-
-
Save whytewolf/1989155f49467edc7c7c to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
heat_template_version: 2014-05-06 | |
description: > | |
HOT template to create a www application stack. | |
parameters: | |
zabbix_host: | |
type: string | |
default: "mon.devops.wolfcloud.bad4.us" | |
description: Host/IP of the zabbix host to be used for Monitoring | |
salt_host: | |
type: string | |
default: "salt.devops.wolfcloud.bad4.us" | |
description: Salt host to be used for Remote administration | |
proxy_host: | |
type: string | |
default: "10.43.2.1342" | |
description: IP of the proxy host to be used for package downloading | |
proxy_port: | |
type: string | |
default: "3128" | |
description: tcp port number of the proxy host to be used for package downloading | |
no_proxy: | |
type: string | |
default: "1.0.0.0/8,localhost,127.0.0.1/32" | |
description: Subnets for which the proxy is not to be used | |
internal_domain_name: | |
type: string | |
default: "internal.platform.devops.wolfcloud.bad4.us" | |
description: The fqdn value for this deployed environment | |
external_domain_name: | |
type: string | |
default: "platform.devops.wolfcloud.bad4.us" | |
description: The external fqdn value for this deployed environment | |
subdomain_name: | |
type: string | |
description: The subdomain value to be used to distinguish this as a unique domain | |
constraints: | |
- length: { min: 3, max: 25 } | |
description: Subdomain should be atleast 3 character characters | |
- allowed_pattern: "[a-z]+[a-z0-9]*" | |
description: Subdomain should be in lowercase and starts with character. | |
dns_nameserver1: | |
type: string | |
default: "10.222.230.169" | |
description: DNS1 IP Address | |
dns_nameserver2: | |
type: string | |
default: "10.222.230.150" | |
description: DNS2 IP Address | |
key_name: | |
type: string | |
description: Name of keypair to assign to servers | |
image: | |
type: string | |
default: "Ubuntu Precise x86-64 20140214" | |
description: Name of image to use for servers | |
flavor: | |
type: string | |
default: "m1.small" | |
description: Flavor to use for servers | |
public_net_id: | |
type: string | |
default: "1d1b254f-b831-4324-a111-2f1143ecd2c6" | |
description: > | |
ID of public network for which floating IP addresses will be allocated | |
dmz_net_id: | |
type: string | |
description: > | |
Network ID of the dmz network | |
internal_net_id: | |
type: string | |
description: > | |
Network ID of the internal network | |
dmz_subnet_id: | |
type: string | |
description: > | |
Subnet ID of the dmz network | |
internal_subnet_id: | |
type: string | |
description: > | |
Subnet ID of the internal network | |
www_volume_size: | |
type: number | |
description: Size of the volume to be created. | |
default: 60 | |
constraints: | |
- range: { min: 20, max: 1024 } | |
description: must be between 1 and 1024 Gb. | |
resources: | |
www_sg: | |
type: OS::Neutron::SecurityGroup | |
properties: | |
name: www_sg | |
description: WWW Security Rules | |
rules: | |
- protocol: tcp | |
port_range_min: 22 | |
port_range_max: 22 | |
- protocol: tcp | |
port_range_min: 80 | |
port_range_max: 80 | |
- protocol: tcp | |
port_range_min: 443 | |
port_range_max: 443 | |
- protocol: tcp | |
port_range_min: 8000 | |
port_range_max: 8000 | |
- protocol: tcp | |
port_range_min: 8080 | |
port_range_max: 8080 | |
- protocol: tcp | |
port_range_min: 8181 | |
port_range_max: 8181 | |
- protocol: icmp | |
www_server: | |
type: OS::Nova::Server | |
properties: | |
name: www | |
image: { get_param: image } | |
flavor: { get_param: flavor } | |
key_name: { get_param: key_name } | |
networks: | |
- port: { get_resource: www_server_port } | |
user_data: | |
str_replace: | |
template: | | |
#!/bin/bash -v | |
echo `/sbin/ifconfig eth0 | grep 'inet addr:' | cut -d: -f2 | awk '{ print $1}'` `hostname` >> /etc/hosts | |
echo "# Automatically created resolv.conf file using HEAT" > /etc/resolv.conf | |
echo "nameserver $dns_nameserver1" >> /etc/resolv.conf | |
echo "nameserver $dns_nameserver2" >> /etc/resolv.conf | |
