Initial openshift autoscaling template.
As authored by Steve Hardy <shardy@redhat.com> Change-Id: I39773ba7cc8ba5e4ce6555fc3c3aa84cec7937c7
This commit is contained in:
parent
4f3ad5a11e
commit
92a15bdd92
|
@ -0,0 +1,395 @@
|
|||
{
|
||||
"AWSTemplateFormatVersion": "2010-09-09",
|
||||
"Description": "Template for setting up an AutoScaled OpenShift Origin environment",
|
||||
"Parameters": {
|
||||
"KeyName": {
|
||||
"Description": "Name of an existing eyPair to enable SSH access to the instances",
|
||||
"Type": "String",
|
||||
"MinLength": "1",
|
||||
"MaxLength": "64",
|
||||
"AllowedPattern": "[-_ a-zA-Z0-9]*"
|
||||
},
|
||||
"Prefix": {
|
||||
"Description": "Your DNS Prefix",
|
||||
"Type": "String",
|
||||
"Default": "example.com"
|
||||
},
|
||||
"DnsSecKey": {
|
||||
"Description": "Bind DNS-Sec TSIG key",
|
||||
"Type": "String",
|
||||
"NoEcho": "TRUE"
|
||||
},
|
||||
"UpstreamDNS": {
|
||||
"Description": "Upstream DNS server",
|
||||
"Type": "String",
|
||||
"Default": "8.8.8.8"
|
||||
}
|
||||
},
|
||||
"Mappings": {
|
||||
"JeosImages": {
|
||||
"Broker": {
|
||||
"Image": "F18-x86_64-openshift-origin-broker-cfntools"
|
||||
},
|
||||
"Node": {
|
||||
"Image": "F18-x86_64-openshift-origin-node-cfntools"
|
||||
}
|
||||
}
|
||||
},
|
||||
"Resources": {
|
||||
"OpenshiftUser" : {
|
||||
"Type" : "AWS::IAM::User"
|
||||
},
|
||||
"OpenshiftOriginKeys" : {
|
||||
"Type" : "AWS::IAM::AccessKey",
|
||||
"Properties" : {
|
||||
"UserName" : {"Ref": "OpenshiftUser"}
|
||||
}
|
||||
},
|
||||
"OpenshiftOriginNodeGroup" : {
|
||||
"Type" : "AWS::AutoScaling::AutoScalingGroup",
|
||||
"DependsOn": "brokerWaitCondition",
|
||||
"Properties" : {
|
||||
"AvailabilityZones" : { "Fn::GetAZs" : ""},
|
||||
"LaunchConfigurationName" : { "Ref" : "NodeLaunchConfig" },
|
||||
"MinSize" : "1",
|
||||
"MaxSize" : "3",
|
||||
"LoadBalancerNames" : []
|
||||
}
|
||||
},
|
||||
"OpenshiftOriginScaleUpPolicy" : {
|
||||
"Type" : "AWS::AutoScaling::ScalingPolicy",
|
||||
"Properties" : {
|
||||
"AdjustmentType" : "ChangeInCapacity",
|
||||
"AutoScalingGroupName" : { "Ref" : "OpenshiftOriginNodeGroup" },
|
||||
"Cooldown" : "60",
|
||||
"ScalingAdjustment" : "1"
|
||||
}
|
||||
},
|
||||
"OpenshiftOriginScaleDownPolicy" : {
|
||||
"Type" : "AWS::AutoScaling::ScalingPolicy",
|
||||
"Properties" : {
|
||||
"AdjustmentType" : "ChangeInCapacity",
|
||||
"AutoScalingGroupName" : { "Ref" : "OpenshiftOriginNodeGroup" },
|
||||
"Cooldown" : "60",
|
||||
"ScalingAdjustment" : "-1"
|
||||
}
|
||||
},
|
||||
"NodeAlarmHigh": {
|
||||
"Type": "AWS::CloudWatch::Alarm",
|
||||
"Properties": {
|
||||
"AlarmDescription": "Scale-up if Nodes > 50% for 1 minute",
|
||||
"MetricName": "NodeUtilization",
|
||||
"Namespace": "system/linux",
|
||||
"Statistic": "Average",
|
||||
"Period": "60",
|
||||
"EvaluationPeriods": "1",
|
||||
"Threshold": "50",
|
||||
"AlarmActions": [ { "Ref": "OpenshiftOriginScaleUpPolicy" } ],
|
||||
"Dimensions": [
|
||||
{
|
||||
"Name": "AutoScalingGroupName",
|
||||
"Value": { "Ref": "OpenshiftOriginNodeGroup" }
|
||||
}
|
||||
],
|
||||
"ComparisonOperator": "GreaterThanThreshold"
|
||||
}
|
||||
},
|
||||
"NodeAlarmLow": {
|
||||
"Type": "AWS::CloudWatch::Alarm",
|
||||
"Properties": {
|
||||
"AlarmDescription": "Scale-down if Nodes < 15% for 1 minute",
|
||||
"MetricName": "NodeUtilization",
|
||||
"Namespace": "system/linux",
|
||||
"Statistic": "Average",
|
||||
"Period": "60",
|
||||
"EvaluationPeriods": "1",
|
||||
"Threshold": "15",
|
||||
"AlarmActions": [ { "Ref": "OpenshiftOriginScaleDownPolicy" } ],
|
||||
"Dimensions": [
|
||||
{
|
||||
"Name": "AutoScalingGroupName",
|
||||
"Value": { "Ref": "OpenshiftOriginNodeGroup" }
|
||||
}
|
||||
],
|
||||
"ComparisonOperator": "LessThanThreshold"
|
||||
}
|
||||
},
|
||||
"OpenShiftOriginSecurityGroup": {
|
||||
"Type": "AWS::EC2::SecurityGroup",
|
||||
"Properties": {
|
||||
"GroupDescription": "Standard firewall rules",
|
||||
"SecurityGroupIngress": [
|
||||
{
|
||||
"IpProtocol": "udp",
|
||||
"FromPort": "53",
|
||||
"ToPort": "53",
|
||||
"CidrIp": "0.0.0.0/0"
|
||||
},
|
||||
{
|
||||
"IpProtocol": "tcp",
|
||||
"FromPort": "53",
|
||||
"ToPort": "53",
|
||||
"CidrIp": "0.0.0.0/0"
|
||||
},
|
||||
{
|
||||
"IpProtocol": "tcp",
|
||||
"FromPort": "22",
|
||||
"ToPort": "22",
|
||||
"CidrIp": "0.0.0.0/0"
|
||||
},
|
||||
{
|
||||
"IpProtocol": "tcp",
|
||||
"FromPort": "80",
|
||||
"ToPort": "80",
|
||||
"CidrIp": "0.0.0.0/0"
|
||||
},
|
||||
{
|
||||
"IpProtocol": "tcp",
|
||||
"FromPort": "443",
|
||||
"ToPort": "443",
|
||||
"CidrIp": "0.0.0.0/0"
|
||||
},
|
||||
{
|
||||
"IpProtocol": "tcp",
|
||||
"FromPort": "8000",
|
||||
"ToPort": "8000",
|
||||
"CidrIp": "0.0.0.0/0"
|
||||
},
|
||||
{
|
||||
"IpProtocol": "tcp",
|
||||
"FromPort": "8443",
|
||||
"ToPort": "8443",
|
||||
"CidrIp": "0.0.0.0/0"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"brokerWaitHandle": {
|
||||
"Type": "AWS::CloudFormation::WaitConditionHandle"
|
||||
},
|
||||
"brokerWaitCondition": {
|
||||
"Type": "AWS::CloudFormation::WaitCondition",
|
||||
"DependsOn": "BrokerInstance",
|
||||
"Properties": {
|
||||
"Handle": {
|
||||
"Ref": "brokerWaitHandle"
|
||||
},
|
||||
"Timeout": "6000"
|
||||
}
|
||||
},
|
||||
"BrokerInstance": {
|
||||
"Type": "AWS::EC2::Instance",
|
||||
"Properties": {
|
||||
"ImageId": {
|
||||
"Fn::FindInMap": [ "JeosImages", "Broker", "Image" ]
|
||||
},
|
||||
"InstanceType": "m1.small",
|
||||
"KeyName": {
|
||||
"Ref": "KeyName"
|
||||
},
|
||||
"SecurityGroups": [
|
||||
{
|
||||
"Ref": "OpenShiftOriginSecurityGroup"
|
||||
}
|
||||
],
|
||||
"Tags": [
|
||||
{
|
||||
"Key": "Name",
|
||||
"Value": {
|
||||
"Fn::Join": [ "-", [ "openshift", { "Ref": "Prefix" }, "broker" ] ]
|
||||
}
|
||||
}
|
||||
],
|
||||
"UserData": {
|
||||
"Fn::Base64": {
|
||||
"Fn::Join": [
|
||||
"",
|
||||
[
|
||||
"#!/bin/bash -x", "\n",
|
||||
"cat << EOF > /root/configure.pp\n",
|
||||
"\\$my_hostname=\"\\${ec2_instance_id}.", { "Ref": "Prefix" }, "\"\n",
|
||||
"file { \"update network settings - hostname\":", "\n",
|
||||
" path => \"/etc/sysconfig/network\",\n",
|
||||
" content => \"NETWORKING=yes\\nNETWORKING_IPV6=no\\nHOSTNAME=\\${my_hostname}\"\n",
|
||||
"}\n",
|
||||
"exec { \"set hostname\":\n",
|
||||
" command => \"/bin/hostname \\${my_hostname} ; echo \\${my_hostname} > /etc/hostname\"\n",
|
||||
"}\n",
|
||||
"augeas{ \"etc hosts setup\" :\n",
|
||||
" context => \"/files/etc/hosts\",\n",
|
||||
" changes => [\n",
|
||||
" \"set 01/ipaddr \\${ipaddress}\",\n",
|
||||
" \"set 01/canonical \\${my_hostname}\",\n",
|
||||
" ],\n",
|
||||
"}\n",
|
||||
"augeas{ \"network peerdns setup\" :\n",
|
||||
" context => \"/files/etc/sysconfig/network-scripts/ifcfg-eth0\",\n",
|
||||
" changes => [\n",
|
||||
" \"set PEERDNS no\",\n",
|
||||
" ],\n",
|
||||
"}\n",
|
||||
"class { \"openshift_origin\" :\n",
|
||||
" node_fqdn => \\$my_hostname,\n",
|
||||
" cloud_domain => \"", { "Ref": "Prefix" }, "\",", "\n",
|
||||
" named_tsig_priv_key => \"", { "Ref": "DnsSecKey" }, "\",", "\n",
|
||||
" dns_servers => [\"", { "Ref": "UpstreamDNS" }, "\"],\n",
|
||||
" os_unmanaged_users => [\"ec2-user\"],\n",
|
||||
" enable_network_services => true,\n",
|
||||
" configure_firewall => false,\n",
|
||||
" configure_ntp => true,\n",
|
||||
" configure_activemq => true,\n",
|
||||
" configure_qpid => false,\n",
|
||||
" configure_mongodb => true,\n",
|
||||
" configure_named => true,\n",
|
||||
" configure_broker => true,\n",
|
||||
" configure_console => true,\n",
|
||||
" configure_node => false,\n",
|
||||
" development_mode => true,\n",
|
||||
" named_ipaddress => \\$ipaddress,\n",
|
||||
" mongodb_fqdn => \\$my_hostname,\n",
|
||||
" mq_fqdn => \\$my_hostname,\n",
|
||||
" broker_fqdn => \\$my_hostname,\n",
|
||||
"}\n",
|
||||
"EOF\n",
|
||||
"puppet module install openshift/openshift_origin", "\n",
|
||||
"puppet apply --verbose /root/configure.pp | tee /var/log/configure_openshift.log", "\n",
|
||||
"service network restart | tee /var/log/configure_openshift.log;\n",
|
||||
"service mongod restart | tee /var/log/configure_openshift.log;\n",
|
||||
"service activemq restart | tee /var/log/configure_openshift.log;\n",
|
||||
"service httpd restart | tee /var/log/configure_openshift.log;\n",
|
||||
"service openshift-broker restart | tee /var/log/configure_openshift.log;\n",
|
||||
"service openshift-console restart | tee /var/log/configure_openshift.log;\n",
|
||||
"service named restart | tee /var/log/configure_openshift.log;\n",
|
||||
"export EC2_INSTANCE_ID=\"`facter ec2_instance_id`\"\n",
|
||||
"export IP_ADDRESS=\"`facter ipaddress`\"\n",
|
||||
"cat << _EOF > /root/nsupdate.cmd\n",
|
||||
"key ", { "Ref": "Prefix" }," ",{ "Ref": "DnsSecKey" },"\n",
|
||||
"server ${IP_ADDRESS} 53\n",
|
||||
"update delete ${EC2_INSTANCE_ID}.",{ "Ref": "Prefix" }," A\n",
|
||||
"update add ${EC2_INSTANCE_ID}.",{ "Ref": "Prefix" }," 180 A ${IP_ADDRESS}\n",
|
||||
"send\n",
|
||||
"_EOF\n",
|
||||
"cat /root/nsupdate.cmd | nsupdate\n",
|
||||
"# All is well so signal success\n",
|
||||
"/opt/aws/bin/cfn-signal -e 0 -r \"Broker setup complete\" \"", { "Ref": "brokerWaitHandle" }, "\"\n"
|
||||
]
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"NodeLaunchConfig": {
|
||||
"Type": "AWS::AutoScaling::LaunchConfiguration",
|
||||
"Properties": {
|
||||
"ImageId": {
|
||||
"Fn::FindInMap": [ "JeosImages", "Node", "Image" ]
|
||||
},
|
||||
"InstanceType": "m1.small",
|
||||
"KeyName": { "Ref": "KeyName" },
|
||||
"SecurityGroups": [ { "Ref": "OpenShiftOriginSecurityGroup" } ],
|
||||
"UserData": {
|
||||
"Fn::Base64": {
|
||||
"Fn::Join": [
|
||||
"",
|
||||
[
|
||||
"#!/bin/bash -x", "\n",
|
||||
"mkdir -p /etc/cfn\n",
|
||||
"cat << EOF > /etc/cfn/cfn-credentials\n",
|
||||
"AWSAccessKeyId=", {"Ref" : "OpenshiftOriginKeys"}, "\n",
|
||||
"AWSSecretKey=", {"Fn::GetAtt": ["OpenshiftOriginKeys",
|
||||
"SecretAccessKey"]}, "\n",
|
||||
"EOF\n",
|
||||
"chown root:root /etc/cfn/cfn-credentials\n",
|
||||
"chmod 0400 /etc/cfn/cfn-credentials\n",
|
||||
|
||||
"cat << EOF > /tmp/stats-crontab.txt\n",
|
||||
"MAIL=\"\"\n",
|
||||
"\n",
|
||||
"* * * * * /opt/aws/bin/cfn-push-stats --watch ",
|
||||
{ "Ref" : "NodeAlarmHigh" },
|
||||
" --metric NodeUtilization",
|
||||
" --units Percent",
|
||||
" --value 45\n",
|
||||
"* * * * * /opt/aws/bin/cfn-push-stats --watch ",
|
||||
{ "Ref" : "NodeAlarmLow" },
|
||||
" --metric NodeUtilization",
|
||||
" --units Percent",
|
||||
" --value 45\n",
|
||||
"EOF\n",
|
||||
"chown root:root /tmp/stats-crontab.txt\n",
|
||||
"chmod 600 /tmp/stats-crontab.txt\n",
|
||||
"# install crontab\n",
|
||||
"crontab /tmp/stats-crontab.txt\n",
|
||||
|
||||
"cat << EOF > /root/configure.pp\n",
|
||||
"\\$my_hostname=\"\\${ec2_instance_id}.", { "Ref": "Prefix" }, "\"\n",
|
||||
"file { \"update network settings - hostname\":", "\n",
|
||||
" path => \"/etc/sysconfig/network\",\n",
|
||||
" content => \"NETWORKING=yes\\nNETWORKING_IPV6=no\\nHOSTNAME=\\${my_hostname}\"\n",
|
||||
"}\n",
|
||||
"exec { \"set hostname\":\n",
|
||||
" command => \"/bin/hostname \\${my_hostname} ; echo \\${my_hostname} > /etc/hostname\"\n",
|
||||
"}\n",
|
||||
"augeas{ \"etc hosts setup\" :\n",
|
||||
" context => \"/files/etc/hosts\",\n",
|
||||
" changes => [\n",
|
||||
" \"set 01/ipaddr \\${ipaddress}\",\n",
|
||||
" \"set 01/canonical \\${my_hostname}\",\n",
|
||||
" ],\n",
|
||||
"}\n",
|
||||
"augeas{ \"network peerdns setup\" :\n",
|
||||
" context => \"/files/etc/sysconfig/network-scripts/ifcfg-eth0\",\n",
|
||||
" changes => [\n",
|
||||
" \"set PEERDNS no\",\n",
|
||||
" ],\n",
|
||||
"}\n",
|
||||
"class { \"openshift_origin\" :\n",
|
||||
" node_fqdn => \\$my_hostname,\n",
|
||||
" cloud_domain => \"", { "Ref": "Prefix" }, "\",", "\n",
|
||||
" named_tsig_priv_key => \"", { "Ref": "DnsSecKey" }, "\",", "\n",
|
||||
" dns_servers => [\"", { "Fn::GetAtt": [ "BrokerInstance", "PublicIp" ] }, "\"],\n",
|
||||
" os_unmanaged_users => [\"ec2-user\"],\n",
|
||||
" enable_network_services => true,\n",
|
||||
" configure_firewall => false,\n",
|
||||
" configure_ntp => true,\n",
|
||||
" configure_activemq => false,\n",
|
||||
" configure_qpid => false,\n",
|
||||
" configure_mongodb => false,\n",
|
||||
" configure_named => false,\n",
|
||||
" configure_broker => false,\n",
|
||||
" configure_console => false,\n",
|
||||
" configure_node => true,\n",
|
||||
" development_mode => true,\n",
|
||||
" named_ipaddress => \"", { "Fn::GetAtt": [ "BrokerInstance", "PublicIp" ] }, "\",\n",
|
||||
" mongodb_fqdn => \"", { "Fn::GetAtt": [ "BrokerInstance", "PublicIp" ] }, "\",\n",
|
||||
" mq_fqdn => \"", { "Fn::GetAtt": [ "BrokerInstance", "PublicIp" ] }, "\",\n",
|
||||
" broker_fqdn => \"", { "Fn::GetAtt": [ "BrokerInstance", "PublicIp" ] }, "\",\n",
|
||||
"}\n",
|
||||
"EOF\n",
|
||||
"puppet apply --verbose /root/configure.pp | tee /var/log/configure_openshift.log;", "\n",
|
||||
"service network restart | tee /var/log/configure_openshift.log;\n",
|
||||
"service cgconfig restart | tee /var/log/configure_openshift.log;\n",
|
||||
"service cgred restart | tee /var/log/configure_openshift.log;\n",
|
||||
"service openshift-cgroups restart | tee /var/log/configure_openshift.log;\n",
|
||||
"service openshift-node-web-proxy restart | tee /var/log/configure_openshift.log;\n",
|
||||
"service mcollective restart | tee /var/log/configure_openshift.log;\n",
|
||||
"service httpd restart | tee /var/log/configure_openshift.log;\n",
|
||||
"service sshd restart | tee /var/log/configure_openshift.log;\n",
|
||||
"export EC2_INSTANCE_ID=\"`facter ec2_instance_id`\"\n",
|
||||
"export IP_ADDRESS=\"`facter ipaddress`\"\n",
|
||||
"cat << _EOF > /root/nsupdate.cmd\n",
|
||||
"key ", { "Ref": "Prefix" }," ",{ "Ref": "DnsSecKey" },"\n",
|
||||
"server ",{ "Fn::GetAtt": [ "BrokerInstance", "PublicIp" ] }," 53\n",
|
||||
"update delete ${EC2_INSTANCE_ID}.",{ "Ref": "Prefix" }," A\n",
|
||||
"update add ${EC2_INSTANCE_ID}.",{ "Ref": "Prefix" }," 180 A ${IP_ADDRESS}\n",
|
||||
"send\n",
|
||||
"_EOF\n",
|
||||
"cat /root/nsupdate.cmd | nsupdate\n"
|
||||
]
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue