Created
November 13, 2016 22:43
-
-
Save skonto/93c2d3070e6309401d78c28b17bf9255 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "Outputs":{ | |
| "PublicAgentDNSName":{ | |
| "Value":{ | |
| "Fn::GetAtt":[ | |
| "PublicAgentLoadBalancer", | |
| "DNSName" | |
| ] | |
| }, | |
| "Description":"Public Agent DNS Name" | |
| } | |
| }, | |
| "Metadata":{ | |
| "TemplateGenerationDate":"2016-10-20 01:36:53.795218", | |
| "DcosImageCommit":"cfccfbf84bbba30e695ae4887b65db44ff216b1d" | |
| }, | |
| "Description":"DC/OS AWS Advanced Public Agent Template", | |
| "Parameters":{ | |
| "PublicSubnet":{ | |
| "Type":"String", | |
| "Description":"\nSubnet ID for use by all public agent nodes" | |
| }, | |
| "OAuthEnabled":{ | |
| "Type":"String", | |
| "Default":"true", | |
| "Description":"\nEnable OAuth authentication", | |
| "AllowedValues":[ | |
| "true", | |
| "false" | |
| ] | |
| }, | |
| "PublicAgentSecurityGroup":{ | |
| "Type":"String", | |
| "Description":"\nPermissive Security group used by Public Agents" | |
| }, | |
| "PublicAgentInstanceCount":{ | |
| "Type":"Number", | |
| "Default":"5", | |
| "Description":"\nSpecify the number of public agent nodes or accept the default." | |
| }, | |
| "PublicAgentInstanceType":{ | |
| "Type":"String", | |
| "Default":"m3.xlarge", | |
| "Description":"\nRegion-specific instance type. E.g. m3.xlarge" | |
| }, | |
| "InternalMasterLoadBalancerDnsName":{ | |
| "Type":"String", | |
| "Description":"\nDNS Name of Internal Load Balancer. Has to be valid for agents to join a running cluster" | |
| }, | |
| "CustomAMI":{ | |
| "Type":"String", | |
| "AllowedPattern":"(default|ami-[a-f0-9]{8})", | |
| "Default":"default", | |
| "Description":"\nExisting AMI in the deploy region which has all DC/OS pre-requisites installed or 'default'" | |
| }, | |
| "KeyName":{ | |
| "Type":"AWS::EC2::KeyPair::KeyName", | |
| "Description":"\nSpecify your AWS EC2 Key Pair." | |
| } | |
| }, | |
| "Mappings":{ | |
| "RegionToAmi":{ | |
| "ap-northeast-1":{ | |
| "el7":"ami-264f8747", | |
| "coreos":"ami-965899f7" | |
| }, | |
| "ap-southeast-2":{ | |
| "el7":"ami-3f1a2c5c", | |
| "coreos":"ami-b1291dd2" | |
| }, | |
| "us-gov-west-1":{ | |
| "el7":"ami-c4a41da5", | |
| "coreos":"ami-b712acd6" | |
| }, | |
| "eu-west-1":{ | |
| "el7":"ami-250c7f56", | |
| "coreos":"ami-b7cba3c4" | |
| }, | |
| "us-east-1":{ | |
| "el7":"ami-47096750", | |
| "coreos":"ami-6d138f7a" | |
| }, | |
| "sa-east-1":{ | |
| "el7":"ami-0e019062", | |
| "coreos":"ami-61e3750d" | |
| }, | |
| "us-west-2":{ | |
| "el7":"ami-ab07d1cb", | |
| "coreos":"ami-dc6ba3bc" | |
| }, | |
| "ap-southeast-1":{ | |
| "el7":"ami-0765bd64", | |
| "coreos":"ami-3120fe52" | |
| }, | |
| "us-west-1":{ | |
| "el7":"ami-e4afe284", | |
| "coreos":"ami-ee57148e" | |
| }, | |
| "eu-central-1":{ | |
| "el7":"ami-846e9eeb", | |
| "coreos":"ami-3ae31555" | |
| } | |
| }, | |
| "Parameters":{ | |
| "StackCreationTimeout":{ | |
| "default":"PT60M" | |
| } | |
| }, | |
| "NATAmi":{ | |
| "ap-northeast-1":{ | |
| "default":"ami-55c29e54" | |
| }, | |
| "us-west-1":{ | |
| "default":"ami-2b2b296e" | |
| }, | |
| "ap-southeast-2":{ | |
| "default":"ami-996402a3" | |
| }, | |
| "eu-central-1":{ | |
| "default":"ami-204c7a3d" | |
| }, | |
| "us-east-1":{ | |
| "default":"ami-4c9e4b24" | |
| }, | |
| "sa-east-1":{ | |
| "default":"ami-b972dba4" | |
| }, | |
| "us-west-2":{ | |
| "default":"ami-bb69128b" | |
| }, | |
| "ap-southeast-1":{ | |
| "default":"ami-b082dae2" | |
| }, | |
| "eu-west-1":{ | |
| "default":"ami-3760b040" | |
| } | |
| } | |
| }, | |
| "Conditions":{ | |
| "UseCustomAMI":{ | |
| "Fn::Not":[ | |
| { | |
| "Fn::Equals":[ | |
| { | |
| "Ref":"CustomAMI" | |
| }, | |
| "default" | |
| ] | |
| } | |
| ] | |
| } | |
| }, | |
| "Resources":{ | |
| "PublicAgentRole":{ | |
| "Type":"AWS::IAM::Role", | |
| "Properties":{ | |
| "Policies":[ | |
| { | |
| "PolicyName":"Agents", | |
| "PolicyDocument":{ | |
| "Version":"2012-10-17", | |
| "Statement":[ | |
| { | |
| "Resource":[ | |
| { | |
| "Ref":"AWS::StackId" | |
| }, | |
| { | |
| "Fn::Join":[ | |
| "", | |
| [ | |
| { | |
| "Ref":"AWS::StackId" | |
| }, | |
| "/*" | |
| ] | |
| ] | |
| } | |
| ], | |
| "Action":[ | |
| "cloudformation:*" | |
| ], | |
| "Effect":"Allow" | |
| }, | |
| { | |
| "Resource":"*", | |
| "Action":[ | |
| "ec2:CreateTags", | |
| "ec2:DescribeInstances", | |
| "ec2:CreateVolume", | |
| "ec2:DeleteVolume", | |
| "ec2:AttachVolume", | |
| "ec2:DetachVolume", | |
| "ec2:DescribeVolumes", | |
| "ec2:DescribeVolumeStatus", | |
| "ec2:DescribeVolumeAttribute", | |
| "ec2:CreateSnapshot", | |
| "ec2:CopySnapshot", | |
| "ec2:DeleteSnapshot", | |
| "ec2:DescribeSnapshots", | |
| "ec2:DescribeSnapshotAttribute", | |
| "autoscaling:DescribeAutoScalingGroups", | |
| "cloudwatch:PutMetricData" | |
| ], | |
| "Effect":"Allow" | |
| } | |
| ] | |
| } | |
| } | |
| ], | |
| "AssumeRolePolicyDocument":{ | |
| "Version":"2012-10-17", | |
| "Statement":[ | |
| { | |
| "Action":[ | |
| "sts:AssumeRole" | |
| ], | |
| "Effect":"Allow", | |
| "Principal":{ | |
| "Service":[ | |
| "ec2.amazonaws.com" | |
| ] | |
| } | |
| } | |
| ] | |
| } | |
| } | |
| }, | |
| "PublicAgentLoadBalancer":{ | |
| "Type":"AWS::ElasticLoadBalancing::LoadBalancer", | |
| "Properties":{ | |
| "Subnets":[ | |
| { | |
| "Ref":"PublicSubnet" | |
| } | |
| ], | |
| "SecurityGroups":[ | |
| { | |
| "Ref":"PublicAgentSecurityGroup" | |
| } | |
| ], | |
| "HealthCheck":{ | |
| "UnhealthyThreshold":"2", | |
| "Timeout":"2", | |
| "HealthyThreshold":"2", | |
| "Interval":"5", | |
| "Target":"HTTP:9090/_haproxy_health_check" | |
| }, | |
| "Listeners":[ | |
| { | |
| "LoadBalancerPort":"80", | |
| "InstancePort":"80", | |
| "InstanceProtocol":"TCP", | |
| "Protocol":"TCP" | |
| }, | |
| { | |
| "LoadBalancerPort":"443", | |
| "InstancePort":"443", | |
| "InstanceProtocol":"TCP", | |
| "Protocol":"TCP" | |
| } | |
| ] | |
| } | |
| }, | |
| "PublicAgentInstanceProfile":{ | |
| "Type":"AWS::IAM::InstanceProfile", | |
| "Properties":{ | |
| "Roles":[ | |
| { | |
| "Ref":"PublicAgentRole" | |
| } | |
| ], | |
| "Path":"/" | |
| } | |
| }, | |
| "PublicAgentLaunchConfig":{ | |
| "Type":"AWS::AutoScaling::LaunchConfiguration", | |
| "Properties":{ | |
| "InstanceType":{ | |
| "Ref":"PublicAgentInstanceType" | |
| }, | |
| "UserData":{ | |
| "Fn::Base64":{ | |
| "Fn::Join":[ | |
| "", | |
| [ | |
| "#cloud-config\n", | |
| "\"runcmd\":\n", | |
| "- - |-\n", | |
| " systemctl\n", | |
| " - |-\n", | |
| " restart\n", | |
| " - |-\n", | |
| " systemd-journald.service\n", | |
| "- - |-\n", | |
| " systemctl\n", | |
| " - |-\n", | |
| " restart\n", | |
| " - |-\n", | |
| " docker.service\n", | |
| "- - |-\n", | |
| " systemctl\n", | |
| " - |-\n", | |
| " start\n", | |
| " - |-\n", | |
| " dcos-link-env.service\n", | |
| "- - |-\n", | |
| " systemctl\n", | |
| " - |-\n", | |
| " enable\n", | |
| " - |-\n", | |
| " dcos-setup.service\n", | |
| "- - |-\n", | |
| " systemctl\n", | |
| " - |-\n", | |
| " --no-block\n", | |
| " - |-\n", | |
| " start\n", | |
| " - |-\n", | |
| " dcos-setup.service\n", | |
| "- - |-\n", | |
| " systemctl\n", | |
| " - |-\n", | |
| " --no-block\n", | |
| " - |-\n", | |
| " start\n", | |
| " - |-\n", | |
| " dcos-cfn-signal.service\n", | |
| "\"write_files\":\n", | |
| "- \"content\": |\n", | |
| " https://downloads.dcos.io/dcos/stable\n", | |
| " \"owner\": |-\n", | |
| " root\n", | |
| " \"path\": |-\n", | |
| " /etc/mesosphere/setup-flags/repository-url\n", | |
| " \"permissions\": |-\n", | |
| " 0644\n", | |
| "- \"content\": |\n", | |
| " [\"dcos-config--setup_f5b285dfbca985a7dbc2530f774e532c4691211b\", \"dcos-metadata--setup_f5b285dfbca985a7dbc2530f774e532c4691211b\"]\n", | |
| " \"owner\": |-\n", | |
| " root\n", | |
| " \"path\": |-\n", | |
| " /etc/mesosphere/setup-flags/cluster-packages.json\n", | |
| " \"permissions\": |-\n", | |
| " 0644\n", | |
| "- \"content\": |\n", | |
| " [Journal]\n", | |
| " MaxLevelConsole=warning\n", | |
| " RateLimitInterval=1s\n", | |
| " RateLimitBurst=20000\n", | |
| " \"owner\": |-\n", | |
| " root\n", | |
| " \"path\": |-\n", | |
| " /etc/systemd/journald.conf.d/dcos.conf\n", | |
| " \"permissions\": |-\n", | |
| " 0644\n", | |
| "- \"content\": |\n", | |
| " rexray:\n", | |
| " loglevel: info\n", | |
| " modules:\n", | |
| " default-admin:\n", | |
| " host: tcp://127.0.0.1:61003\n", | |
| " storageDrivers:\n", | |
| " - ec2\n", | |
| " volume:\n", | |
| " unmount:\n", | |
| " ignoreusedcount: true\n", | |
| " \"path\": |-\n", | |
| " /etc/rexray/config.yml\n", | |
| " \"permissions\": |-\n", | |
| " 0644\n", | |
| "- \"content\": |\n", | |
| " MESOS_CLUSTER=", | |
| { | |
| "Ref":"AWS::StackName" | |
| }, | |
| "", | |
| "\n", | |
| " \"path\": |-\n", | |
| " /etc/mesosphere/setup-packages/dcos-provider-aws--setup/etc/mesos-master-provider\n", | |
| "- \"content\": |\n", | |
| " ADMINROUTER_ACTIVATE_AUTH_MODULE=", | |
| { | |
| "Ref":"OAuthEnabled" | |
| }, | |
| "", | |
| "\n", | |
| " \"path\": |-\n", | |
| " /etc/mesosphere/setup-packages/dcos-provider-aws--setup/etc/adminrouter.env\n", | |
| "- \"content\": |\n", | |
| " MASTER_SOURCE=exhibitor_uri\n", | |
| " EXHIBITOR_URI=http://", | |
| { | |
| "Ref":"InternalMasterLoadBalancerDnsName" | |
| }, | |
| ":8181/exhibitor/v1/cluster/status", | |
| "\n", | |
| " EXHIBITOR_ADDRESS=", | |
| { | |
| "Ref":"InternalMasterLoadBalancerDnsName" | |
| }, | |
| "", | |
| "\n", | |
| " RESOLVERS=169.254.169.253\n", | |
| " \"path\": |-\n", | |
| " /etc/mesosphere/setup-packages/dcos-provider-aws--setup/etc/dns_config\n", | |
| "- \"content\": |\n", | |
| " # File intentionally has no settings - Exhibitor is not used on DC/OS Agents\n", | |
| " \"path\": |-\n", | |
| " /etc/mesosphere/setup-packages/dcos-provider-aws--setup/etc/exhibitor\n", | |
| "- \"content\": |\n", | |
| " AWS_REGION=", | |
| { | |
| "Ref":"AWS::Region" | |
| }, | |
| "", | |
| "\n", | |
| " AWS_STACK_ID=", | |
| { | |
| "Ref":"AWS::StackId" | |
| }, | |
| "", | |
| "\n", | |
| " AWS_STACK_NAME=", | |
| { | |
| "Ref":"AWS::StackName" | |
| }, | |
| "", | |
| "\n", | |
| " AWS_IAM_MASTER_ROLE_NAME=\n", | |
| " AWS_IAM_SLAVE_ROLE_NAME=", | |
| { | |
| "Ref":"PublicAgentRole" | |
| }, | |
| "", | |
| "\n", | |
| " \"path\": |-\n", | |
| " /etc/mesosphere/setup-packages/dcos-provider-aws--setup/etc/cfn_signal_metadata\n", | |
| "- \"content\": |-\n", | |
| " {}\n", | |
| " \"path\": |-\n", | |
| " /etc/mesosphere/setup-packages/dcos-provider-aws--setup/pkginfo.json\n", | |
| "- \"content\": |\n", | |
| " [Unit]\n", | |
| " Before=dcos.target\n", | |
| " [Service]\n", | |
| " Type=oneshot\n", | |
| " StandardOutput=journal+console\n", | |
| " StandardError=journal+console\n", | |
| " ExecStartPre=/usr/bin/mkdir -p /etc/profile.d\n", | |
| " ExecStart=/usr/bin/ln -sf /opt/mesosphere/environment.export /etc/profile.d/dcos.sh\n", | |
| " \"path\": |-\n", | |
| " /etc/systemd/system/dcos-link-env.service\n", | |
| " \"permissions\": |-\n", | |
| " 0644\n", | |
| "- \"content\": |\n", | |
| " [Unit]\n", | |
| " Description=Pkgpanda: Download DC/OS to this host.\n", | |
| " After=network-online.target\n", | |
| " Wants=network-online.target\n", | |
| " ConditionPathExists=!/opt/mesosphere/\n", | |
| " [Service]\n", | |
| " Type=oneshot\n", | |
| " StandardOutput=journal+console\n", | |
| " StandardError=journal+console\n", | |
| " ExecStartPre=/usr/bin/curl --keepalive-time 2 -fLsSv --retry 20 -Y 100000 -y 60 -o /tmp/bootstrap.tar.xz https://downloads.dcos.io/dcos/stable/bootstrap/405172d16eaff8798d6b090dac99b51a8a9004d7.bootstrap.tar.xz\n", | |
| " ExecStartPre=/usr/bin/mkdir -p /opt/mesosphere\n", | |
| " ExecStart=/usr/bin/tar -axf /tmp/bootstrap.tar.xz -C /opt/mesosphere\n", | |
| " ExecStartPost=-/usr/bin/rm -f /tmp/bootstrap.tar.xz\n", | |
| " \"path\": |-\n", | |
| " /etc/systemd/system/dcos-download.service\n", | |
| " \"permissions\": |-\n", | |
| " 0644\n", | |
| "- \"content\": |\n", | |
| " [Unit]\n", | |
| " Description=Pkgpanda: Specialize DC/OS for this host.\n", | |
| " Requires=dcos-download.service\n", | |
| " After=dcos-download.service\n", | |
| " [Service]\n", | |
| " Type=oneshot\n", | |
| " StandardOutput=journal+console\n", | |
| " StandardError=journal+console\n", | |
| " EnvironmentFile=/opt/mesosphere/environment\n", | |
| " ExecStart=/opt/mesosphere/bin/pkgpanda setup --no-block-systemd\n", | |
| " [Install]\n", | |
| " WantedBy=multi-user.target\n", | |
| " \"path\": |-\n", | |
| " /etc/systemd/system/dcos-setup.service\n", | |
| " \"permissions\": |-\n", | |
| " 0644\n", | |
| "- \"content\": |-\n", | |
| " [Unit]\n", | |
| " Description=AWS Setup: Signal CloudFormation Success\n", | |
| " ConditionPathExists=!/var/lib/dcos-cfn-signal\n", | |
| " [Service]\n", | |
| " Type=simple\n", | |
| " Restart=on-failure\n", | |
| " StartLimitInterval=0\n", | |
| " RestartSec=15s\n", | |
| " EnvironmentFile=/opt/mesosphere/environment\n", | |
| " EnvironmentFile=/opt/mesosphere/etc/cfn_signal_metadata\n", | |
| " Environment=\"AWS_CFN_SIGNAL_THIS_RESOURCE=PublicAgentServerGroup\"\n", | |
| " ExecStartPre=/bin/ping -c1 leader.mesos\n", | |
| " ExecStartPre=/opt/mesosphere/bin/cfn-signal\n", | |
| " ExecStart=/usr/bin/touch /var/lib/dcos-cfn-signal\n", | |
| " \"path\": |-\n", | |
| " /etc/systemd/system/dcos-cfn-signal.service\n", | |
| " \"permissions\": |-\n", | |
| " 0644\n", | |
| "- \"content\": \"\"\n", | |
| " \"path\": |-\n", | |
| " /etc/mesosphere/roles/slave_public\n", | |
| "- \"content\": \"\"\n", | |
| " \"path\": |-\n", | |
| " /etc/mesosphere/roles/aws\n" | |
| ] | |
| ] | |
| } | |
| }, | |
| "SecurityGroups":[ | |
| { | |
| "Ref":"PublicAgentSecurityGroup" | |
| } | |
| ], | |
| "BlockDeviceMappings":[ | |
| { | |
| "DeviceName":"/dev/sdb", | |
| "VirtualName":"ephemeral0" | |
| } | |
| ], | |
| "AssociatePublicIpAddress":"true", | |
| "IamInstanceProfile":{ | |
| "Ref":"PublicAgentInstanceProfile" | |
| }, | |
| "KeyName":{ | |
| "Ref":"KeyName" | |
| }, | |
| "ImageId":{ | |
| "Fn::If":[ | |
| "UseCustomAMI", | |
| { | |
| "Ref":"CustomAMI" | |
| }, | |
| { | |
| "Fn::FindInMap":[ | |
| "RegionToAmi", | |
| { | |
| "Ref":"AWS::Region" | |
| }, | |
| "el7" | |
| ] | |
| } | |
| ] | |
| } | |
| } | |
| }, | |
| "PublicAgentServerGroup":{ | |
| "Type":"AWS::AutoScaling::AutoScalingGroup", | |
| "Properties":{ | |
| "LaunchConfigurationName":{ | |
| "Ref":"PublicAgentLaunchConfig" | |
| }, | |
| "LoadBalancerNames":[ | |
| { | |
| "Ref":"PublicAgentLoadBalancer" | |
| } | |
| ], | |
| "MinSize":{ | |
| "Ref":"PublicAgentInstanceCount" | |
| }, | |
| "MaxSize":{ | |
| "Ref":"PublicAgentInstanceCount" | |
| }, | |
| "VPCZoneIdentifier":[ | |
| { | |
| "Ref":"PublicSubnet" | |
| } | |
| ], | |
| "Tags":[ | |
| { | |
| "Value":"mesos-public-agent", | |
| "PropagateAtLaunch":"true", | |
| "Key":"role" | |
| } | |
| ], | |
| "DesiredCapacity":{ | |
| "Ref":"PublicAgentInstanceCount" | |
| } | |
| }, | |
| "CreationPolicy":{ | |
| "ResourceSignal":{ | |
| "Count":{ | |
| "Ref":"PublicAgentInstanceCount" | |
| }, | |
| "Timeout":{ | |
| "Fn::FindInMap":[ | |
| "Parameters", | |
| "StackCreationTimeout", | |
| "default" | |
| ] | |
| } | |
| } | |
| } | |
| } | |
| }, | |
| "AWSTemplateFormatVersion":"2010-09-09" | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment