Created
November 13, 2016 22:43
-
-
Save skonto/93c2d3070e6309401d78c28b17bf9255 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"Outputs":{ | |
"PublicAgentDNSName":{ | |
"Value":{ | |
"Fn::GetAtt":[ | |
"PublicAgentLoadBalancer", | |
"DNSName" | |
] | |
}, | |
"Description":"Public Agent DNS Name" | |
} | |
}, | |
"Metadata":{ | |
"TemplateGenerationDate":"2016-10-20 01:36:53.795218", | |
"DcosImageCommit":"cfccfbf84bbba30e695ae4887b65db44ff216b1d" | |
}, | |
"Description":"DC/OS AWS Advanced Public Agent Template", | |
"Parameters":{ | |
"PublicSubnet":{ | |
"Type":"String", | |
"Description":"\nSubnet ID for use by all public agent nodes" | |
}, | |
"OAuthEnabled":{ | |
"Type":"String", | |
"Default":"true", | |
"Description":"\nEnable OAuth authentication", | |
"AllowedValues":[ | |
"true", | |
"false" | |
] | |
}, | |
"PublicAgentSecurityGroup":{ | |
"Type":"String", | |
"Description":"\nPermissive Security group used by Public Agents" | |
}, | |
"PublicAgentInstanceCount":{ | |
"Type":"Number", | |
"Default":"5", | |
"Description":"\nSpecify the number of public agent nodes or accept the default." | |
}, | |
"PublicAgentInstanceType":{ | |
"Type":"String", | |
"Default":"m3.xlarge", | |
"Description":"\nRegion-specific instance type. E.g. m3.xlarge" | |
}, | |
"InternalMasterLoadBalancerDnsName":{ | |
"Type":"String", | |
"Description":"\nDNS Name of Internal Load Balancer. Has to be valid for agents to join a running cluster" | |
}, | |
"CustomAMI":{ | |
"Type":"String", | |
"AllowedPattern":"(default|ami-[a-f0-9]{8})", | |
"Default":"default", | |
"Description":"\nExisting AMI in the deploy region which has all DC/OS pre-requisites installed or 'default'" | |
}, | |
"KeyName":{ | |
"Type":"AWS::EC2::KeyPair::KeyName", | |
"Description":"\nSpecify your AWS EC2 Key Pair." | |
} | |
}, | |
"Mappings":{ | |
"RegionToAmi":{ | |
"ap-northeast-1":{ | |
"el7":"ami-264f8747", | |
"coreos":"ami-965899f7" | |
}, | |
"ap-southeast-2":{ | |
"el7":"ami-3f1a2c5c", | |
"coreos":"ami-b1291dd2" | |
}, | |
"us-gov-west-1":{ | |
"el7":"ami-c4a41da5", | |
"coreos":"ami-b712acd6" | |
}, | |
"eu-west-1":{ | |
"el7":"ami-250c7f56", | |
"coreos":"ami-b7cba3c4" | |
}, | |
"us-east-1":{ | |
"el7":"ami-47096750", | |
"coreos":"ami-6d138f7a" | |
}, | |
"sa-east-1":{ | |
"el7":"ami-0e019062", | |
"coreos":"ami-61e3750d" | |
}, | |
"us-west-2":{ | |
"el7":"ami-ab07d1cb", | |
"coreos":"ami-dc6ba3bc" | |
}, | |
"ap-southeast-1":{ | |
"el7":"ami-0765bd64", | |
"coreos":"ami-3120fe52" | |
}, | |
"us-west-1":{ | |
"el7":"ami-e4afe284", | |
"coreos":"ami-ee57148e" | |
}, | |
"eu-central-1":{ | |
"el7":"ami-846e9eeb", | |
"coreos":"ami-3ae31555" | |
} | |
}, | |
"Parameters":{ | |
"StackCreationTimeout":{ | |
"default":"PT60M" | |
} | |
}, | |
"NATAmi":{ | |
"ap-northeast-1":{ | |
"default":"ami-55c29e54" | |
}, | |
"us-west-1":{ | |
"default":"ami-2b2b296e" | |
}, | |
"ap-southeast-2":{ | |
"default":"ami-996402a3" | |
}, | |
"eu-central-1":{ | |
"default":"ami-204c7a3d" | |
}, | |
"us-east-1":{ | |
"default":"ami-4c9e4b24" | |
}, | |
"sa-east-1":{ | |
"default":"ami-b972dba4" | |
}, | |
"us-west-2":{ | |
"default":"ami-bb69128b" | |
}, | |
"ap-southeast-1":{ | |
"default":"ami-b082dae2" | |
}, | |
"eu-west-1":{ | |
"default":"ami-3760b040" | |
} | |
} | |
}, | |
"Conditions":{ | |
"UseCustomAMI":{ | |
"Fn::Not":[ | |
{ | |
"Fn::Equals":[ | |
{ | |
"Ref":"CustomAMI" | |
}, | |
"default" | |
] | |
} | |
] | |
} | |
}, | |
"Resources":{ | |
"PublicAgentRole":{ | |
"Type":"AWS::IAM::Role", | |
"Properties":{ | |
"Policies":[ | |
{ | |
"PolicyName":"Agents", | |
"PolicyDocument":{ | |
"Version":"2012-10-17", | |
"Statement":[ | |
{ | |
"Resource":[ | |
{ | |
"Ref":"AWS::StackId" | |
}, | |
{ | |
"Fn::Join":[ | |
"", | |
[ | |
{ | |
"Ref":"AWS::StackId" | |
}, | |
"/*" | |
] | |
] | |
} | |
], | |
"Action":[ | |
"cloudformation:*" | |
], | |
"Effect":"Allow" | |
}, | |
{ | |
"Resource":"*", | |
"Action":[ | |
"ec2:CreateTags", | |
"ec2:DescribeInstances", | |
"ec2:CreateVolume", | |
"ec2:DeleteVolume", | |
"ec2:AttachVolume", | |
"ec2:DetachVolume", | |
"ec2:DescribeVolumes", | |
"ec2:DescribeVolumeStatus", | |
"ec2:DescribeVolumeAttribute", | |
"ec2:CreateSnapshot", | |
"ec2:CopySnapshot", | |
"ec2:DeleteSnapshot", | |
"ec2:DescribeSnapshots", | |
"ec2:DescribeSnapshotAttribute", | |
"autoscaling:DescribeAutoScalingGroups", | |
"cloudwatch:PutMetricData" | |
], | |
"Effect":"Allow" | |
} | |
] | |
} | |
} | |
], | |
"AssumeRolePolicyDocument":{ | |
"Version":"2012-10-17", | |
"Statement":[ | |
{ | |
"Action":[ | |
"sts:AssumeRole" | |
], | |
"Effect":"Allow", | |
"Principal":{ | |
"Service":[ | |
"ec2.amazonaws.com" | |
] | |
} | |
} | |
] | |
} | |
} | |
}, | |
"PublicAgentLoadBalancer":{ | |
"Type":"AWS::ElasticLoadBalancing::LoadBalancer", | |
"Properties":{ | |
"Subnets":[ | |
{ | |
"Ref":"PublicSubnet" | |
} | |
], | |
"SecurityGroups":[ | |
{ | |
"Ref":"PublicAgentSecurityGroup" | |
} | |
], | |
"HealthCheck":{ | |
"UnhealthyThreshold":"2", | |
"Timeout":"2", | |
"HealthyThreshold":"2", | |
"Interval":"5", | |
"Target":"HTTP:9090/_haproxy_health_check" | |
}, | |
"Listeners":[ | |
{ | |
"LoadBalancerPort":"80", | |
"InstancePort":"80", | |
"InstanceProtocol":"TCP", | |
"Protocol":"TCP" | |
}, | |
{ | |
"LoadBalancerPort":"443", | |
"InstancePort":"443", | |
"InstanceProtocol":"TCP", | |
"Protocol":"TCP" | |
} | |
] | |
} | |
}, | |
"PublicAgentInstanceProfile":{ | |
"Type":"AWS::IAM::InstanceProfile", | |
"Properties":{ | |
"Roles":[ | |
{ | |
"Ref":"PublicAgentRole" | |
} | |
], | |
"Path":"/" | |
} | |
}, | |
"PublicAgentLaunchConfig":{ | |
"Type":"AWS::AutoScaling::LaunchConfiguration", | |
"Properties":{ | |
"InstanceType":{ | |
"Ref":"PublicAgentInstanceType" | |
}, | |
"UserData":{ | |
"Fn::Base64":{ | |
"Fn::Join":[ | |
"", | |
[ | |
"#cloud-config\n", | |
"\"runcmd\":\n", | |
"- - |-\n", | |
" systemctl\n", | |
" - |-\n", | |
" restart\n", | |
" - |-\n", | |
" systemd-journald.service\n", | |
"- - |-\n", | |
" systemctl\n", | |
" - |-\n", | |
" restart\n", | |
" - |-\n", | |
" docker.service\n", | |
"- - |-\n", | |
" systemctl\n", | |
" - |-\n", | |
" start\n", | |
" - |-\n", | |
" dcos-link-env.service\n", | |
"- - |-\n", | |
" systemctl\n", | |
" - |-\n", | |
" enable\n", | |
" - |-\n", | |
" dcos-setup.service\n", | |
"- - |-\n", | |
" systemctl\n", | |
" - |-\n", | |
" --no-block\n", | |
" - |-\n", | |
" start\n", | |
" - |-\n", | |
" dcos-setup.service\n", | |
"- - |-\n", | |
" systemctl\n", | |
" - |-\n", | |
" --no-block\n", | |
" - |-\n", | |
" start\n", | |
" - |-\n", | |
" dcos-cfn-signal.service\n", | |
"\"write_files\":\n", | |
"- \"content\": |\n", | |
" https://downloads.dcos.io/dcos/stable\n", | |
" \"owner\": |-\n", | |
" root\n", | |
" \"path\": |-\n", | |
" /etc/mesosphere/setup-flags/repository-url\n", | |
" \"permissions\": |-\n", | |
" 0644\n", | |
"- \"content\": |\n", | |
" [\"dcos-config--setup_f5b285dfbca985a7dbc2530f774e532c4691211b\", \"dcos-metadata--setup_f5b285dfbca985a7dbc2530f774e532c4691211b\"]\n", | |
" \"owner\": |-\n", | |
" root\n", | |
" \"path\": |-\n", | |
" /etc/mesosphere/setup-flags/cluster-packages.json\n", | |
" \"permissions\": |-\n", | |
" 0644\n", | |
"- \"content\": |\n", | |
" [Journal]\n", | |
" MaxLevelConsole=warning\n", | |
" RateLimitInterval=1s\n", | |
" RateLimitBurst=20000\n", | |
" \"owner\": |-\n", | |
" root\n", | |
" \"path\": |-\n", | |
" /etc/systemd/journald.conf.d/dcos.conf\n", | |
" \"permissions\": |-\n", | |
" 0644\n", | |
"- \"content\": |\n", | |
" rexray:\n", | |
" loglevel: info\n", | |
" modules:\n", | |
" default-admin:\n", | |
" host: tcp://127.0.0.1:61003\n", | |
" storageDrivers:\n", | |
" - ec2\n", | |
" volume:\n", | |
" unmount:\n", | |
" ignoreusedcount: true\n", | |
" \"path\": |-\n", | |
" /etc/rexray/config.yml\n", | |
" \"permissions\": |-\n", | |
" 0644\n", | |
"- \"content\": |\n", | |
" MESOS_CLUSTER=", | |
{ | |
"Ref":"AWS::StackName" | |
}, | |
"", | |
"\n", | |
" \"path\": |-\n", | |
" /etc/mesosphere/setup-packages/dcos-provider-aws--setup/etc/mesos-master-provider\n", | |
"- \"content\": |\n", | |
" ADMINROUTER_ACTIVATE_AUTH_MODULE=", | |
{ | |
"Ref":"OAuthEnabled" | |
}, | |
"", | |
"\n", | |
" \"path\": |-\n", | |
" /etc/mesosphere/setup-packages/dcos-provider-aws--setup/etc/adminrouter.env\n", | |
"- \"content\": |\n", | |
" MASTER_SOURCE=exhibitor_uri\n", | |
" EXHIBITOR_URI=http://", | |
{ | |
"Ref":"InternalMasterLoadBalancerDnsName" | |
}, | |
":8181/exhibitor/v1/cluster/status", | |
"\n", | |
" EXHIBITOR_ADDRESS=", | |
{ | |
"Ref":"InternalMasterLoadBalancerDnsName" | |
}, | |
"", | |
"\n", | |
" RESOLVERS=169.254.169.253\n", | |
" \"path\": |-\n", | |
" /etc/mesosphere/setup-packages/dcos-provider-aws--setup/etc/dns_config\n", | |
"- \"content\": |\n", | |
" # File intentionally has no settings - Exhibitor is not used on DC/OS Agents\n", | |
" \"path\": |-\n", | |
" /etc/mesosphere/setup-packages/dcos-provider-aws--setup/etc/exhibitor\n", | |
"- \"content\": |\n", | |
" AWS_REGION=", | |
{ | |
"Ref":"AWS::Region" | |
}, | |
"", | |
"\n", | |
" AWS_STACK_ID=", | |
{ | |
"Ref":"AWS::StackId" | |
}, | |
"", | |
"\n", | |
" AWS_STACK_NAME=", | |
{ | |
"Ref":"AWS::StackName" | |
}, | |
"", | |
"\n", | |
" AWS_IAM_MASTER_ROLE_NAME=\n", | |
" AWS_IAM_SLAVE_ROLE_NAME=", | |
{ | |
"Ref":"PublicAgentRole" | |
}, | |
"", | |
"\n", | |
" \"path\": |-\n", | |
" /etc/mesosphere/setup-packages/dcos-provider-aws--setup/etc/cfn_signal_metadata\n", | |
"- \"content\": |-\n", | |
" {}\n", | |
" \"path\": |-\n", | |
" /etc/mesosphere/setup-packages/dcos-provider-aws--setup/pkginfo.json\n", | |
"- \"content\": |\n", | |
" [Unit]\n", | |
" Before=dcos.target\n", | |
" [Service]\n", | |
" Type=oneshot\n", | |
" StandardOutput=journal+console\n", | |
" StandardError=journal+console\n", | |
" ExecStartPre=/usr/bin/mkdir -p /etc/profile.d\n", | |
" ExecStart=/usr/bin/ln -sf /opt/mesosphere/environment.export /etc/profile.d/dcos.sh\n", | |
" \"path\": |-\n", | |
" /etc/systemd/system/dcos-link-env.service\n", | |
" \"permissions\": |-\n", | |
" 0644\n", | |
"- \"content\": |\n", | |
" [Unit]\n", | |
" Description=Pkgpanda: Download DC/OS to this host.\n", | |
" After=network-online.target\n", | |
" Wants=network-online.target\n", | |
" ConditionPathExists=!/opt/mesosphere/\n", | |
" [Service]\n", | |
" Type=oneshot\n", | |
" StandardOutput=journal+console\n", | |
" StandardError=journal+console\n", | |
" ExecStartPre=/usr/bin/curl --keepalive-time 2 -fLsSv --retry 20 -Y 100000 -y 60 -o /tmp/bootstrap.tar.xz https://downloads.dcos.io/dcos/stable/bootstrap/405172d16eaff8798d6b090dac99b51a8a9004d7.bootstrap.tar.xz\n", | |
" ExecStartPre=/usr/bin/mkdir -p /opt/mesosphere\n", | |
" ExecStart=/usr/bin/tar -axf /tmp/bootstrap.tar.xz -C /opt/mesosphere\n", | |
" ExecStartPost=-/usr/bin/rm -f /tmp/bootstrap.tar.xz\n", | |
" \"path\": |-\n", | |
" /etc/systemd/system/dcos-download.service\n", | |
" \"permissions\": |-\n", | |
" 0644\n", | |
"- \"content\": |\n", | |
" [Unit]\n", | |
" Description=Pkgpanda: Specialize DC/OS for this host.\n", | |
" Requires=dcos-download.service\n", | |
" After=dcos-download.service\n", | |
" [Service]\n", | |
" Type=oneshot\n", | |
" StandardOutput=journal+console\n", | |
" StandardError=journal+console\n", | |
" EnvironmentFile=/opt/mesosphere/environment\n", | |
" ExecStart=/opt/mesosphere/bin/pkgpanda setup --no-block-systemd\n", | |
" [Install]\n", | |
" WantedBy=multi-user.target\n", | |
" \"path\": |-\n", | |
" /etc/systemd/system/dcos-setup.service\n", | |
" \"permissions\": |-\n", | |
" 0644\n", | |
"- \"content\": |-\n", | |
" [Unit]\n", | |
" Description=AWS Setup: Signal CloudFormation Success\n", | |
" ConditionPathExists=!/var/lib/dcos-cfn-signal\n", | |
" [Service]\n", | |
" Type=simple\n", | |
" Restart=on-failure\n", | |
" StartLimitInterval=0\n", | |
" RestartSec=15s\n", | |
" EnvironmentFile=/opt/mesosphere/environment\n", | |
" EnvironmentFile=/opt/mesosphere/etc/cfn_signal_metadata\n", | |
" Environment=\"AWS_CFN_SIGNAL_THIS_RESOURCE=PublicAgentServerGroup\"\n", | |
" ExecStartPre=/bin/ping -c1 leader.mesos\n", | |
" ExecStartPre=/opt/mesosphere/bin/cfn-signal\n", | |
" ExecStart=/usr/bin/touch /var/lib/dcos-cfn-signal\n", | |
" \"path\": |-\n", | |
" /etc/systemd/system/dcos-cfn-signal.service\n", | |
" \"permissions\": |-\n", | |
" 0644\n", | |
"- \"content\": \"\"\n", | |
" \"path\": |-\n", | |
" /etc/mesosphere/roles/slave_public\n", | |
"- \"content\": \"\"\n", | |
" \"path\": |-\n", | |
" /etc/mesosphere/roles/aws\n" | |
] | |
] | |
} | |
}, | |
"SecurityGroups":[ | |
{ | |
"Ref":"PublicAgentSecurityGroup" | |
} | |
], | |
"BlockDeviceMappings":[ | |
{ | |
"DeviceName":"/dev/sdb", | |
"VirtualName":"ephemeral0" | |
} | |
], | |
"AssociatePublicIpAddress":"true", | |
"IamInstanceProfile":{ | |
"Ref":"PublicAgentInstanceProfile" | |
}, | |
"KeyName":{ | |
"Ref":"KeyName" | |
}, | |
"ImageId":{ | |
"Fn::If":[ | |
"UseCustomAMI", | |
{ | |
"Ref":"CustomAMI" | |
}, | |
{ | |
"Fn::FindInMap":[ | |
"RegionToAmi", | |
{ | |
"Ref":"AWS::Region" | |
}, | |
"el7" | |
] | |
} | |
] | |
} | |
} | |
}, | |
"PublicAgentServerGroup":{ | |
"Type":"AWS::AutoScaling::AutoScalingGroup", | |
"Properties":{ | |
"LaunchConfigurationName":{ | |
"Ref":"PublicAgentLaunchConfig" | |
}, | |
"LoadBalancerNames":[ | |
{ | |
"Ref":"PublicAgentLoadBalancer" | |
} | |
], | |
"MinSize":{ | |
"Ref":"PublicAgentInstanceCount" | |
}, | |
"MaxSize":{ | |
"Ref":"PublicAgentInstanceCount" | |
}, | |
"VPCZoneIdentifier":[ | |
{ | |
"Ref":"PublicSubnet" | |
} | |
], | |
"Tags":[ | |
{ | |
"Value":"mesos-public-agent", | |
"PropagateAtLaunch":"true", | |
"Key":"role" | |
} | |
], | |
"DesiredCapacity":{ | |
"Ref":"PublicAgentInstanceCount" | |
} | |
}, | |
"CreationPolicy":{ | |
"ResourceSignal":{ | |
"Count":{ | |
"Ref":"PublicAgentInstanceCount" | |
}, | |
"Timeout":{ | |
"Fn::FindInMap":[ | |
"Parameters", | |
"StackCreationTimeout", | |
"default" | |
] | |
} | |
} | |
} | |
} | |
}, | |
"AWSTemplateFormatVersion":"2010-09-09" | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment