aws-must-templates 0.1.2

data/mustache/initializeCfnInitHupFiles.mustache

@@ -0,0 +1,85 @@
+
+{{!
+
+
++++start+++
+
+## <a id="initializeCfnInitHupFiles.mustache"></a>initializeCfnInitHupFiles.mustache <a class='navigator' href='#top'>[top]</a>
+
+Cfn-init configuration to create files needed by
+cfn-hup. Confiugration defines polling interval, CloudFormation path
+to monitor, action to take, and the credentials needed for the
+operation.
+
+
+**Attributes**: 
+
+* `CfnUserKey`: reference name to user to retrieve `AWSAccessKeyId`
+  and `AWSSecretKey` in `/etc/cfn/cfn-credentials`
+* `CfnResource` : resource which cfn-hup monitors for changes in `Metadata.cfn-hup`
+* `CfnAction` : actions to trigger, when cfn-hup triggered, possibly starting `CfScript`
+* `CfnScript` : script code for CfnAction (optional)
+
++++close+++
+
+}}
+
+{{! +++fold-on+++ }}
+
+
+"/etc/cfn/cfn-hup.conf":{
+    "content":{
+        "Fn::Join":["", [
+            "[main]\n",
+            "stack=", {"Ref":"AWS::StackName"}, "\n",
+            "credential-file=/etc/cfn/cfn-credentials\n",
+            "interval=1\n",
+            "region=", {"Ref":"AWS::Region"}, "\n"
+        ]]
+    },
+    "mode":"000400",
+    "owner":"root",
+    "group":"root"
+}
+
+,  "/etc/cfn/cfn-credentials":{
+    "content":{
+        "Fn::Join":["", [
+            "AWSAccessKeyId=", {"Ref":"{{CfnUserKey}}"}, "\n",
+            "AWSSecretKey=", {"Fn::GetAtt":["{{CfnUserKey}}", "SecretAccessKey"]}, "\n"
+        ]]
+    },
+    "mode":"000400",
+    "owner":"root",
+    "group":"root"
+}
+
+, "/etc/cfn/hooks.d/cfn-auto-reloader.conf":{
+    "content":{
+        "Fn::Join":["", [
+            "[cfn-auto-reloader-hook]\n",
+            "triggers=post.update\n",
+            "path=Resources.{{CfnResource}}.Metadata.CfnHup\n",
+            "action={{CfnAction}}\n",
+            "runas=root\n"
+        ]]
+    }
+}
+
+{{# CfnScript.length }}
+, "{{CfnAction}}":{
+    "content":{
+        "Fn::Join":["", [ {{# CfnScript }}"{{{.}}}\n",
+                          {{/ CfnScript }}
+                          "\n"
+                    ]]
+    },
+    "mode":"000555",
+    "owner":"root",
+    "group":"root"
+
+}
+{{/ CfnScript.length }}
+
+
+{{! +++fold-off+++ }}

data/mustache/initializeInstallAwsCli.mustache

@@ -0,0 +1,32 @@
+{{!
+
+
++++start+++
+
+
+## <a id="initializeInstallAwsCli.mustache"></a>initializeInstallAwsCli.mustache<a class='navigator' href='#top'> [top]</a>
+
+UserData -script to install AwsCli 
+
+**Attributes**: context=  `./resources/Instance/InstallChef`
+
+* None
+
+
++++close+++
+
+}}
+
+
+{{! +++fold-on+++ }}
+
+                   , "TMP_ZIP=awscli-bundle.zip\n"
+                   , "curl https://s3.amazonaws.com/aws-cli/awscli-bundle.zip -o $TMP_ZIP\n"
+                   , "sudo apt-get install unzip\n"
+                   , "unzip $TMP_ZIP -d /tmp\n"
+                   , "cd /tmp\n"
+                   , "sudo ./awscli-bundle/install -i /usr/local/aws -b /usr/local/bin/aws  \n"
+                   , "echo $(date): awscli installed successfully \n"
+
+
+{{! +++fold-off+++ }}

data/mustache/initializeInstallChef.mustache

@@ -0,0 +1,37 @@
+{{!
+
+
++++start+++
+
+
+## <a id="initializeInstallChef.mustache"></a>initializeInstallChef.mustache<a class='navigator' href='#top'> [top]</a>
+
+UserData -script to install Chef
+
+**Attributes**: 
+
+* `Version`: Chef version to install
+
++++close+++
+
+}}
+
+{{! +++fold-on+++ }}
+
+                 {{# Version}}
+                    {{# Ref}}
+           	 ,  "CHEF_VERSION='", { "Ref": "{{Ref}}" }, "'\n"
+                    {{/ Ref}}
+                    {{^ Ref}}
+           	 ,  "CHEF_VERSION={{Version}}\n"
+                    {{/ Ref}}
+                 {{/ Version}}
+                 ,  "echo $(date): starting to install chef  \n"
+		 ,  "curl -L https://www.chef.io/chef/install.sh | sudo bash -s -- -v $CHEF_VERSION   \n"
+                 ,  "echo $(date): chef installed successfully \n"
+
+
+
+
+
+{{! +++fold-off+++ }}

data/mustache/initializeProvisionChefZero.mustache

@@ -0,0 +1,36 @@
+{{!
+
+
++++start+++
+
+
+## <a id="initializeProvisionChefZero.mustache"></a>initializeProvisionChefZero.mustache<a class='navigator' href='#top'> [top]</a>
+
+Read Chef kithen from S3 bucket && launch chef zero
+
+**Attributes**: context=  `./resources/Instance/LaunchChefZero`
+
+* `BucketName`: S3 bucket containing kitchen to provision
+
+
++++close+++
+
+}}
+
+{{! +++fold-on+++ }}
+
+		 ,  "KITCHEN=/tmp/setup\n"
+                 ,  "echo $(date): copy s3 bucket {{BucketName}} to $KITCHEN \n"
+                 ,  "aws s3 cp --recursive  --region $(aws s3api get-bucket-location --bucket {{BucketName}} --output text) s3://{{BucketName}}/setup/  $KITCHEN\n"
+                 ,  "echo $(date): install chef-zero \n"
+                 ,  "sudo apt-get install -y chef-zero  \n"
+                 ,  "echo $(date): start ChefZero in the background\n"
+                 ,  "chef-zero --host 0.0.0.0 -d\n"
+                 ,  "echo $(date): upload kithchen \n"
+                 ,  "cd $KITCHEN && knife upload .\n"
+                 ,  "echo $(date): kitchen uploaded \n"
+
+
+
+
+{{! +++fold-off+++ }}

data/mustache/initializeStartCfnHup.mustache

@@ -0,0 +1,25 @@
+{{!
+
+
++++start+++
+
+
+## <a id="initializeStartCfnHup.mustache"></a>initializeStartCfnHup.mustache<a class='navigator' href='#top'> [top]</a>
+
+Launch cfn-hup helper, which is a daemon that detects changes in
+resource metadata and runs user-specified actions when a change is
+detected
+
+**Attributes**: 
+
+
++++close+++
+
+}}
+
+
+{{! +++fold-on+++ }}
+  , "cfn-hup   \n"
+
+
+{{! +++fold-off+++ }}

data/mustache/mapping.mustache

@@ -0,0 +1,27 @@
+{{!
+
+    mapping.mustache
+
++++start+++
+
+## <a id="mapping.mustache"></a>mapping.mustache <a class='navigator' href='#top'>[top]</a>
+
+
+Dispatches mapping sub-type templates based mapping Type propertys
+
+**Attributes**: context=  `./mappings`
+
+* `SubnetConfig`: 
+
++++close+++
+
+
+}}
+
+
+{{! +++fold-on+++ }}
+
+{{# SubnetConfig }}{{> mappingSubnetConfig }}{{/ SubnetConfig }}
+
+
+{{! +++fold-off+++ }}

data/mustache/mappingSubnetConfig.mustache

@@ -0,0 +1,27 @@
+{{!
+
++++start+++
+
+
+## <a id="mappingSubnetConfig.mustache"></a>mappingSubnetConfig.mustache <a class='navigator' href='#top'>[top]</a>
+
+Creates a subnet config mapping to map VPC/Public/Private key to CIDR
+subnet block.
+
+**Attributes**: 
+
+* `Name`: of the mapping
+
++++close+++
+
+}}
+
+{{! +++fold-on+++ }}
+
+"{{Name}}" : {
+      "VPC"     : { "CIDR" : "10.44.0.0/16" },
+      "Public"  : { "CIDR" : "10.44.0.0/24" },
+      "Private" : { "CIDR" : "10.44.1.0/24" }
+ }{{_comma}}
+
+{{! +++fold-off+++ }}

data/mustache/mappings.mustache

@@ -0,0 +1,71 @@
+{{!
+
++++start+++
+
+## <a id="mappings.mustache"></a>mappings.mustache <a class='navigator' href='#top'>[top]</a>
+
+
+Create fixed lookup tables `AWSInstanceType2Arch` and
+`AWSRegionArch2AMI` implementing the table below
+
+<code><pre>
+ap-northeast-1    trusty    14.04 LTS    amd64    hvm:ebs-ssd    20150528    ami-90815290    hvm
+ap-southeast-1    trusty    14.04 LTS    amd64    hvm:ebs-ssd    20150528    ami-0accf458    hvm
+ap-southeast-2    trusty    14.04 LTS    amd64    hvm:ebs-ssd    20150528    ami-1dc8b127    hvm
+cn-north-1        trusty    14.04 LTS    amd64    hvm:ebs-ssd    20150528    ami-eae27fd3    hvm
+eu-central-1      trusty    14.04 LTS    amd64    hvm:ebs-ssd    20150528    ami-3248712f    hvm
+eu-west-1         trusty    14.04 LTS    amd64    hvm:ebs-ssd    20150528    ami-d74437a0    hvm
+sa-east-1         trusty    14.04 LTS    amd64    hvm:ebs-ssd    20150528    ami-0f6ced12    hvm
+us-east-1         trusty    14.04 LTS    amd64    hvm:ebs-ssd    20150528    ami-83c525e8    hvm
+us-gov-west-1     trusty    14.04 LTS    amd64    hvm:ebs-ssd    20150528    ami-51513172    hvm
+us-west-1         trusty    14.04 LTS    amd64    hvm:ebs-ssd    20150528    ami-61b25925    hvm
+us-west-2         trusty    14.04 LTS    amd64    hvm:ebs-ssd    20150528    ami-57e8d767    hvm
+</pre></code>
+
+
+**Attributes**: context=  `.`
+
+* none
+
+
+**Actions**:
+
+* **AWSInstanceType2Arch**: fixed key/value mapping, currently only
+    **t2.micro** --> **64bit**
+
+* **AWSRegionArch2AMI**: fixed key/value mapping created, currently
+    architectures only for **64bits**
+
+
++++close+++
+
+
+==================================================================
+The template
+==================================================================
+
+}}
+
+
+{{! +++fold-on+++ }}
+
+      "AWSInstanceType2Arch" : {
+      "t2.micro"    : { "Arch" : "64" }
+      },
+      "AWSRegionArch2AMI" : {
+           "ap-northeast-1" : { "64" : "ami-90815290" },
+           "ap-southeast-1" : { "64" : "ami-0accf458" },
+           "ap-southeast-2" : { "64" : "ami-1dc8b127" },
+           "cn-north-1" : { "64" : "ami-eae27fd3" },
+           "eu-central-1" : { "64" : "ami-3248712f" },
+           "eu-west-1" : { "64" : "ami-d74437a0" },
+           "sa-east-1" : { "64" : "ami-0f6ced12" },
+           "us-east-1" : { "64" : "ami-83c525e8" },
+           "us-west-1" : { "64" : "ami-61b25925" },
+           "us-gov-west-1" : { "64" : "ami-51513172" },
+           "us-west-2" : { "64" : "ami-57e8d767" }
+      }
+
+
+
+{{! +++fold-off+++ }}

data/mustache/output.mustache

@@ -0,0 +1,38 @@
+{{!
+
+
++++start+++
+
+## <a id="output.mustache"></a>output.mustache <a class='navigator' href='#top'>[top]</a>
+
+Create one output entry to CloudFormation JSON output section
+
+**Attributes**: context= `./outputs`
+
+* `Name` : of the ouput entry
+* `Description`: of the output entry
+* one of **Value**, **Ref**, **Attr**
+   * `Value`: of the output parameter
+   * `Ref`: name of refernece
+   * `Attr`
+      * `Ref`: name of attribute reference
+      * `Name`: name of the attribute
+
+
++++close+++
+
+}}
+
+{{! +++fold-on+++ }}
+
+    "{{Name}}": {
+      "Description" : "{{Description}}"
+      {{#Value}}, "Value" : "{{Value}}"{{/Value}}
+      {{#Ref}}, "Value" : { "Ref" : "{{Ref}}" }{{/Ref}}
+      {{#Attr}}, "Value" : { "Fn::GetAtt" : [ "{{Ref}}", "{{Name}}" ] }{{/Attr}}
+    }{{_comma}}
+
+
+
+{{! +++fold-off+++ }}
+

data/mustache/parameter.mustache

@@ -0,0 +1,35 @@
+{{!
+
+
++++start+++
+
+## <a id="parameter.mustache"></a>parameter.mustache <a class='navigator' href='#top'>[top]</a>
+
+Create one parameter entry to CloudFormation JSON parameter section
+
+**Attributes**: context= `./parameters`
+
+* `Name` : of the ouput entry
+* `Description`: of the parameter entry
+*  One of 
+   * `Value`: value of the parameter
+   * `NestedValue`: 
+      * `Stack` : resource name of the nested stack
+      * `Output`: name of output variable in nested stack
+
+
++++close+++
+
+}}
+
+
+
+{{! +++fold-on+++ }}
+
+    "{{Name}}": {
+      "Description" : "{{Description}}{{^Description}}No description given{{/Description}}"
+      , "Type": "{{Type}}"
+      {{#Value}}, "Default" : "{{Value}}"{{/Value}}
+    }{{_comma}}
+
+{{! +++fold-off+++ }}

data/mustache/resource.mustache

@@ -0,0 +1,51 @@
+{{!
+
+    resource.mustache
+
++++start+++
+
+## <a id="resource.mustache"></a>resource.mustache <a class='navigator' href='#top'>[top]</a>
+
+
+Dispatches resource sub-type templates based resource Type propertys
+
+**Attributes**: context=  `./resources`
+
+* `Instance`: sub-document defining an EC instance
+* `SecurityGroup`: sub-document defining an <a href="http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html">AWS::EC2::SecurityGroup</a>
+* `S3Bucket`: 
+* `Role`: 
+* `Policy`: 
+* `InstanceProfile`: 
+* `Stack`: 
+* `Wait`: 
+* `VPC`: 
+* `InternetGateway`: 
+* `Subnet`: 
+* `User`: creates [User](#resourceUser.mustache)
+
+
++++close+++
+
+
+}}
+
+
+{{! +++fold-on+++ }}
+
+{{# Instance }}{{> resourceInstance}}{{/ Instance }}
+{{# SecurityGroup }}{{> resourceSecurityGroup}}{{/ SecurityGroup }}
+{{# S3Bucket }}{{> resourceS3Bucket }}{{/ S3Bucket }}
+{{# Role }}{{> resourceRole }}{{/ Role }}
+{{# Policy }}{{> resourcePolicy }}{{/ Policy }}
+{{# InstanceProfile }}{{> resourceInstanceProfile }}{{/ InstanceProfile }}
+{{# Stack }}{{> resourceStack }}{{/ Stack }}
+{{# Wait }}{{> resourceWait }}{{/ Wait }}
+{{# VPC }}{{> resourceVPC }}{{/ VPC }}
+{{# Subnet }}{{> resourceSubnet }}{{/ Subnet }}
+{{# InternetGateway }}{{> resourceInternetGateway }}{{/ InternetGateway }}
+{{# User }}{{> resourceUser  }}{{/ User }}
+
+
+
+{{! +++fold-off+++ }}

data/mustache/resourceInstance.mustache

@@ -0,0 +1,52 @@
+{{!
+
+
++++start+++
+
+
+## <a id="resourceInstance.mustache"></a>resourceInstance.mustache <a class='navigator' href='#top'>[top]</a>
+
+Create an EC2 instance
+
+**Attributes**: context=  `./resources/Instance`
+
+* `Name`: name of the EC2 instance to create
+* Instance type (mandatory)
+  * `InstanceType` : The instance type, such as t2.micro. 
+  * `InstanceTyperef` : Reference to instance type
+* `tags` : array of tag sub-documents for EC2 instance
+* `SecurityGroupIds`: array of [commonValue.mustache](#commonValue.mustache)
+
+
++++close+++
+
+}}
+
+{{! +++fold-on+++ }}
+
+    "{{Name}}" : {
+      "Type" : "AWS::EC2::Instance"
+      {{> commonCreationPolicy }}
+	  , "Metadata": {
+	        {{> resourceInstanceMetadata }}
+
+	  } {{! metadata }}
+      , "Properties" : {
+          "ImageId" : { "Fn::FindInMap" : [ "AWSRegionArch2AMI", { "Ref" : "AWS::Region" },
+                      { "Fn::FindInMap" : [ "AWSInstanceType2Arch", {{> commonInstanceType }}, "Arch" ] } ] }
+          , "InstanceType" : {{> commonInstanceType}} {{! InstanceType OR InstanceTypeRef }}
+          , "Tags" : [ {{#tags}}{{>tag}}{{/tags}} ]
+          , "SecurityGroupIds" : [ 
+                {{# SecurityGroupIds }}
+                    {{> commonValue }}{{_comma}}
+                {{/ SecurityGroupIds }}
+          ]
+          {{#IamInstanceProfile}}, "IamInstanceProfile" : { "Ref" : "{{IamInstanceProfile}}" }{{/ IamInstanceProfile}}
+          {{# SubnetId }}, "SubnetId": {{> commonValue }} {{/ SubnetId }}
+          {{#KeyName}}, "KeyName" : { "Ref" : "{{KeyName}}" }{{/KeyName}}
+          , "UserData": {{> resourceInstanceInitialize }}
+      }
+    }{{_comma}}
+
+
+{{! +++fold-off+++ }}

data/mustache/resourceInstanceInitialize.mustache

@@ -0,0 +1,120 @@
+{{!
+
+
++++start+++
+
+## <a id="resourceInstanceInitialize.mustache"></a>resourceInstanceInitialize.mustache <a class='navigator' href='#top'>[top]</a>
+
+user-data script
+
+**Attributes**: 
+
+* `CreationPolicy`: in the end send cfn-signal to `../Name` -resource in current stack 
+* `InitializeWait`: name of wait resource (for successfull script)
+* `Initialize` : array of 
+  * `InstallCFtools`: 
+  * `ProvisionChef`: 
+  * `InstallChef`: add UserData to install Chef
+  * `InstallAwsCli`: add UserData to install awscli
+  * `LaunchChefZero`: 
+  * `StartCfnInit`: [Launch cfn-init](#initializeCFinit.mustache)
+  * `StartCfnHup`: [launch cfn-hup helper](#initializeStartCfnHup.mustache)
+
+
++++close+++
+
+}}
+
+{{! +++fold-on+++ }}
+
+
+{ "Fn::Base64": { "Fn::Join": [ "\n",
+                  [
+                    "#!/bin/bash\n"
+                  , "set -x\n"
+                  , "set -e\n"
+                  , "set -o pipefail\n"
+		  , "LOG=/tmp/install.log\n"
+                  , "echo $(date): User data script started  > $LOG\n"
+                  , "echo $(date): User data script started\n"
+                  , "function finish() {\n"
+		  ,        "    echo \"$(date): installation finished\"  \n"
+		  ,        "    echo \"$(date): installation finished\"  >> $LOG \n"
+                           {{# CreationPolicy}}
+                  ,        "    STACK='", { "Ref" : "AWS::StackName" }, "'\n"
+                  ,        "    REGION='", { "Ref" : "AWS::Region" }, "'\n"
+                  ,        "    RESOURCE='{{Name}}'\n"
+                  ,        "    type cfn-signal && sudo cfn-signal --success true  --reason \"UserData script success\" --stack $STACK --resource $RESOURCE --region $REGION \n"
+                           {{/ CreationPolicy}}
+                           {{# InitializeWait}}
+                  ,        "    HANDLE='", { "Ref" : "{{InitializeWait}}" }, "'\n"
+                  ,        "    type cfn-signal && sudo cfn-signal --success true  --reason \"UserData script success\" $HANDLE  \n"
+                           {{/ InitializeWait}}
+
+                  ,  "}\n" 
+                  , "function error() {\n"
+                  ,        "    local lineno=$1\n"
+                  ,        "    local error=1\n"
+		  ,        "    echo \"$(date): installation finished in ERROR $error on line $lineno\"  \n"
+		  ,        "    echo \"$(date): installation finished in ERROR $error on line $lineno\" >> $LOG \n"
+                           {{# CreationPolicy}}
+                  ,        "    STACK='", { "Ref" : "AWS::StackName" }, "'\n"
+                  ,        "    REGION='", { "Ref" : "AWS::Region" }, "'\n"
+                  ,        "    RESOURCE='{{Name}}'\n"
+                  ,        "    type cfn-signal && sudo cfn-signal --exit-code $error  --reason \"installation finished in ERROR on line $lineno\" --stack $STACK --resource $RESOURCE --region $REGION \n"
+                           {{/ CreationPolicy}}
+                           {{# InitializeWait}}
+                  ,        "    HANDLE='", { "Ref" : "{{InitializeWait}}" }, "'\n"
+                  ,        "    type cfn-signal && sudo cfn-signal --exit-code $error  --reason \"installation finished in ERROR on line $lineno\" $HANDLE  \n"
+                           {{/ InitializeWait}}
+                  ,        "    exit 1\n"
+                  ,  "}\n" 
+                  , "trap finish EXIT\n"
+                  , "trap 'error ${LINENO}' ERR\n"
+
+{{! NOTICE:  check for resourceInstanceMetadata.mustache   }}
+
+
+                {{# Initialize}}
+	            {{# InstallCFtools }}
+                    ,      "echo \"$(date): ------------------------------------------------------------------\"   \n"
+                    ,      "echo Install Cloudformation tools   \n"
+                           {{> initializeCFtools }} 
+                    {{/ InstallCFtools }}
+	            {{#ProvisionChef }}
+                    ,      "echo \"$(date): ------------------------------------------------------------------\"   \n"
+                    ,      "echo Provision chef   \n"
+                           {{> initializeProvisionChef }} 
+                    {{/ ProvisionChef }}
+	            {{#InstallAwsCli }}
+                    ,      "echo \"$(date): ------------------------------------------------------------------\"   \n"
+                    ,      "echo Install AWS client tools   \n"
+                          {{> initializeInstallAwsCli }}
+                    {{/ InstallAwsCli }}
+	            {{#InstallChef }}
+                    ,      "echo \"$(date): ------------------------------------------------------------------\"   \n"
+                    ,      "echo Install chef   \n"
+                           {{> initializeInstallChef }} 
+                    {{/ InstallChef }}
+	            {{#LaunchChefZero }}
+                    ,      "echo \"$(date): ------------------------------------------------------------------\"   \n"
+                    ,      "echo Lauch ChefZero   \n"
+                           {{> initializeProvisionChefZero }} 
+                    {{/ LaunchChefZero }}
+	            {{# StartCfnInit }}
+                    ,      "echo \"$(date): ------------------------------------------------------------------\"   \n"
+                    ,      "echo Start cfn-init   \n"
+                           {{> initializeCFinit }} 
+                    {{/ StartCfnInit }}
+	            {{# StartCfnHup }}
+                    ,      "echo \"$(date): ------------------------------------------------------------------\"   \n"
+                    ,      "echo Start cfn-hup   \n"
+                           {{> initializeStartCfnHup }} 
+                    {{/ StartCfnHup }}
+                {{/ Initialize}}
+                ]
+
+           ]}
+       } 
+
+{{! +++fold-off+++ }}