ciinabox-ecs 0.1.6

data/templates/services/hawtio.rb

@@ -0,0 +1,100 @@
+require 'cfndsl'
+require_relative '../../ext/helper'
+
+if !defined? timezone
+  timezone = 'GMT'
+end
+
+image = 'fabric8/hawtio'
+java_opts = ''
+memory = 1024
+cpu = 300
+container_port = 0
+service = lookup_service('hawtio', services)
+if service
+  java_opts = service['JAVA_OPTS'] || java_opts
+  image = service['ContainerImage'] || image
+  memory = service['ContainerMemory'] || memory
+  cpu = service['ContainerCPU'] || cpu
+  container_port = service['InstancePort'] || container_port
+end
+
+CloudFormation {
+
+  AWSTemplateFormatVersion "2010-09-09"
+  Description "ciinabox - ECS Service Hawtio v#{ciinabox_version}"
+
+  Parameter("ECSCluster"){ Type 'String' }
+  Parameter("ECSRole"){ Type 'String' }
+  Parameter("ServiceELB"){ Type 'String' }
+
+  Resource('HawtioTask') {
+    Type "AWS::ECS::TaskDefinition"
+    Property('ContainerDefinitions', [
+      {
+        Name: 'hawtio',
+        Memory: memory,
+        Cpu: cpu,
+        Image: image,
+        Environment: [
+          {
+            Name: 'JAVA_OPTS',
+            Value: "#{java_opts} -Duser.timezone=#{timezone}"
+          },
+          {
+            Name: 'VIRTUAL_HOST',
+            Value: "hawtio.#{dns_domain}"
+          },
+          {
+            Name: 'VIRTUAL_PORT',
+            Value: '8080'
+          },
+          {
+            Name: 'hawtio_dirname',
+            Value: '/var/hawtio'
+          },
+
+        ],
+        Essential: true,
+        MountPoints: [
+          {
+            ContainerPath: '/etc/localtime',
+            SourceVolume: 'timezone',
+            ReadOnly: true
+          },
+          {
+            ContainerPath: '/var/hawtio',
+            SourceVolume: 'data',
+            ReadOnly: false
+          }
+        ]
+      }
+    ])
+    Property('Volumes', [
+      {
+        Name: 'timezone',
+        Host: {
+          SourcePath: '/etc/localtime'
+        }
+      },
+      {
+        Name: 'data',
+        Host: {
+          SourcePath: '/data/hawtio'
+        }
+      }
+    ])
+  }
+
+  Resource('HawtioService') {
+    Type 'AWS::ECS::Service'
+    Property('Cluster', Ref('ECSCluster'))
+    Property('DesiredCount', 1)
+    Property('TaskDefinition', Ref('HawtioTask'))
+    Property('Role', Ref('ECSRole')) unless container_port == 0
+    Property('LoadBalancers', [
+      { ContainerName: 'hawtio', ContainerPort: container_port, LoadBalancerName: Ref('ServiceELB') }
+    ]) unless container_port == 0
+
+  }
+}

data/templates/services/icinga2.rb

@@ -0,0 +1,79 @@
+require 'cfndsl'
+require_relative '../../ext/helper'
+
+if !defined? timezone
+  timezone = 'GMT'
+end
+
+#icinga2_image: AWS_ACCOUNT_ID.dkr.ecr.AWS_REGION/base2/icinga2:VERSION_TAG
+image = "icinga/icinga2" #fail safe so file compiles
+
+if defined? icinga2_image
+  image = icinga2_image
+end
+
+memory = 1024
+cpu = 300
+container_port = 0
+
+CloudFormation {
+
+  AWSTemplateFormatVersion "2010-09-09"
+  Description "ciinabox - ECS Service Hawtio v#{ciinabox_version}"
+
+  Parameter("ECSCluster"){ Type 'String' }
+  Parameter("ECSRole"){ Type 'String' }
+  Parameter("ServiceELB"){ Type 'String' }
+
+  Resource('Icinga2Task') {
+    Type "AWS::ECS::TaskDefinition"
+    Property('ContainerDefinitions', [
+      {
+        Name: 'icinga2',
+        Memory: memory,
+        Cpu: cpu,
+        Image: image,
+        Environment: [
+          {
+            Name: 'VIRTUAL_HOST',
+            Value: "icinga2.#{dns_domain}"
+          },
+          {
+            Name: 'VIRTUAL_PORT',
+            Value: '80'
+          }
+
+        ],
+        Essential: true,
+        MountPoints: [
+          {
+            ContainerPath: '/etc/localtime',
+            SourceVolume: 'timezone',
+            ReadOnly: true
+          }
+        ]
+      }
+    ])
+    Property('Volumes', [
+      {
+        Name: 'timezone',
+        Host: {
+          SourcePath: '/etc/localtime'
+        }
+      }
+
+    ])
+  }
+
+  Resource('IcingaService') {
+    Type 'AWS::ECS::Service'
+    Property('Cluster', Ref('ECSCluster'))
+    Property('DesiredCount', 1)
+    Property('TaskDefinition', Ref('Icinga2Task'))
+    Property('Role', Ref('ECSRole')) unless container_port == 0
+    # Property('LoadBalancers', [
+    #   { ContainerName: 'hawtio', ContainerPort: container_port, LoadBalancerName: Ref('ServiceELB') }
+    # ]) unless container_port == 0
+
+  }
+}

data/templates/services/jenkins.rb

@@ -0,0 +1,209 @@
+require 'cfndsl'
+
+if !defined? timezone
+  timezone = 'GMT'
+end
+
+if !defined? internal_elb
+  internal_elb = nil
+end
+
+if !defined? volatile_jenkins_slave
+  volatile_jenkins_slave = false
+end
+
+# Prefixing application images allows us to 'vendorize' ciinabox into client's account by setting
+# ciinabox_repo to ${account_no}.dkr.ecr.${region}.amazonaws.com
+if not defined? ciinabox_repo
+  ciinabox_repo=''
+end
+
+image = "#{ciinabox_repo}base2/ciinabox-jenkins:lts"
+
+jenkins_java_opts = ''
+memory = 2048
+slave_memory = 2048
+cpu = 300
+container_port = 0
+service = lookup_service('jenkins', services)
+virtual_host = "jenkins.#{dns_domain}"
+if defined? internal_elb and internal_elb
+  virtual_host = "#{virtual_host},internal-jenkins.#{dns_domain}"
+end
+port_mappings = []
+
+if defined? service
+  service = {} if service.nil?
+  jenkins_java_opts = service['JAVA_OPTS'] || ''
+  image = service['ContainerImage'] || image
+  memory = service['ContainerMemory'] || 2048
+  slave_memory = service['SlaveContainerMemory'] || 2048
+  cpu = service['ContainerCPU'] || 300
+
+  if service['InstancePort']
+    port_mappings << {
+        HostPort: service['InstancePort'],
+        ContainerPort: service['InstancePort']
+    }
+    container_port = service['InstancePort']
+    virtual_host = "jenkins.#{dns_domain},internal-jenkins.#{dns_domain}"
+  end
+
+end
+
+# container volumes and container definitions depending on feature flags
+volumes = [
+    {
+        Name: 'timezone',
+        Host: {
+            SourcePath: '/etc/localtime'
+        }
+    },
+    {
+        Name: 'jenkins_data',
+        Host: {
+            SourcePath: '/data/jenkins'
+        }
+    }]
+
+container_definitions = [
+    {
+        Name: 'jenkins',
+        Links: [],
+        Memory: memory,
+        Cpu: cpu,
+        Image: image,
+        PortMappings: port_mappings,
+        Environment: [
+            {
+                Name: 'JAVA_OPTS',
+                Value: "#{jenkins_java_opts} -Duser.timezone=#{timezone}"
+            },
+            {
+                Name: 'VIRTUAL_HOST',
+                Value: virtual_host
+            },
+            {
+                Name: 'VIRTUAL_PORT',
+                Value: '8080'
+            }
+        ],
+        Essential: true,
+        MountPoints: [
+            {
+                ContainerPath: '/etc/localtime',
+                SourceVolume: 'timezone',
+                ReadOnly: true
+            },
+            {
+                ContainerPath: '/var/jenkins_home',
+                SourceVolume: 'jenkins_data',
+                ReadOnly: false
+            }
+        ]
+    }
+]
+
+# If docker in docker slave is enabled
+if defined? include_diind_slave and include_diind_slave
+  container_definitions[0][:Links] << 'jenkins-docker-dind-slave'
+  dind_definition = {
+      Name: 'jenkins-docker-dind-slave',
+      Memory: slave_memory,
+      Image: "#{ciinabox_repo}base2/ciinabox-docker-slave:#{docker_slave_version}",
+      Environment: [{Name: 'RUN_DOCKER_IN_DOCKER', Value: 1}],
+      Essential: false,
+      Privileged: true
+  }
+  dind_definition[:Environment] << { Name: 'USE_ECR_CREDENTIAL_HELPER', Value: 1 } if docker_slave_enable_ecr_credentials_helper
+  if not volatile_jenkins_slave
+    dind_definition[:MountPoints] = [
+        {
+            ContainerPath: '/var/lib/docker',
+            SourceVolume: 'jenkins_dind_data',
+            ReadOnly: false
+        }
+    ]
+    volumes << {
+        Name: 'jenkins_dind_data',
+        Host: {
+            SourcePath: '/data/jenkins-diind'
+        }
+    }
+  end
+  container_definitions << dind_definition
+
+end
+
+# If docker outside of docker slave is enabled
+if defined? include_dood_slave and include_dood_slave
+  container_definitions[0][:Links] << 'jenkins-docker-dood-slave'
+  dood_definition =  {
+      Name: 'jenkins-docker-dood-slave',
+      Memory: slave_memory,
+      Image: "#{ciinabox_repo}base2/ciinabox-docker-slave:#{docker_slave_version}",
+      Environment: [{Name: 'RUN_DOCKER_IN_DOCKER', Value: 0}],
+      MountPoints: [
+          {
+              ContainerPath: '/var/run/docker.sock',
+              SourceVolume: 'docker_socket',
+              ReadOnly: false
+          },
+          {
+              ContainerPath: '/data/jenkins-dood',
+              SourceVolume: 'jenkins_dood_data',
+              ReadOnly: false
+          }
+      ],
+      Essential: false,
+      Privileged: false
+  }
+  dood_definition[:Environment] << { Name: 'USE_ECR_CREDENTIAL_HELPER', Value: 1 } if docker_slave_enable_ecr_credentials_helper
+  container_definitions << dood_definition
+  volumes << {
+      Name: 'jenkins_dood_data',
+      Host: {
+          SourcePath: '/data/jenkins-dood'
+      }
+  }
+  volumes << {
+      Name: 'docker_socket',
+      Host: {
+          SourcePath: '/var/run/docker.sock'
+      }
+  }
+end
+
+
+CloudFormation {
+
+  AWSTemplateFormatVersion "2010-09-09"
+  Description "ciinabox - ECS Service Jenkins v#{ciinabox_version}"
+
+  Parameter("ECSCluster") {Type 'String'}
+  Parameter("ECSRole") {Type 'String'}
+  Parameter("ServiceELB") {Type 'String'}
+  Parameter('InternalELB') {Type 'String'} if internal_elb
+
+  Resource('JenkinsTask') {
+    Type "AWS::ECS::TaskDefinition"
+    Property('ContainerDefinitions', container_definitions)
+    Property('Volumes', volumes)
+  }
+
+  Resource('JenkinsService') {
+    Type 'AWS::ECS::Service'
+    Property('Cluster', Ref('ECSCluster'))
+    Property('DeploymentConfiguration', {
+        MaximumPercent: 100,
+        MinimumHealthyPercent: 0
+    })
+    Property('DesiredCount', 1)
+    Property('TaskDefinition', Ref('JenkinsTask'))
+    #For Role... Conditional. This parameter is required only if you specify the LoadBalancers property.
+    Property('Role', Ref('ECSRole')) if internal_elb and container_port != 0
+    Property('LoadBalancers', [
+        {ContainerName: 'jenkins', ContainerPort: container_port, LoadBalancerName: Ref('InternalELB')}
+    ]) if internal_elb and container_port != 0
+  }
+}

data/templates/services/nexus.rb

@@ -0,0 +1,96 @@
+require 'cfndsl'
+require_relative '../../ext/helper'
+
+if !defined? timezone
+  timezone = 'GMT'
+end
+
+image = 'base2/ciinabox-nexus'
+java_opts = ''
+memory = 1024
+cpu = 300
+container_port = 0
+service = lookup_service('nexus', services)
+if service
+  java_opts = service['JAVA_OPTS'] || ''
+  image = service['ContainerImage'] || image
+  memory = service['ContainerMemory'] || 1024
+  cpu = service['ContainerCPU'] || 300
+  container_port = service['InstancePort'] || 0
+end
+
+CloudFormation {
+
+  AWSTemplateFormatVersion "2010-09-09"
+  Description "ciinabox - ECS Service Nexus v#{ciinabox_version}"
+
+  Parameter("ECSCluster"){ Type 'String' }
+  Parameter("ECSRole"){ Type 'String' }
+  Parameter("ServiceELB"){ Type 'String' }
+
+  Resource('NexusTask') {
+    Type "AWS::ECS::TaskDefinition"
+    Property('ContainerDefinitions', [
+      {
+        Name: 'nexus',
+        Memory: memory,
+        Cpu: cpu,
+        Image: image,
+        Environment: [
+          {
+            Name: 'JAVA_OPTS',
+            Value: "#{java_opts} -Duser.timezone=#{timezone} -server -Djava.net.preferIPv4Stack=true"
+          },
+          {
+            Name: 'VIRTUAL_HOST',
+            Value: "nexus.#{dns_domain}"
+          },
+          {
+            Name: 'VIRTUAL_PORT',
+            Value: '8081'
+          }
+        ],
+        Essential: true,
+        MountPoints: [
+          {
+            ContainerPath: '/etc/localtime',
+            SourceVolume: 'timezone',
+            ReadOnly: true
+          },
+          {
+            ContainerPath: '/sonatype-work',
+            SourceVolume: 'nexus_data',
+            ReadOnly: false
+          }
+        ]
+      }
+    ])
+    Property('Volumes', [
+      {
+        Name: 'timezone',
+        Host: {
+          SourcePath: '/etc/localtime'
+        }
+      },
+      {
+        Name: 'nexus_data',
+        Host: {
+          SourcePath: '/data/nexus'
+        }
+      }
+    ])
+  }
+
+  Resource('NexusService') {
+    Type 'AWS::ECS::Service'
+    Property('Cluster', Ref('ECSCluster'))
+    Property('DesiredCount', 1)
+    Property('TaskDefinition', Ref('NexusTask'))
+    Property('Role', Ref('ECSRole')) unless container_port == 0
+    Property('LoadBalancers', [
+      { ContainerName: 'nexus', ContainerPort: container_port, LoadBalancerName: Ref('ServiceELB') }
+    ]) unless container_port == 0
+
+  }
+
+}