unixsocket\|default(None,true) %} -H {{ docker_host_unixsocket }}{% endif %}
	variable "env" {}
	variable "instance_type" {}
	variable "bastion_key_name" {}
	variable "bastion_key_path" {}
	variable "vpc_id" {}
	variable "vpc_cidr" {}
	variable "peered_vpc_cidr" {}
	variable "subnet_ids" {}
	variable "shell_username" {}
	variable "public_zone_id" {}
	#!/bin/bash
	set -x

	# Ensure dependencies are installed
	yum install -y epel-release
	yum update -y epel-release
	yum install -y python-pip python-devel git openssl-devel libffi-devel
	pip install --upgrade pip
	pip install --upgrade setuptools
	yum install -y awscli python-six ansible
	---
	mysql_build_cluster: false
	mysql_verify_cluster: false

	# It's always
	mysql_
	mysql_
	mysql_
	# It's never about MEsql
	...
	data "template_file" "kibana" {
	template = "${file("${path.module}/init.sh")}"

	vars {
	TERRAFORM_env = "${var.env}"
	TERRAFORM_user = "${var.shell_username}"
	TERRAFORM_role = "kibana"
	}
	}
	resource "aws_iam_role_policy" "instance_policy" {
	name = xxxxxxx
	role = "${aws_iam_role.instance_role.id}"
	policy = xxxxxxx

	# Allows the IAM role enough time to propagate through AWS
	provisioner "local-exec" {
	command = <<EOT
	echo "Sleeping for 10 seconds to allow the IAM role enough time to propagate through AWS";
	sleep 10;
	#!/usr/bin/env bats

	@test "Kibana is installed" {
	run rpm -q kibana
	[ "$status" -eq 0 ]
	}

	@test "Kibana is running" {
	run systemctl is-active kibana
	[ "$status" -eq 0 ]
	$ cat scripts/serverspec.sh
	#!/bin/bash
	# WHAT: Run serverspec tests that Packer copies up to the server. You'll need a ruby environment with bundler and gem.

	cd /tmp/tests
	/usr/local/bin/bundler install --no-deployment
	/usr/local/bin/bundler exec rake spec
	cd /tmp
	rm -rf /tmp/tests