Skip to content

Instantly share code, notes, and snippets.

@whytewolf

whytewolf/gist:1989155f49467edc7c7c Secret

Created December 24, 2015 20:02
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save whytewolf/1989155f49467edc7c7c to your computer and use it in GitHub Desktop.
Save whytewolf/1989155f49467edc7c7c to your computer and use it in GitHub Desktop.
Download ZIP
Raw
gistfile1.txt
heat_template_version: 2014-05-06
description: >
HOT template to create a www application stack.
parameters:
zabbix_host:
type: string
default: "mon.devops.wolfcloud.bad4.us"
description: Host/IP of the zabbix host to be used for Monitoring
salt_host:
type: string
default: "salt.devops.wolfcloud.bad4.us"
description: Salt host to be used for Remote administration
proxy_host:
type: string
default: "10.43.2.1342"
description: IP of the proxy host to be used for package downloading
proxy_port:
type: string
default: "3128"
description: tcp port number of the proxy host to be used for package downloading
no_proxy:
type: string
default: "1.0.0.0/8,localhost,127.0.0.1/32"
description: Subnets for which the proxy is not to be used
internal_domain_name:
type: string
default: "internal.platform.devops.wolfcloud.bad4.us"
description: The fqdn value for this deployed environment
external_domain_name:
type: string
default: "platform.devops.wolfcloud.bad4.us"
description: The external fqdn value for this deployed environment
subdomain_name:
type: string
description: The subdomain value to be used to distinguish this as a unique domain
constraints:
- length: { min: 3, max: 25 }
description: Subdomain should be atleast 3 character characters
- allowed_pattern: "[a-z]+[a-z0-9]*"
description: Subdomain should be in lowercase and starts with character.
dns_nameserver1:
type: string
default: "10.222.230.169"
description: DNS1 IP Address
dns_nameserver2:
type: string
default: "10.222.230.150"
description: DNS2 IP Address
key_name:
type: string
description: Name of keypair to assign to servers
image:
type: string
default: "Ubuntu Precise x86-64 20140214"
description: Name of image to use for servers
flavor:
type: string
default: "m1.small"
description: Flavor to use for servers
public_net_id:
type: string
default: "1d1b254f-b831-4324-a111-2f1143ecd2c6"
description: >
ID of public network for which floating IP addresses will be allocated
dmz_net_id:
type: string
description: >
Network ID of the dmz network
internal_net_id:
type: string
description: >
Network ID of the internal network
dmz_subnet_id:
type: string
description: >
Subnet ID of the dmz network
internal_subnet_id:
type: string
description: >
Subnet ID of the internal network
www_volume_size:
type: number
description: Size of the volume to be created.
default: 60
constraints:
- range: { min: 20, max: 1024 }
description: must be between 1 and 1024 Gb.
resources:
www_sg:
type: OS::Neutron::SecurityGroup
properties:
name: www_sg
description: WWW Security Rules
rules:
- protocol: tcp
port_range_min: 22
port_range_max: 22
- protocol: tcp
port_range_min: 80
port_range_max: 80
- protocol: tcp
port_range_min: 443
port_range_max: 443
- protocol: tcp
port_range_min: 8000
port_range_max: 8000
- protocol: tcp
port_range_min: 8080
port_range_max: 8080
- protocol: tcp
port_range_min: 8181
port_range_max: 8181
- protocol: icmp
www_server:
type: OS::Nova::Server
properties:
name: www
image: { get_param: image }
flavor: { get_param: flavor }
key_name: { get_param: key_name }
networks:
- port: { get_resource: www_server_port }
user_data:
str_replace:
template: |
#!/bin/bash -v
echo `/sbin/ifconfig eth0 | grep 'inet addr:' | cut -d: -f2 | awk '{ print $1}'` `hostname` >> /etc/hosts
echo "# Automatically created resolv.conf file using HEAT" > /etc/resolv.conf
echo "nameserver $dns_nameserver1" >> /etc/resolv.conf
echo "nameserver $dns_nameserver2" >> /etc/resolv.conf
echo "search $subdomain_name.$internal_domain_name" >> /etc/resolv.conf
sed -i "s/\/ec2-user\:\/bin\/sh/\/ec2-user\:\/bin\/bash/g" /etc/passwd
echo "http_proxy=http://$proxy_host:$proxy_port" >> /etc/environment
echo "HTTP_PROXY=http://$proxy_host:$proxy_port" >> /etc/environment
echo "https_proxy=http://$proxy_host:$proxy_port" >> /etc/environment
echo "HTTPS_PROXY=http://$proxy_host:$proxy_port" >> /etc/environment
echo "no_proxy=$no_proxy" >> /etc/environment
echo "NO_PROXY=$no_proxy" >> /etc/environment
echo "Acquire::http::proxy \"http://$proxy_host:$proxy_port\";" > /etc/apt/apt.conf
echo "Acquire::https::proxy \"http://$proxy_host:$proxy_port\";" >> /etc/apt/apt.conf
echo -e "server $dns_nameserver1\nzone $external_domain_name\nupdate delete `hostname`.$subdomain_name.$external_domain_name\nupdate add `hostname`.$subdomain_name.$external_domain_name. 60 A `curl http://169.254.169.254/latest/meta-data/public-ipv4/`\nsend" | nsupdate -y $external_domain_name:$dnsseckey_external
echo -e "server $dns_nameserver1\nzone $internal_domain_name\nupdate delete `hostname`.$subdomain_name.$internal_domain_name\nupdate add `hostname`.$subdomain_name.$internal_domain_name. 60 A `/sbin/ifconfig eth0 | grep 'inet addr:' | cut -d: -f2 | awk '{ print $1}'`\nsend" | nsupdate -y $internal_domain_name:$dnsseckey_internal
sleep 60
sudo wget http://repo.zabbix.com/zabbix/2.2/ubuntu/pool/main/z/zabbix-release/zabbix-release_2.2-1+precise_all.deb
sudo dpkg -i zabbix-release_2.2-1+precise_all.deb
sudo apt-get -y update
sudo apt-get -y install zabbix-agent
sudo sed -i 's/^# EnableRemoteCommands=0/EnableRemoteCommands=1/g' /etc/zabbix/zabbix_agentd.conf
sudo sed -i 's/^Server=.*/Server=$zabbix_host/g' /etc/zabbix/zabbix_agentd.conf
sudo sed -i 's/^ServerActive=.*/ServerActive=$zabbix_host/g' /etc/zabbix/zabbix_agentd.conf
sudo sed -i 's/^Hostname=.*/Hostname='`hostname`'.$subdomain_name.$internal_domain_name/g' /etc/zabbix/zabbix_agentd.conf
sudo service zabbix-agent restart
sudo apt-get -y install python-software-properties
sudo add-apt-repository -y ppa:saltstack/salt
sudo apt-get -y update
sudo apt-get -y install salt-minion
sudo sed -i 's/^\#master\:.*/master\: $salt_host/g' /etc/salt/minion
sudo echo -e "`hostname`.$subdomain_name.$internal_domain_name" > /etc/salt/minion_id
sudo service salt-minion restart
wget https://apt.puppetlabs.com/puppetlabs-release-precise.deb
dpkg -i puppetlabs-release-precise.deb
apt-get -y update
apt-get -y install puppet unzip curl git
cd /tmp
git clone http://systems.stash.igt.com/scm/pip/arcus.git --recurse-submodules
cd arcus
git checkout feature/devopsvm
cd /tmp/arcus/micro
./papply.sh edge `hostname`
params:
$proxy_host: { get_param: proxy_host }
$proxy_port: { get_param: proxy_port }
$no_proxy: { get_param: no_proxy }
$dns_nameserver1: { get_param: dns_nameserver1 }
$dns_nameserver2: { get_param: dns_nameserver2 }
$internal_domain_name: { get_param: internal_domain_name }
$external_domain_name: { get_param: external_domain_name }
$subdomain_name: { get_param: subdomain_name }
$zabbix_host: { get_param: zabbix_host }
$salt_host: { get_param: salt_host }
www_server_port:
type: OS::Neutron::Port
properties:
network_id: { get_param: dmz_net_id }
fixed_ips:
- subnet_id: { get_param: dmz_subnet_id }
security_groups:
- { get_resource: www_sg }
www_server_floating_ip:
type: OS::Neutron::FloatingIP
properties:
floating_network_id: { get_param: public_net_id }
port_id: { get_resource: www_server_port }
www_volume:
type: OS::Cinder::Volume
properties:
size: { get_param: www_volume_size }
www_volume_attachment:
type: OS::Cinder::VolumeAttachment
properties:
volume_id: { get_resource: www_volume }
instance_uuid: { get_resource: www_server }
mountpoint: /dev/vdc
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment