Skip to content

Instantly share code, notes, and snippets.

@wellsie

wellsie/gist:7be4f8e536f53b567e0b

Forked from tjcorr/gist:3baf86051471062b2fb7
Last active June 7, 2017 10:49
Show Gist options
  • Save wellsie/7be4f8e536f53b567e0b to your computer and use it in GitHub Desktop.
Save wellsie/7be4f8e536f53b567e0b to your computer and use it in GitHub Desktop.
Download ZIP
CloudFormation to demo etcd-aws-cluster
Raw
gistfile1.json
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "An etcd cluster based off an auto scaling group",
"Mappings" : {
"RegionMap" : {
"eu-central-1" : {
"AMI" : "ami-ffafb293"
},
"ap-northeast-1" : {
"AMI" : "ami-dae8c1b4"
},
"us-gov-west-1" : {
"AMI" : "ami-a98e33c8"
},
"sa-east-1" : {
"AMI" : "ami-4e981c22"
},
"ap-southeast-2" : {
"AMI" : "ami-eeadf58d"
},
"ap-southeast-1" : {
"AMI" : "ami-085a9a6b"
},
"us-east-1" : {
"AMI" : "ami-cbfdb2a1"
},
"us-west-2" : {
"AMI" : "ami-16cfd277"
},
"us-west-1" : {
"AMI" : "ami-0eacc46e"
},
"eu-west-1" : {
"AMI" : "ami-c26bcab1"
}
}
},
"Parameters": {
"InstanceType" : {
"Description" : "EC2 HVM instance type (m3.medium, etc).",
"Type" : "String",
"Default" : "m3.medium",
"ConstraintDescription" : "Must be a valid EC2 HVM instance type."
},
"ClusterSize": {
"Default": "3",
"MinValue": "3",
"MaxValue": "9",
"Description": "Number of nodes in cluster (3-9).",
"Type": "Number"
},
"ProxyClusterSize": {
"Default": "1",
"MinValue": "0",
"MaxValue": "9",
"Description": "Number of nodes in cluster (0-9).",
"Type": "Number"
},
"AdvertisedIPAddress": {
"Description": "Use 'private' if your etcd cluster is within one region or 'public' if it spans regions or cloud providers.",
"Default": "private",
"AllowedValues": ["private", "public"],
"Type": "String"
},
"AllowSSHFrom": {
"Description": "The net block (CIDR) that SSH is available to.",
"Default": "0.0.0.0/0",
"Type": "String"
},
"KeyPair" : {
"Description" : "The name of an EC2 Key Pair to allow SSH access to the instance.",
"Type" : "String"
}
},
"Resources": {
"CoreOSSecurityGroup": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"GroupDescription": "CoreOS SecurityGroup",
"SecurityGroupIngress": [
{"IpProtocol": "tcp", "FromPort": "22", "ToPort": "22", "CidrIp": {"Ref": "AllowSSHFrom"}}
]
}
},
"Ingress2379": {
"Type": "AWS::EC2::SecurityGroupIngress",
"Properties": {
"GroupName": {"Ref": "CoreOSSecurityGroup"}, "IpProtocol": "tcp", "FromPort": "2379", "ToPort": "2379", "SourceSecurityGroupId": {
"Fn::GetAtt" : [ "CoreOSSecurityGroup", "GroupId" ]
}
}
},
"Ingress2380": {
"Type": "AWS::EC2::SecurityGroupIngress",
"Properties": {
"GroupName": {"Ref": "CoreOSSecurityGroup"}, "IpProtocol": "tcp", "FromPort": "2380", "ToPort": "2380", "SourceSecurityGroupId": {
"Fn::GetAtt" : [ "CoreOSSecurityGroup", "GroupId" ]
}
}
},
"cliROrole": {
"Type": "AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": [
"ec2.amazonaws.com"
]
},
"Action": [
"sts:AssumeRole"
]
}
]
},
"Policies": [
{
"PolicyName": "CLIROAccess",
"PolicyDocument": {
"Statement": [
{
"Effect": "Allow",
"Action": [
"ec2:Describe*"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"autoscaling:Describe*"
],
"Resource": "*"
}
]
}
}
],
"Path": "/"
}
},
"CLIROAccessProfile": {
"Type": "AWS::IAM::InstanceProfile",
"Properties": {
"Path": "/",
"Roles": [
{
"Ref": "cliROrole"
}
]
}
},
"CoreOSServerAutoScale": {
"Type": "AWS::AutoScaling::AutoScalingGroup",
"Properties": {
"AvailabilityZones": {"Fn::GetAZs": ""},
"LaunchConfigurationName": {"Ref": "CoreOSServerLaunchConfig"},
"MinSize": "3",
"MaxSize": "9",
"DesiredCapacity": {"Ref": "ClusterSize"},
"Tags": [
{"Key": "Name", "Value": { "Ref" : "AWS::StackName" }, "PropagateAtLaunch": true}
]
}
},
"CoreOSServerLaunchConfig": {
"Type": "AWS::AutoScaling::LaunchConfiguration",
"Properties": {
"ImageId" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "AMI" ]},
"InstanceType": {"Ref": "InstanceType"},
"KeyName": {"Ref": "KeyPair"},
"SecurityGroups": [{"Ref": "CoreOSSecurityGroup"}],
"IamInstanceProfile": {"Ref": "CLIROAccessProfile"},
"UserData" : { "Fn::Base64":
{ "Fn::Join": [ "", [
"#cloud-config\n\n",
"coreos:\n",
" etcd2:\n",
" advertise-client-urls: http://$", { "Ref": "AdvertisedIPAddress" }, "_ipv4:2379\n",
" initial-advertise-peer-urls: http://$", { "Ref": "AdvertisedIPAddress" }, "_ipv4:2380\n",
" listen-client-urls: http://0.0.0.0:2379\n",
" listen-peer-urls: http://$", { "Ref": "AdvertisedIPAddress" }, "_ipv4:2380\n",
" units:\n",
" - name: etcd2.service\n",
" command: stop\n",
" - name: etcd-peers.service\n",
" command: start\n",
" content: |\n",
" [Unit]\n",
" Description=Write a file with the etcd peers that we should bootstrap to\n",
" [Service]\n",
" Restart=on-failure\n",
" RestartSec=10\n",
" ExecStartPre=/usr/bin/docker pull monsantoco/etcd-aws-cluster:latest\n",
" ExecStartPre=/usr/bin/docker run --rm=true -v /etc/sysconfig/:/etc/sysconfig/ monsantoco/etcd-aws-cluster:latest\n",
" ExecStart=/usr/bin/systemctl start etcd2\n",
" - name: fleet.service\n",
" command: start\n",
"write_files:\n",
" - path: /etc/systemd/system/etcd2.service.d/30-etcd_peers.conf\n",
" permissions: 0644\n",
" content: |\n",
" [Service]\n",
" # Load the other hosts in the etcd leader autoscaling group from file\n",
" EnvironmentFile=/etc/sysconfig/etcd-peers\n"
] ]
}
}
}
},
"CoreOSProxyAutoScale": {
"Type": "AWS::AutoScaling::AutoScalingGroup",
"Properties": {
"AvailabilityZones": {"Fn::GetAZs": ""},
"LaunchConfigurationName": {"Ref": "CoreOSProxyLaunchConfig"},
"MinSize": "0",
"MaxSize": "9",
"DesiredCapacity": {"Ref": "ProxyClusterSize"},
"Tags": [
{"Key": "Name", "Value": { "Ref" : "AWS::StackName" }, "PropagateAtLaunch": true}
]
}
},
"CoreOSProxyLaunchConfig": {
"Type": "AWS::AutoScaling::LaunchConfiguration",
"Properties": {
"ImageId" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "AMI" ]},
"InstanceType": {"Ref": "InstanceType"},
"KeyName": {"Ref": "KeyPair"},
"SecurityGroups": [{"Ref": "CoreOSSecurityGroup"}],
"IamInstanceProfile": {"Ref": "CLIROAccessProfile"},
"UserData" : { "Fn::Base64":
{ "Fn::Join": [ "", [
"#cloud-config\n\n",
"coreos:\n",
" etcd2:\n",
" advertise-client-urls: http://$", { "Ref": "AdvertisedIPAddress" }, "_ipv4:2379\n",
" initial-advertise-peer-urls: http://$", { "Ref": "AdvertisedIPAddress" }, "_ipv4:2380\n",
" listen-client-urls: http://0.0.0.0:2379\n",
" listen-peer-urls: http://$", { "Ref": "AdvertisedIPAddress" }, "_ipv4:2380\n",
" units:\n",
" - name: etcd2.service\n",
" command: stop\n",
" - name: etcd-peers.service\n",
" command: start\n",
" content: |\n",
" [Unit]\n",
" Description=Write a file with the etcd peers that we should bootstrap to\n",
" [Service]\n",
" Restart=on-failure\n",
" RestartSec=10\n",
" ExecStartPre=/usr/bin/docker pull monsantoco/etcd-aws-cluster:latest\n",
" ExecStartPre=/usr/bin/docker run -e PROXY_ASG=", { "Ref": "CoreOSServerAutoScale" } ," --rm=true -v /etc/sysconfig/:/etc/sysconfig/ monsantoco/etcd-aws-cluster:latest\n",
" ExecStart=/usr/bin/systemctl start etcd2\n",
" - name: fleet.service\n",
" command: start\n",
"write_files:\n",
" - path: /etc/systemd/system/etcd2.service.d/30-etcd_peers.conf\n",
" permissions: 0644\n",
" content: |\n",
" [Service]\n",
" # Load the other hosts in the etcd leader autoscaling group from file\n",
" EnvironmentFile=/etc/sysconfig/etcd-peers\n"
] ]
}
}
}
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment