b85c442741
Some templates have Policies specified for the User resource in the AWS IAM Policy format, which we do not yet support, and will confuse users now we have OS::Heat::AccessPolicy implemented ref bug 1115758 Change-Id: I6958b02fe6518ea43729ebc18818524ae7e4921e Signed-off-by: Steven Hardy <shardy@redhat.com>
235 lines
8.5 KiB
Plaintext
235 lines
8.5 KiB
Plaintext
{
|
|
"TemplateFormatVersion" : "2010-09-09",
|
|
|
|
"Description": "Sample template to bring up WordPress using the Puppet client to install server roles. A WaitCondition is used to hold up the stack creation until the application is deployed. **WARNING** This template creates one or more Amazon EC2 instances and CloudWatch alarms. You will be billed for the AWS resources used if you create a stack from this template.",
|
|
|
|
"Parameters" : {
|
|
"KeyName": {
|
|
"Type": "String",
|
|
"Description" : "Name of an existing EC2 KeyPair to enable SSH access to the web server"
|
|
},
|
|
"PuppetClientSecurityGroup": {
|
|
"Description" : "The EC2 security group for the instances",
|
|
"Type": "String"
|
|
},
|
|
"PuppetMasterDNSName": {
|
|
"Description" : "The PuppetMaster DNS name",
|
|
"Type": "String"
|
|
},
|
|
"InstanceType" : {
|
|
"Description" : "WebServer EC2 instance type",
|
|
"Type" : "String",
|
|
"Default" : "m1.small",
|
|
"AllowedValues" : [ "t1.micro","m1.small","m1.medium","m1.large","m1.xlarge","m2.xlarge","m2.2xlarge","m2.4xlarge","c1.medium","c1.xlarge","cc1.4xlarge","cc2.8xlarge","cg1.4xlarge"],
|
|
"ConstraintDescription" : "must be a valid EC2 instance type."
|
|
},
|
|
"DatabaseType": {
|
|
"Default": "db.m1.small",
|
|
"Description" : "The database instance type",
|
|
"Type": "String",
|
|
"AllowedValues" : [ "db.m1.small", "db.m1.large", "db.m1.xlarge", "db.m2.xlarge", "db.m2.2xlarge", "db.m2.4xlarge" ],
|
|
"ConstraintDescription" : "must contain only alphanumeric characters."
|
|
},
|
|
"DatabaseUser": {
|
|
"Default" : "admin",
|
|
"NoEcho": "true",
|
|
"Type": "String",
|
|
"Description" : "Test database admin account name",
|
|
"MinLength": "1",
|
|
"MaxLength": "16",
|
|
"AllowedPattern" : "[a-zA-Z][a-zA-Z0-9]*",
|
|
"ConstraintDescription" : "must begin with a letter and contain only alphanumeric characters."
|
|
},
|
|
"DatabasePassword": {
|
|
"Default" : "admin",
|
|
"NoEcho": "true",
|
|
"Type": "String",
|
|
"Description" : "Test database admin account password",
|
|
"MinLength": "1",
|
|
"MaxLength": "41",
|
|
"AllowedPattern" : "[a-zA-Z0-9]*",
|
|
"ConstraintDescription" : "must contain only alphanumeric characters."
|
|
}
|
|
},
|
|
|
|
"Mappings" : {
|
|
"AWSInstanceType2Arch" : {
|
|
"t1.micro" : { "Arch" : "64" },
|
|
"m1.small" : { "Arch" : "64" },
|
|
"m1.medium" : { "Arch" : "64" },
|
|
"m1.large" : { "Arch" : "64" },
|
|
"m1.xlarge" : { "Arch" : "64" },
|
|
"m2.xlarge" : { "Arch" : "64" },
|
|
"m2.2xlarge" : { "Arch" : "64" },
|
|
"m2.4xlarge" : { "Arch" : "64" },
|
|
"c1.medium" : { "Arch" : "64" },
|
|
"c1.xlarge" : { "Arch" : "64" },
|
|
"cc1.4xlarge" : { "Arch" : "64HVM" },
|
|
"cc2.8xlarge" : { "Arch" : "64HVM" },
|
|
"cg1.4xlarge" : { "Arch" : "64HVM" }
|
|
},
|
|
|
|
"AWSRegionArch2AMI" : {
|
|
"us-east-1" : { "32" : "ami-31814f58", "64" : "ami-1b814f72", "64HVM" : "ami-0da96764" },
|
|
"us-west-2" : { "32" : "ami-38fe7308", "64" : "ami-30fe7300", "64HVM" : "NOT_YET_SUPPORTED" },
|
|
"us-west-1" : { "32" : "ami-11d68a54", "64" : "ami-1bd68a5e", "64HVM" : "NOT_YET_SUPPORTED" },
|
|
"eu-west-1" : { "32" : "ami-973b06e3", "64" : "ami-953b06e1", "64HVM" : "NOT_YET_SUPPORTED" },
|
|
"ap-southeast-1" : { "32" : "ami-b4b0cae6", "64" : "ami-beb0caec", "64HVM" : "NOT_YET_SUPPORTED" },
|
|
"ap-northeast-1" : { "32" : "ami-0644f007", "64" : "ami-0a44f00b", "64HVM" : "NOT_YET_SUPPORTED" },
|
|
"sa-east-1" : { "32" : "ami-3e3be423", "64" : "ami-3c3be421", "64HVM" : "NOT_YET_SUPPORTED" }
|
|
}
|
|
},
|
|
|
|
"Resources" : {
|
|
|
|
"CFNInitUser" : {
|
|
"Type" : "AWS::IAM::User"
|
|
},
|
|
|
|
"CFNKeys" : {
|
|
"Type" : "AWS::IAM::AccessKey",
|
|
"Properties" : {
|
|
"UserName" : { "Ref": "CFNInitUser" }
|
|
}
|
|
},
|
|
|
|
"WebServer": {
|
|
"Type": "AWS::EC2::Instance",
|
|
"Metadata" : {
|
|
"AWS::CloudFormation::Init" : {
|
|
"config" : {
|
|
"packages" : {
|
|
"yum" : {
|
|
"puppet" : [],
|
|
"ruby-devel" : [],
|
|
"gcc" : [],
|
|
"make" : [],
|
|
"rubygems" : []
|
|
},
|
|
"rubygems" : {
|
|
"json" : []
|
|
}
|
|
},
|
|
"files" : {
|
|
"/etc/yum.repos.d/epel.repo" : {
|
|
"source" : "https://s3.amazonaws.com/cloudformation-examples/enable-epel-on-amazon-linux-ami",
|
|
"mode" : "000644",
|
|
"owner" : "root",
|
|
"group" : "root"
|
|
},
|
|
"/etc/puppet/puppet.conf" : {
|
|
"content" : { "Fn::Join" : ["", [
|
|
"[main]\n",
|
|
" logdir=/var/log/puppet\n",
|
|
" rundir=/var/run/puppet\n",
|
|
" ssldir=$vardir/ssl\n",
|
|
" pluginsync=true\n",
|
|
"[agent]\n",
|
|
" classfile=$vardir/classes.txt\n",
|
|
" localconfig=$vardir/localconfig\n",
|
|
" server=",{ "Ref" : "PuppetMasterDNSName" },"\n"
|
|
]] },
|
|
"mode" : "000644",
|
|
"owner" : "root",
|
|
"group" : "root"
|
|
}
|
|
},
|
|
"services" : {
|
|
"sysvinit" : {
|
|
"puppet" : {
|
|
"enabled" : "true",
|
|
"ensureRunning" : "true"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"Puppet" : {
|
|
"roles" : [ "wordpress" ],
|
|
"host" : {"Fn::GetAtt" : ["WordPressDatabase", "Endpoint.Address"]},
|
|
"database" : "WordPressDB",
|
|
"user" : {"Ref" : "DatabaseUser"},
|
|
"password" : {"Ref" : "DatabasePassword" }
|
|
}
|
|
},
|
|
"Properties": {
|
|
"SecurityGroups": [ { "Ref": "PuppetClientSecurityGroup" }, { "Ref" : "EC2SecurityGroup" } ],
|
|
"ImageId": { "Fn::FindInMap": [ "AWSRegionArch2AMI", { "Ref": "AWS::Region" }, { "Fn::FindInMap": [ "AWSInstanceType2Arch", { "Ref": "InstanceType" }, "Arch" ] } ]
|
|
},
|
|
"UserData" : { "Fn::Base64" : { "Fn::Join" : ["", [
|
|
"#!/bin/bash\n",
|
|
"yum update -y aws-cfn-bootstrap\n",
|
|
|
|
"/opt/aws/bin/cfn-init --region ", { "Ref" : "AWS::Region" },
|
|
" -s ", { "Ref" : "AWS::StackName" }, " -r WebServer ",
|
|
" --access-key ", { "Ref" : "CFNKeys" },
|
|
" --secret-key ", { "Fn::GetAtt" : ["CFNKeys", "SecretAccessKey"]}, "\n",
|
|
"/opt/aws/bin/cfn-signal -e $? '", { "Ref" : "ApplicationWaitHandle" }, "'\n"
|
|
]]}},
|
|
"KeyName": { "Ref": "KeyName" },
|
|
"InstanceType": { "Ref": "InstanceType" }
|
|
}
|
|
},
|
|
|
|
|
|
"EC2SecurityGroup" : {
|
|
"Type" : "AWS::EC2::SecurityGroup",
|
|
"Properties" : {
|
|
"GroupDescription" : "Enable HTTP access for Wordpress plus SSH access via port 22",
|
|
"SecurityGroupIngress" : [
|
|
{"IpProtocol" : "tcp", "FromPort" : "22", "ToPort" : "22", "CidrIp" : "0.0.0.0/0" },
|
|
{"IpProtocol" : "tcp", "FromPort" : "80", "ToPort" : "80", "CidrIp" : "0.0.0.0/0" }
|
|
]
|
|
}
|
|
},
|
|
|
|
"ApplicationWaitHandle" : {
|
|
"Type" : "AWS::CloudFormation::WaitConditionHandle"
|
|
},
|
|
|
|
"ApplicationWaitCondition" : {
|
|
"Type" : "AWS::CloudFormation::WaitCondition",
|
|
"DependsOn" : "WebServer",
|
|
"Properties" : {
|
|
"Handle" : { "Ref" : "ApplicationWaitHandle" },
|
|
"Timeout" : "600"
|
|
}
|
|
},
|
|
|
|
"WordPressDatabase" : {
|
|
"Type" : "AWS::RDS::DBInstance",
|
|
"Properties" : {
|
|
"AllocatedStorage" : "5",
|
|
"DBName" : "WordPressDB",
|
|
"Engine" : "MySQL",
|
|
"DBInstanceClass" : { "Ref" : "DatabaseType" },
|
|
"DBSecurityGroups" : [ { "Ref": "DBSecurityGroup" } ],
|
|
"MasterUsername" : { "Ref" : "DatabaseUser" },
|
|
"MasterUserPassword" : { "Ref" : "DatabasePassword" }
|
|
}
|
|
},
|
|
|
|
"DBSecurityGroup": {
|
|
"Type": "AWS::RDS::DBSecurityGroup",
|
|
"Properties": {
|
|
"DBSecurityGroupIngress": {
|
|
"EC2SecurityGroupName": { "Ref": "EC2SecurityGroup" }
|
|
},
|
|
"GroupDescription": "database access"
|
|
}
|
|
}
|
|
},
|
|
|
|
"Outputs": {
|
|
"WebsiteURL": {
|
|
"Value": { "Fn::Join": [ "", [ "http://", { "Fn::GetAtt": [ "WebServer", "PublicDnsName" ] }, "/wordpress" ] ] },
|
|
"Description" : "URL of the WordPress website"
|
|
},
|
|
"InstallURL": {
|
|
"Value": { "Fn::Join": [ "", [ "http://", { "Fn::GetAtt": [ "WebServer", "PublicDnsName" ] }, "/wordpress/wp-admin/install.php" ] ] },
|
|
"Description" : "URL to install WordPress"
|
|
}
|
|
}
|
|
}
|
|
|