b2e15ce1f7
Remove F16 as it's EOL, update with F18 as it's the current version. Leave the default as F17 for now in all except the Openshift templates (because Openshift doesn't work on F17, although these templates are currently broken anyway..) fixes bug 1154121 Change-Id: Ia95e6bfb4a15e355dfb0051d57f5b70a408551c6
228 lines
8.5 KiB
Plaintext
228 lines
8.5 KiB
Plaintext
{
|
|
"AWSTemplateFormatVersion" : "2010-09-09",
|
|
|
|
"Description": "Sample template to bring up Puppet Master instance that can be used to bootstrap and manage Puppet Clients. The Puppet Master is populated from an embedded template that defines the set of applications to load. **WARNING** This template creates one or more Amazon EC2 instances. You will be billed for the AWS resources used if you create a stack from this template.",
|
|
|
|
"Parameters" : {
|
|
"InstanceType" : {
|
|
"Description" : "WebServer EC2 instance type",
|
|
"Type" : "String",
|
|
"Default" : "m1.large",
|
|
"AllowedValues" : [ "t1.micro","m1.small","m1.medium","m1.large","m1.xlarge","m2.xlarge","m2.2xlarge","m2.4xlarge","c1.medium","c1.xlarge","cc1.4xlarge","cc2.8xlarge","cg1.4xlarge"],
|
|
"ConstraintDescription" : "must be a valid EC2 instance type."
|
|
},
|
|
"KeyName" : {
|
|
"Description" : "Name of an existing EC2 KeyPair to enable SSH access to the PuppetMaster",
|
|
"Type" : "String"
|
|
},
|
|
"ContentManifest" : {
|
|
"Default" : "/wordpress/: { include wordpress }",
|
|
"Description" : "Manifest of roles to add to nodes.pp",
|
|
"Type" : "String"
|
|
},
|
|
"ContentLocation" : {
|
|
"Default" : "https://s3.amazonaws.com/cloudformation-examples/wordpress-puppet-config.tar.gz",
|
|
"Description" : "Location of package (Zip, GZIP or Git repository URL) that includes the PuppetMaster content",
|
|
"Type" : "String"
|
|
},
|
|
"LinuxDistribution": {
|
|
"Default": "F17",
|
|
"Description" : "Distribution of choice",
|
|
"Type": "String",
|
|
"AllowedValues" : [ "F18", "F17", "U10", "RHEL-6.1", "RHEL-6.2", "RHEL-6.3" ]
|
|
}
|
|
},
|
|
"Mappings" : {
|
|
"AWSInstanceType2Arch" : {
|
|
"t1.micro" : { "Arch" : "32" },
|
|
"m1.small" : { "Arch" : "32" },
|
|
"m1.large" : { "Arch" : "64" },
|
|
"m1.xlarge" : { "Arch" : "64" },
|
|
"m2.xlarge" : { "Arch" : "64" },
|
|
"m2.2xlarge" : { "Arch" : "64" },
|
|
"m2.4xlarge" : { "Arch" : "64" },
|
|
"c1.medium" : { "Arch" : "32" },
|
|
"c1.xlarge" : { "Arch" : "64" },
|
|
"cc1.4xlarge" : { "Arch" : "64" }
|
|
},
|
|
"DistroArch2AMI": {
|
|
"F18" : { "32" : "F18-i386-cfntools", "64" : "F18-x86_64-cfntools" },
|
|
"F17" : { "32" : "F17-i386-cfntools", "64" : "F17-x86_64-cfntools" },
|
|
"U10" : { "32" : "U10-i386-cfntools", "64" : "U10-x86_64-cfntools" },
|
|
"RHEL-6.1" : { "32" : "rhel61-i386-cfntools", "64" : "rhel61-x86_64-cfntools" },
|
|
"RHEL-6.2" : { "32" : "rhel62-i386-cfntools", "64" : "rhel62-x86_64-cfntools" },
|
|
"RHEL-6.3" : { "32" : "rhel63-i386-cfntools", "64" : "rhel63-x86_64-cfntools" }
|
|
}
|
|
},
|
|
"Resources" : {
|
|
"CFNInitUser" : {
|
|
"Type" : "AWS::IAM::User"
|
|
},
|
|
|
|
"CFNKeys" : {
|
|
"Type" : "AWS::IAM::AccessKey",
|
|
"Properties" : {
|
|
"UserName" : { "Ref": "CFNInitUser" }
|
|
}
|
|
},
|
|
|
|
"PuppetMasterInstance" : {
|
|
"Type" : "AWS::EC2::Instance",
|
|
"Metadata" : {
|
|
"AWS::CloudFormation::Init" : {
|
|
"config" : {
|
|
"packages" : {
|
|
"yum" : {
|
|
"puppet" : [],
|
|
"puppet-server" : [],
|
|
"ruby-devel" : [],
|
|
"gcc" : [],
|
|
"make" : [],
|
|
"rubygems" : []
|
|
},
|
|
"rubygems" : {
|
|
"json" : []
|
|
}
|
|
},
|
|
"sources" : {
|
|
"/etc/puppet" : { "Ref" : "ContentLocation" }
|
|
},
|
|
"files" : {
|
|
"/etc/yum.repos.d/epel.repo" : {
|
|
"source" : "https://s3.amazonaws.com/cloudformation-examples/enable-epel-on-amazon-linux-ami",
|
|
"mode" : "000644",
|
|
"owner" : "root",
|
|
"group" : "root"
|
|
},
|
|
"/etc/puppet/autosign.conf" : {
|
|
"content" : "*.internal\n",
|
|
"mode" : "100644",
|
|
"owner" : "root",
|
|
"group" : "wheel"
|
|
},
|
|
"/etc/puppet/fileserver.conf" : {
|
|
"content" : "[modules]\n allow *.internal\n",
|
|
"mode" : "100644",
|
|
"owner" : "root",
|
|
"group" : "wheel"
|
|
},
|
|
"/etc/puppet/puppet.conf" : {
|
|
"content" : { "Fn::Join" : ["", [
|
|
"[main]\n",
|
|
" logdir=/var/log/puppet\n",
|
|
" rundir=/var/run/puppet\n",
|
|
" ssldir=$vardir/ssl\n",
|
|
" pluginsync=true\n",
|
|
"[agent]\n",
|
|
" classfile=$vardir/classes.txt\n",
|
|
" localconfig=$vardir/localconfig\n"]] },
|
|
"mode" : "000644",
|
|
"owner" : "root",
|
|
"group" : "root"
|
|
},
|
|
"/etc/puppet/modules/cfn/manifests/init.pp" : {
|
|
"content" : "class cfn {}",
|
|
"mode" : "100644",
|
|
"owner" : "root",
|
|
"group" : "wheel"
|
|
},
|
|
"/etc/puppet/modules/cfn/lib/facter/cfn.rb" : {
|
|
"source" : "https://s3.amazonaws.com/cloudformation-examples/cfn-facter-plugin.rb",
|
|
"mode" : "100644",
|
|
"owner" : "root",
|
|
"group" : "wheel"
|
|
},
|
|
"/etc/puppet/manifests/nodes.pp" : {
|
|
"content" : {"Fn::Join" : ["", [
|
|
"node basenode {\n",
|
|
" include cfn\n",
|
|
"}\n",
|
|
"node /^.*internal$/ inherits basenode {\n",
|
|
" case $cfn_roles {\n",
|
|
" ", { "Ref" : "ContentManifest" }, "\n",
|
|
" }\n",
|
|
"}\n"]]},
|
|
"mode" : "100644",
|
|
"owner" : "root",
|
|
"group" : "wheel"
|
|
},
|
|
"/etc/puppet/manifests/site.pp" : {
|
|
"content" : "import \"nodes\"\n",
|
|
"mode" : "100644",
|
|
"owner" : "root",
|
|
"group" : "wheel"
|
|
}
|
|
},
|
|
"services" : {
|
|
"sysvinit" : {
|
|
"puppetmaster" : {
|
|
"enabled" : "true",
|
|
"ensureRunning" : "true"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"Properties" : {
|
|
"InstanceType" : { "Ref" : "InstanceType" },
|
|
"SecurityGroups" : [ { "Ref" : "PuppetGroup" } ],
|
|
"ImageId" : { "Fn::FindInMap" : [ "DistroArch2AMI", { "Ref" : "LinuxDistribution" },
|
|
{ "Fn::FindInMap" : [ "AWSInstanceType2Arch", { "Ref" : "InstanceType" }, "Arch" ] } ] },
|
|
"KeyName" : { "Ref" : "KeyName" },
|
|
"UserData" : { "Fn::Base64" : { "Fn::Join" : ["", [
|
|
"#!/bin/bash\n",
|
|
"yum update -y aws-cfn-bootstrap\n",
|
|
|
|
"/opt/aws/bin/cfn-init --region ", { "Ref" : "AWS::Region" },
|
|
" -s ", { "Ref" : "AWS::StackName" }, " -r PuppetMasterInstance ",
|
|
" --access-key ", { "Ref" : "CFNKeys" },
|
|
" --secret-key ", { "Fn::GetAtt" : ["CFNKeys", "SecretAccessKey"]}, "\n",
|
|
"/opt/aws/bin/cfn-signal -e $? '", { "Ref" : "PuppetMasterWaitHandle" }, "'\n"]]}}
|
|
}
|
|
},
|
|
|
|
"EC2SecurityGroup" : {
|
|
"Type" : "AWS::EC2::SecurityGroup",
|
|
"Properties" : {
|
|
"GroupDescription" : "Group for clients to communicate with Puppet Master"
|
|
}
|
|
},
|
|
|
|
"PuppetGroup" : {
|
|
"Type" : "AWS::EC2::SecurityGroup",
|
|
"Properties" : {
|
|
"GroupDescription" : "Group for puppet communication",
|
|
"SecurityGroupIngress" : [
|
|
{ "IpProtocol" : "tcp", "FromPort" : "8140", "ToPort" : "8140", "CidrIp": "0.0.0.0/0"},
|
|
{ "IpProtocol" : "tcp", "FromPort": "22", "ToPort": "22", "CidrIp": "0.0.0.0/0" }
|
|
]
|
|
}
|
|
},
|
|
|
|
"PuppetMasterWaitHandle" : {
|
|
"Type" : "AWS::CloudFormation::WaitConditionHandle"
|
|
},
|
|
|
|
"PuppetMasterWaitCondition" : {
|
|
"Type" : "AWS::CloudFormation::WaitCondition",
|
|
"DependsOn" : "PuppetMasterInstance",
|
|
"Properties" : {
|
|
"Handle" : { "Ref" : "PuppetMasterWaitHandle" },
|
|
"Timeout" : "600"
|
|
}
|
|
}
|
|
},
|
|
|
|
"Outputs" : {
|
|
"PuppetMasterDNSName" : {
|
|
"Value" : { "Fn::GetAtt" : [ "PuppetMasterInstance", "PrivateDnsName" ] },
|
|
"Description" : "DNS Name of PuppetMaster"
|
|
},
|
|
"PuppetClientSecurityGroup" : {
|
|
"Value" : { "Ref" : "EC2SecurityGroup" },
|
|
"Description" : "Clients of the Puppet Master should be part of this security group"
|
|
}
|
|
}
|
|
}
|