echo "search $subdomain_name.$internal_domain_name" >> /etc/resolv.conf | |
sed -i "s/\/ec2-user\:\/bin\/sh/\/ec2-user\:\/bin\/bash/g" /etc/passwd | |
echo "http_proxy=http://$proxy_host:$proxy_port" >> /etc/environment | |
echo "HTTP_PROXY=http://$proxy_host:$proxy_port" >> /etc/environment | |
echo "https_proxy=http://$proxy_host:$proxy_port" >> /etc/environment | |
echo "HTTPS_PROXY=http://$proxy_host:$proxy_port" >> /etc/environment | |
echo "no_proxy=$no_proxy" >> /etc/environment | |
echo "NO_PROXY=$no_proxy" >> /etc/environment | |
echo "Acquire::http::proxy \"http://$proxy_host:$proxy_port\";" > /etc/apt/apt.conf | |
echo "Acquire::https::proxy \"http://$proxy_host:$proxy_port\";" >> /etc/apt/apt.conf | |
echo -e "server $dns_nameserver1\nzone $external_domain_name\nupdate delete `hostname`.$subdomain_name.$external_domain_name\nupdate add `hostname`.$subdomain_name.$external_domain_name. 60 A `curl http://169.254.169.254/latest/meta-data/public-ipv4/`\nsend" | nsupdate -y $external_domain_name:$dnsseckey_external | |
echo -e "server $dns_nameserver1\nzone $internal_domain_name\nupdate delete `hostname`.$subdomain_name.$internal_domain_name\nupdate add `hostname`.$subdomain_name.$internal_domain_name. 60 A `/sbin/ifconfig eth0 | grep 'inet addr:' | cut -d: -f2 | awk '{ print $1}'`\nsend" | nsupdate -y $internal_domain_name:$dnsseckey_internal | |
sleep 60 | |
sudo wget http://repo.zabbix.com/zabbix/2.2/ubuntu/pool/main/z/zabbix-release/zabbix-release_2.2-1+precise_all.deb | |
sudo dpkg -i zabbix-release_2.2-1+precise_all.deb | |
sudo apt-get -y update | |
sudo apt-get -y install zabbix-agent | |
sudo sed -i 's/^# EnableRemoteCommands=0/EnableRemoteCommands=1/g' /etc/zabbix/zabbix_agentd.conf | |
sudo sed -i 's/^Server=.*/Server=$zabbix_host/g' /etc/zabbix/zabbix_agentd.conf | |
sudo sed -i 's/^ServerActive=.*/ServerActive=$zabbix_host/g' /etc/zabbix/zabbix_agentd.conf | |
sudo sed -i 's/^Hostname=.*/Hostname='`hostname`'.$subdomain_name.$internal_domain_name/g' /etc/zabbix/zabbix_agentd.conf | |
sudo service zabbix-agent restart | |
sudo apt-get -y install python-software-properties | |
sudo add-apt-repository -y ppa:saltstack/salt | |
sudo apt-get -y update | |
sudo apt-get -y install salt-minion | |
sudo sed -i 's/^\#master\:.*/master\: $salt_host/g' /etc/salt/minion | |
sudo echo -e "`hostname`.$subdomain_name.$internal_domain_name" > /etc/salt/minion_id | |
sudo service salt-minion restart | |
wget https://apt.puppetlabs.com/puppetlabs-release-precise.deb | |
dpkg -i puppetlabs-release-precise.deb | |
apt-get -y update | |
apt-get -y install puppet unzip curl git | |
cd /tmp | |
git clone http://systems.stash.igt.com/scm/pip/arcus.git --recurse-submodules | |
cd arcus | |
git checkout feature/devopsvm | |
cd /tmp/arcus/micro | |
./papply.sh edge `hostname` | |
params: | |
$proxy_host: { get_param: proxy_host } | |
$proxy_port: { get_param: proxy_port } | |
$no_proxy: { get_param: no_proxy } | |
$dns_nameserver1: { get_param: dns_nameserver1 } | |
$dns_nameserver2: { get_param: dns_nameserver2 } | |
$internal_domain_name: { get_param: internal_domain_name } | |
$external_domain_name: { get_param: external_domain_name } | |
$subdomain_name: { get_param: subdomain_name } | |
$zabbix_host: { get_param: zabbix_host } | |
$salt_host: { get_param: salt_host } | |
www_server_port: | |
type: OS::Neutron::Port | |
properties: | |
network_id: { get_param: dmz_net_id } | |
fixed_ips: | |
- subnet_id: { get_param: dmz_subnet_id } | |
security_groups: | |
- { get_resource: www_sg } | |
www_server_floating_ip: | |
type: OS::Neutron::FloatingIP | |
properties: | |
floating_network_id: { get_param: public_net_id } | |
port_id: { get_resource: www_server_port } | |
www_volume: | |
type: OS::Cinder::Volume | |
properties: | |
size: { get_param: www_volume_size } | |
www_volume_attachment: | |
type: OS::Cinder::VolumeAttachment | |
properties: | |
volume_id: { get_resource: www_volume } | |
instance_uuid: { get_resource: www_server } | |
mountpoint: /dev/vdc |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment