openstack/heat-templates
Code Issues Proposed changes
f9d687a9d7
heat-templates/openshift-origin/F18/OpenShift.template
Steven Dake a980af8e15 Make room for F19 OpenShift Origin Files 
Move F18 OpenShift origin files into the F18 directory

Change-Id: I3318347085a1e640839c41ab58e233835e185f49
2013-10-08 17:16:32 -07:00

324 lines
18 KiB
Plaintext
Raw Blame History

{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "Template for setting up an OpenShift Origin environment",
"Parameters": {
"KeyName": {
"Description": "Name of an existing EC2 KeyPair to enable SSH access to the instances",
"Type": "String",
"MinLength": "1",
"MaxLength": "64",
"AllowedPattern": "[-_ a-zA-Z0-9]*"
},
"Prefix": {
"Description": "Your DNS Prefix",
"Type": "String",
"Default": "example.com"
},
"UpstreamDNS": {
"Description": "Upstream DNS server",
"Type": "String",
"Default": "8.8.8.8"
}
},
"Mappings": {
"JeosImages": {
"Broker": {
"Image": "F18-x86_64-openshift-origin-broker-cfntools"
},
"Node": {
"Image": "F18-x86_64-openshift-origin-node-cfntools"
}
}
},
"Resources": {
"OpenShiftOriginSecurityGroup": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"GroupDescription": "Standard firewall rules",
"SecurityGroupIngress": [
{
"IpProtocol": "udp",
"FromPort": "53",
"ToPort": "53",
"CidrIp": "0.0.0.0/0"
},
{
"IpProtocol": "tcp",
"FromPort": "53",
"ToPort": "53",
"CidrIp": "0.0.0.0/0"
},
{
"IpProtocol": "tcp",
"FromPort": "22",
"ToPort": "22",
"CidrIp": "0.0.0.0/0"
},
{
"IpProtocol": "tcp",
"FromPort": "80",
"ToPort": "80",
"CidrIp": "0.0.0.0/0"
},
{
"IpProtocol": "tcp",
"FromPort": "443",
"ToPort": "443",
"CidrIp": "0.0.0.0/0"
},
{
"IpProtocol": "tcp",
"FromPort": "8000",
"ToPort": "8000",
"CidrIp": "0.0.0.0/0"
},
{
"IpProtocol": "tcp",
"FromPort": "8443",
"ToPort": "8443",
"CidrIp": "0.0.0.0/0"
}
]
}
},
"brokerWaitHandle": {
"Type": "AWS::CloudFormation::WaitConditionHandle"
},
"brokerWaitCondition": {
"Type": "AWS::CloudFormation::WaitCondition",
"DependsOn": "BrokerInstance",
"Properties": {
"Handle": {
"Ref": "brokerWaitHandle"
},
"Timeout": "6000"
}
},
"BrokerInstance": {
"Type": "AWS::EC2::Instance",
"Properties": {
"ImageId": {
"Fn::FindInMap": [ "JeosImages", "Broker", "Image" ]
},
"InstanceType": "m1.small",
"KeyName": {
"Ref": "KeyName"
},
"SecurityGroups": [
{
"Ref": "OpenShiftOriginSecurityGroup"
}
],
"Tags": [
{
"Key": "Name",
"Value": {
"Fn::Join": [ "-", [ "openshift", { "Ref": "Prefix" }, "broker" ] ]
}
}
],
"UserData": {
"Fn::Base64": {
"Fn::Join": [
"",
[
"#!/bin/bash -x\n",
"export PREFIX=", { "Ref": "Prefix" }, "\n",
"export UPSTREAM_DNS=", { "Ref": "UpstreamDNS" }, "\n",
"export BROKER_WAIT_HANDLE=\"", { "Ref": "brokerWaitHandle" }, "\"\n",
"/usr/sbin/dnssec-keygen -a HMAC-MD5 -b 512 -n USER -r /dev/urandom -K /var/named ${PREFIX}\n",
"export DNS_SEC_KEY=\"`cat /var/named/K${PREFIX}.*.key | awk '{print $8}'`\"\n",
"export EC2_INSTANCE_ID=\"`facter ec2_instance_id`\"\n",
"export IP_ADDRESS=\"`facter ipaddress`\"\n",
"cat << EOF > /root/configure.pp\n",
"\\$my_hostname=\"\\${ec2_instance_id}.${PREFIX}\"\n",
"file { \"update network settings - hostname\":", "\n",
" path => \"/etc/sysconfig/network\",\n",
" content => \"NETWORKING=yes\\nNETWORKING_IPV6=no\\nHOSTNAME=\\${my_hostname}\"\n",
"}\n",
"exec { \"set hostname\":\n",
" command => \"/bin/hostname \\${my_hostname} ; echo \\${my_hostname} > /etc/hostname\"\n",
"}\n",
"augeas{ \"etc hosts setup\" :\n",
" context => \"/files/etc/hosts\",\n",
" changes => [\n",
" \"set 01/ipaddr \\${ipaddress}\",\n",
" \"set 01/canonical \\${my_hostname}\",\n",
" ],\n",
"}\n",
"augeas{ \"network peerdns setup\" :\n",
" context => \"/files/etc/sysconfig/network-scripts/ifcfg-eth0\",\n",
" changes => [\n",
" \"set PEERDNS no\",\n",
" ],\n",
"}\n",
"class { 'openshift_origin' :\n",
" node_fqdn => \\$my_hostname,\n",
" cloud_domain => '${PREFIX}',\n",
" named_tsig_priv_key => '${DNS_SEC_KEY}',\n",
" dns_servers => ['${UPSTREAM_DNS}'],\n",
" os_unmanaged_users => ['ec2-user'],\n",
" enable_network_services => true,\n",
" configure_firewall => true,\n",
" configure_ntp => true,\n",
" configure_activemq => true,\n",
" configure_qpid => false,\n",
" configure_mongodb => true,\n",
" configure_named => true,\n",
" configure_broker => true,\n",
" configure_console => true,\n",
" configure_node => false,\n",
" development_mode => true,\n",
" named_ipaddress => \\$ipaddress,\n",
" mongodb_fqdn => \\$my_hostname,\n",
" mq_fqdn => \\$my_hostname,\n",
" broker_fqdn => \\$my_hostname,\n",
"}\n",
"EOF\n",
"mkdir -p /etc/puppet/modules\n",
"puppet module install openshift/openshift_origin", "\n",
"puppet apply --verbose /root/configure.pp | tee /var/log/configure_openshift.log", "\n",
"setsebool -P httpd_unified=on\n",
"service network restart | tee /var/log/configure_openshift.log;\n",
"service mongod restart | tee /var/log/configure_openshift.log;\n",
"service activemq restart | tee /var/log/configure_openshift.log;\n",
"service httpd restart | tee /var/log/configure_openshift.log;\n",
"service openshift-broker restart | tee /var/log/configure_openshift.log;\n",
"service openshift-console restart | tee /var/log/configure_openshift.log;\n",
"service named restart | tee /var/log/configure_openshift.log;\n",
"cat << EOF > /etc/resolv.conf\n",
"; generated by heat\n",
"search ${PREFIX}\n",
"nameserver 127.0.0.1\n",
"EOF\n",
"cat << _EOF > /root/nsupdate.cmd\n",
"key ${PREFIX} ${DNS_SEC_KEY}\n",
"server ${IP_ADDRESS} 53\n",
"update delete ${EC2_INSTANCE_ID}.${PREFIX} A\n",
"update add ${EC2_INSTANCE_ID}.${PREFIX} 180 A ${IP_ADDRESS}\n",
"send\n",
"_EOF\n",
"cat /root/nsupdate.cmd | nsupdate\n",
"setenforce 1\n",
"# All is well so signal success\n",
"/opt/aws/bin/cfn-signal -e 0 --data \"${DNS_SEC_KEY}\" -r \"Broker setup complete\" \"${BROKER_WAIT_HANDLE}\"\n"
]
]
}
}
}
},
"NodeInstance": {
"Type": "AWS::EC2::Instance",
"DependsOn": "brokerWaitCondition",
"Properties": {
"ImageId": {
"Fn::FindInMap": [ "JeosImages", "Node", "Image" ]
},
"InstanceType": "m1.small",
"KeyName": { "Ref": "KeyName" },
"SecurityGroups": [ { "Ref": "OpenShiftOriginSecurityGroup" } ],
"Tags": [ { "Key": "Name", "Value": { "Fn::Join": [ "-", [ "openshift", { "Ref": "Prefix" }, "node" ] ] } } ],
"UserData": {
"Fn::Base64": {
"Fn::Join": [
"",
[
"#!/bin/bash -x", "\n",
"export DNS_SEC_KEY=\"`python -c 'print ",{ "Fn::GetAtt": [ "brokerWaitCondition", "Data" ] },"[\"00000\"]'`\"\n",
"export BROKER_IP=", { "Fn::GetAtt": [ "BrokerInstance", "PublicIp" ] }, "\n",
"export PREFIX=", { "Ref": "Prefix" }, "\n",
"export EC2_INSTANCE_ID=\"`facter ec2_instance_id`\"\n",
"export IP_ADDRESS=\"`facter ipaddress`\"\n",
"cat << EOF > /root/configure.pp\n",
"\\$my_hostname=\"\\${ec2_instance_id}.${PREFIX}\"\n",
"file { \"update network settings - hostname\":", "\n",
" path => \"/etc/sysconfig/network\",\n",
" content => \"NETWORKING=yes\\nNETWORKING_IPV6=no\\nHOSTNAME=\\${my_hostname}\"\n",
"}\n",
"exec { \"set hostname\":\n",
" command => \"/bin/hostname \\${my_hostname} ; echo \\${my_hostname} > /etc/hostname\"\n",
"}\n",
"augeas{ \"etc hosts setup\" :\n",
" context => \"/files/etc/hosts\",\n",
" changes => [\n",
" \"set 01/ipaddr \\${ipaddress}\",\n",
" \"set 01/canonical \\${my_hostname}\",\n",
" ],\n",
"}\n",
"augeas{ \"network peerdns setup\" :\n",
" context => \"/files/etc/sysconfig/network-scripts/ifcfg-eth0\",\n",
" changes => [\n",
" \"set PEERDNS no\",\n",
" ],\n",
"}\n",
"class { \"openshift_origin\" :\n",
" node_fqdn => \\$my_hostname,\n",
" cloud_domain => '${PREFIX}',\n",
" named_tsig_priv_key => '${DNS_SEC_KEY}',\n",
" dns_servers => ['${BROKER_IP}'],\n",
" os_unmanaged_users => ['ec2-user'],\n",
" enable_network_services => true,\n",
" configure_firewall => true,\n",
" configure_ntp => true,\n",
" configure_activemq => false,\n",
" configure_qpid => false,\n",
" configure_mongodb => false,\n",
" configure_named => false,\n",
" configure_broker => false,\n",
" configure_console => false,\n",
" configure_node => true,\n",
" development_mode => true,\n",
" named_ipaddress => '${BROKER_IP}',\n",
" mongodb_fqdn => '${BROKER_IP}',\n",
" mq_fqdn => '${BROKER_IP}',\n",
" broker_fqdn => '${BROKER_IP}',\n",
"}\n",
"EOF\n",
"mkdir -p /etc/puppet/modules\n",
"puppet module install openshift/openshift_origin", "\n",
"puppet apply --verbose /root/configure.pp | tee /var/log/configure_openshift.log;", "\n",
"service network restart | tee /var/log/configure_openshift.log;\n",
"service cgconfig restart | tee /var/log/configure_openshift.log;\n",
"service cgred restart | tee /var/log/configure_openshift.log;\n",
"service openshift-cgroups restart | tee /var/log/configure_openshift.log;\n",
"service openshift-node-web-proxy restart | tee /var/log/configure_openshift.log;\n",
"service openshift-gears restart | tee /var/log/configure_openshift.log;\n",
"service openshift-port-proxy restart | tee /var/log/configure_openshift.log;\n",
"service mcollective restart | tee /var/log/configure_openshift.log;\n",
"service httpd restart | tee /var/log/configure_openshift.log;\n",
"service sshd restart | tee /var/log/configure_openshift.log;\n",
"cat << EOF > /etc/resolv.conf\n",
"; generated by heat\n",
"search ${PREFIX}\n",
"nameserver ${BROKER_IP}\n",
"EOF\n",
"cat << _EOF > /root/nsupdate.cmd\n",
"key ${PREFIX} ${DNS_SEC_KEY}\n",
"server ${BROKER_IP} 53\n",
"update delete ${EC2_INSTANCE_ID}.${PREFIX} A\n",
"update add ${EC2_INSTANCE_ID}.${PREFIX} 180 A ${IP_ADDRESS}\n",
"send\n",
"_EOF\n",
"cat /root/nsupdate.cmd | nsupdate\n",
"setenforce 1\n"
]
]
}
}
}
}
},
"Outputs" : {
"OpenShiftConsole" : {
"Value" : { "Fn::Join" : ["", ["https://", { "Fn::GetAtt" : [ "BrokerInstance", "PublicIp" ]}, "/console"]] },
"Description" : "URL for OpenShift Origins console"
},
"NameServerEntry" : {
"Value" : { "Fn::Join" : ["", ["nameserver ", { "Fn::GetAtt" : [ "BrokerInstance", "PublicIp" ]}]] },
"Description" : "Entry to insert into /etc/resolv.conf for application host names to resolve"
}
}
}
View Git Blame Copy Permalink