Code Monkey home page Code Monkey logo

terraform-aws-watchmaker's Introduction

License pullreminders

Watchmaker AWS Terraform Module

terraform-aws-watchmaker

Overview

This repo contains a set of Terraform modules that utilizes the Cloudformation Stack data source to deploy AWS instances (Linux or Windows) configured with Watchmaker. The resources can be deployed as individual instances or in an AutoScaling Group.

For more information on installing and using Watchmaker, go to https://watchmaker.readthedocs.io.

How To Use This module

This repo is structured as follows:

  • Root: This folder contains an example of Terraform code that uses the Linux Instance module to deploy a Watchmaker Linux instance.
  • Modules: This folder contains the Terrafrom modules that are used to create the Watchmaker resources.
  • Examples: This folder contains working examples of how to use the modules. Users will need to modify the parameters for their specific AWS environment.

To use this module, create a Terraform file with the same format as main.tf in the root or example directories with variables set to your desired configuration.

In your Terraform working directory, run the following commands:

$ terraform init
$ terraform plan
$ terraform apply

Requirements

Name Version
terraform >= 0.12

Providers

No providers.

Resources

No resources.

Inputs

Name Description Type Default Required
AmiDistro (Required) Linux distro of the AMI string n/a yes
AmiId (Required) ID of the AMI to launch string n/a yes
KeyPairName (Required) Public/private key pairs allow you to securely connect to your instance after it launches string n/a yes
Name (Required) Name of CloudFormation Stack string n/a yes
SecurityGroupIds (Required) List of security groups to apply to the instance string n/a yes
SubnetId (Required) ID of the subnet to assign to the instance string n/a yes
AppScriptParams (Optional) Parameter string to pass to the application script. Ignored if AppScriptUrl is blank string null no
AppScriptShell (Optional) Shell with which to execute the application script. Ignored if AppScriptUrl is blank string "bash" no
AppScriptUrl (Optional) S3 URL to the application script in an S3 bucket (s3://). Leave blank to launch without an application script. If specified, an appropriate InstanceRole is required string null no
AppVolumeDevice (Optional) Device to mount an extra EBS volume. Leave blank to launch without an extra application volume string null no
AppVolumeMountPath (Optional) Filesystem path to mount the extra app volume. Ignored if AppVolumeDevice is blank string "/opt/data" no
AppVolumeSize (Optional) Size in GB of the EBS volume to create. Ignored if AppVolumeDevice is blank string "1" no
AppVolumeType (Optional) Type of EBS volume to create. Ignored if AppVolumeDevice is blank string "gp2" no
CfnEndpointUrl (Optional) URL to the CloudFormation Endpoint. e.g. https://cloudformation.us-east-1.amazonaws.com string "https://cloudformation.us-east-1.amazonaws.com" no
CfnGetPipUrl (Optional) URL to get-pip.py string "https://bootstrap.pypa.io/2.6/get-pip.py" no
EnableRepos (Optional) Specify repos to be enabled by yum-config-manager string null no
InstanceRole (Optional) IAM instance role to apply to the instance string null no
InstanceType (Optional) Amazon EC2 instance type string "t2.micro" no
NoPublicIp (Optional) Controls whether to assign the instance a public IP. Recommended to leave at true unless launching in a public subnet bool true no
NoReboot (Optional) Controls whether to reboot the instance as the last step of cfn-init execution bool false no
NoUpdates (Optional) Controls whether to run yum update during a stack update (On the initial instance launch, Watchmaker always installs updates) bool false no
PrivateIp (Optional) Set a static, primary private IP. Leave blank to auto-select a free IP string null no
PypiIndexUrl (Optional) URL to the PyPi Index string "https://pypi.org/simple" no
ToggleCfnInitUpdate (Optional) A/B toggle that forces a change to instance metadata, triggering the cfn-init update sequence string "A" no
WatchmakerAdminGroups (Optional) Colon-separated list of domain groups that should have admin permissions on the EC2 instance string null no
WatchmakerAdminUsers (Optional) Colon-separated list of domain users that should have admin permissions on the EC2 instance string null no
WatchmakerComputerName (Optional) Sets the hostname/computername within the OS string null no
WatchmakerConfig (Optional) URL to a Watchmaker config file string null no
WatchmakerEnvironment (Optional) Environment in which the instance is being deployed string null no
WatchmakerOuPath (Optional) DN of the OU to place the instance when joining a domain. If blank and WatchmakerEnvironment enforces a domain join, the instance will be placed in a default container. Leave blank if not joining a domain, or if WatchmakerEnvironment is false string null no
WatchmakerS3Source (Optional) Flag that tells watchmaker to use its instance role to retrieve watchmaker content from S3 bool false no

Outputs

Name Description
watchmaker-lx-instance-stack CloudFormation stack object for watchmaker-lx-instance-stack

terraform-aws-watchmaker's People

Contributors

confusdcodr avatar dependabot-preview[bot] avatar dependabot-support avatar dependabot[bot] avatar eemperor avatar johnricords avatar kumoy avatar lorengordon avatar mergify[bot] avatar moskey71 avatar nortiz34 avatar pyup-bot avatar spavuluri avatar userhas404d avatar wyatt-at-plus3it avatar yakdriver avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

eemperor andy-mehta userhas404d rberlind wyatt-at-plus3it dkressin moskey71 spavuluri drabrun nortiz34 yakdriver allez-allez-allez damav lorengordon justinorrplus3it eganjm ryanoatz99 maquinones johnricords

terraform-aws-watchmaker's Issues

Seems Like watchmaker-lx-autoscale.template.cfn.json Implements a Bad Assumption

Recently rebased [cfn-gitlab() against the current watchmaker-lx-autoscale.template.cfn.json template. Deployed a testing instance with the ScaleUpSchedule/ScaleDownSchedule defined: was surprised to come in, this morning, to find that, even though the overall deployed stack's DesiredCapacity was 1, I was seeing two instances in the EC2 console. Dug through the code and found:

"ScaleUpScheduledAction": {
  "Condition": "UseScheduledAction",
  "Properties": {
    "AutoScalingGroupName": { "Ref": "GitLabASG" },
    "DesiredCapacity": { "Ref": "MaxCapacity" },
    "Recurrence": { "Ref": "ScaleUpSchedule" }
  },
  "Type": "AWS::AutoScaling::ScheduledAction"
}

It seems like it would be better if the ScaleUpScheduledAction block's:

    "DesiredCapacity": { "Ref": "MaxCapacity" },

were

    "DesiredCapacity": { "Ref": "DesiredCapacity" },

Granted, as an upstream project, Watchmaker likely makes different assumptions and I'm free to alter things to fit my project's particular needs but felt it was worth a discussion โ€” thus I'm marking this a question rather than bug.

Dependabot couldn't find a <anything>.tf for this project

Dependabot couldn't find a .tf for this project.

Dependabot requires a .tf to evaluate your project's current Terraform dependencies. It had expected to find one at the path: /modules/**/<anything>.tf.

If this isn't a Terraform project, or if it is a library, you may wish to disable updates for it from within Dependabot.

You can mention @dependabot in the comments below to contact the Dependabot team.

Don't install cfnbootstrap if already installed

Everything in this section is installing and setting up the cfn bootstrap utility. Affects both lx-instance and lx-autoscale modules.

Propose testing first if the utility is already installed and installing only if it is not present. Here's what I think is a reasonable test:

if [[ $(rpm --quiet -q aws-cfn-bootstrap || pip show --quiet aws-cfn-bootstrap)$? -ne 0 ]]
then
  # do install
fi

Dependabot couldn't find a <anything>.tf for this project

Dependabot couldn't find a .tf for this project.

Dependabot requires a .tf to evaluate your project's current Terraform dependencies. It had expected to find one at the path: /modules/<anything>.tf.

If this isn't a Terraform project, or if it is a library, you may wish to disable updates for it from within Dependabot.

You can mention @dependabot in the comments below to contact the Dependabot team.

Using an Asterisk in the "CloudWatchAppLogs" parameter errors CWL Log Stream creation

Output seen in CloudWatch Agent Logs:

2019-07-05T22:05:19Z E! CreateLogStream / CreateLogGroup with log group name /aws/ec2/lx/devxx-bxx stream name install_*_logs_i-xxxxx has errors. Will retry the request: InvalidParameterException: 1 validation error detected: Value 'install_*_logs_i-xxxxx' at 'logStreamName' failed to satisfy constraint: Member must satisfy regular expression pattern: [^:*]*

Initial Update

The bot created this issue to inform you that pyup.io has been set up on this repo.
Once you have closed it, the bot will open pull requests for updates as soon as they are available.

AWS::CloudFormation::Init Stanza "install-cloudwatch-agent"

Current logic:

"01-get-cloudwatch-agent": {
  "command": {
    "Fn::Join": [
      "",
      [
        "mkdir -p /etc/cfn/scripts/ &&",
        " aws s3 cp ",
        { "Ref": "CloudWatchAgentUrl" },
        " /etc/cfn/scripts/AmazonCloudWatchAgent.zip",
        " --region ",
        { "Ref": "AWS::Region" },
        " &&",
        " chown root:root /etc/cfn/scripts/AmazonCloudWatchAgent.zip &&",
        " chmod 700 /etc/cfn/scripts/AmazonCloudWatchAgent.zip"
      ]
    ]
  }
},

Can be more-compactly expressed/require fewer linked commands:

"01-get-cloudwatch-agent": {
  "command": {
    "Fn::Join": [
      "",
      [
        "install -Dbm 700 -o root -g root /dev/null /etc/cfn/scripts/AmazonCloudWatchAgent.zip &&
        " aws s3 cp ",
        { "Ref": "CloudWatchAgentUrl" },
        " /etc/cfn/scripts/AmazonCloudWatchAgent.zip",
        " --region ",
        { "Ref": "AWS::Region" }
      ]
    ]
  }
},

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.