cloud-mu 1.9.0.pre.beta

data/modules/mu/config/README.md

@@ -0,0 +1,11 @@
+This directory contains schema definitions for the various cloud resource types
+supported by Mu. There should be one file per resource type here, each defining
+one class under `MU::Config` and implementing, at minimum, the class methods `self.schema` and `self.validate`.
+
+The schema and validation should by cloud-generic, that is it should only
+contain properties common across cloud providers. Platform-specific schema and
+validation behaviors should be written into the actual implementation, e.g.
+`MU::Cloud::AWS::Log` will contain AWS-specific schema components and
+validation checks.
+
+See also the [Cloud layer developer README](https://github.com/cloudamatic/mu/tree/master/modules/mu/clouds)

data/modules/mu/config/alarm.rb

@@ -0,0 +1,271 @@
+# Copyright:: Copyright (c) 2018 eGlobalTech, Inc., all rights reserved
+#
+# Licensed under the BSD-3 license (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License in the root of the project or at
+#
+#     http://egt-labs.com/mu/LICENSE.html
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+module MU
+  class Config
+    # Basket of Kittens config schema and parser logic. See modules/mu/clouds/*/alarm.rb
+    class Alarm
+
+      # Sections of Alarm schema shared between Alarms as a first-class
+      # resource and as inline declarations in other resources.
+      # @return [Hash]
+      def self.common_properties
+        {
+          "name" => {
+            "type" => "string"
+          },
+          "ok_actions" => {
+            "type" => "array",
+            "minItems" => 1,
+            "description" => "What actions to take when alarm state transitions to 'OK'.",
+            "items" => {
+                "type" => "String"
+            }
+          },
+          "alarm_actions" => {
+            "type" => "array",
+            "minItems" => 1,
+            "description" => "What actions to take when alarm state transitions to 'ALARM'.",
+            "items" => {
+                "type" => "String"
+            }
+          },
+          "no_data_actions" => {
+            "type" => "array",
+            "minItems" => 1,
+            "description" => "What actions to take when alarm state transitions to 'INSUFFICIENT'.",
+            "items" => {
+                "type" => "String"
+            }
+          },
+          "metric_name" => {
+            "type" => "string",
+            "description" => "The name of the attribute to monitor eg. CPUUtilization."
+          },
+          "namespace" => {
+            "type" => "string",
+            "description" => "The name of container 'metric_name' belongs to eg. 'AWS/EC2'"
+          },
+          "statistic" => {
+            "type" => "string",
+            "description" => "",
+            "enum" => ["SampleCount", "Average", "Sum", "Minimum", "Maximum"]
+          },
+          "dimensions" => {
+            "type" => "array",
+            "description" => "What to monitor",
+            "items" => {
+                "type" => "object",
+                "additionalProperties" => false,
+                "required" => ["cloud_class"],
+                "description" => "What to monitor",
+                "properties" => {
+                    "cloud_class" => {
+                        "type" => "string",
+                        "description" => "The type of resource we're checking",
+                        "enum" => ["InstanceId", "server", "Server", "DBInstanceIdentifier", "database", "Database", "LoadBalancerName", "loadbalancer", "LoadBalancer", "CacheClusterId", "cache_cluster", "CacheCluster", "VolumeId", "volume", "Volume", "BucketName", "bucket", "Bucket", "TopicName", "notification", "Notification", "AutoScalingGroupName", "server_pool", "ServerPool"]
+                    },
+                    "cloud_id" => {
+                        "type" => "string",
+                        "description" => "The cloud identifier of the resource the alarm is being created for. eg - i-d96eca0d. Must use either 'cloud_id' OR 'mu_name' AND 'deploy_id'"
+                    },
+                    "mu_name" => {
+                        "type" => "string",
+                        "description" => "The full name of a resource in a foreign deployment which we should monitor. You should also include 'deploy_id' so we will be able to identifiy a single resource. Use either 'cloud_id' OR 'mu_name' and 'deploy_id'"
+                    },
+                    "deploy_id" => {
+                        "type" => "string",
+                        "description" => "Should be used with 'mu_name' to identifiy a single resource."
+                    },
+                    "name" => {
+                        "type" => "string",
+                        "description" => "The name of another resource in this stack with which to associate this alarm."
+                    }
+                }
+            }  
+          },
+          "period" => {
+            "type" => "integer",
+            "description" => "The time, in seconds the 'statistic' is checked/tested. Must be multiples of 60"
+          },
+          "unit" => {
+            "type" => "string",
+            "description" => "Associated with the 'metric'",
+            "enum" => ["Seconds", "Microseconds", "Milliseconds", "Bytes", "Kilobytes", "Megabytes", "Gigabytes", "Terabytes", "Bits", "Kilobits", "Megabits", "Gigabits", "Terabits", "Percent", "Count", "Bytes/Second", 
+                                "Kilobytes/Second", "Megabytes/Second", "Gigabytes/Second", "Terabytes/Second", "Bits/Second", "Kilobits/Second", "Megabits/Second", "Gigabits/Second", "Terabits/Second", "Count/Second", "nil"]
+          },
+          "evaluation_periods" => {
+            "type" => "integer",
+            "description" => "The number of times to repeat the 'period' before changing the state of an alarm. eg form 'OK' to 'ALARM' state"
+          },
+          "threshold" => {
+        # TO DO: This should be a float
+            "type" => "integer",
+            "description" => "The value the 'statistic' is compared to and action (eg 'alarm_actions') will be invoked "
+          },
+          "comparison_operator" => {
+            "type" => "string",
+            "description" => "The arithmetic operation to use when comparing 'statistic' and 'threshold'. The 'statistic' value is used as the first operand",
+            "enum" => ["GreaterThanOrEqualToThreshold", "GreaterThanThreshold", "LessThanThreshold", "LessThanOrEqualToThreshold"]
+          },
+        # TO DO: Separate all of these to an SNS primitive
+          "enable_notifications" => {
+            "type" => "boolean",
+            "description" => "Rather to send notifications when the alarm state changes"
+          },
+          "notification_group" => {
+            "type" => "string",
+            "description" => "The name of the notification group. Will be created if it doesn't exist. We use / create a default one if not specified. NOTE: because we can't confirm subscription to a group programmatically, you should use an existing group",
+            "default" => "mu-default"
+          },
+          "notification_type" => {
+            "type" => "string",
+            "description" => "What type of notification endpoint will the notification be sent to. defaults to 'email'",
+            "enum" => ["http", "https", "email", "email-json", "sms", "sqs", "application"],
+            "default" => "email"
+          },
+          "notification_endpoint" => {
+            "type" => "string",
+            "description" => "The endpoint the notification will be sent to. eg. if notification_type is 'email'/'email-json' the endpoint will be the email address. A confirmation email will be sent to this email address if a new notification_group is created, if not specified and notification_type is set to 'email' we will use the mu-master email address",
+            "default_if" => [
+                {
+                    "key_is" => "notification_type",
+                    "value_is" => "email",
+                    "set" => MU::Config.notification_email
+                },
+                {
+                    "key_is" => "notification_type",
+                    "value_is" => "email-json",
+                    "set" => MU::Config.notification_email
+                }
+            ]
+          }
+        }
+      end
+
+      # Base configuration schema for a Alarm
+      # @return [Hash]
+      def self.schema
+        base = {
+          "type" => "object",
+          "additionalProperties" => false,
+          "description" => "Cloud platform monitoring alarms",
+          "properties" => {
+          }
+        }
+        base["properties"].merge!(common_properties)
+        base
+      end
+
+      # Most Alarm objects aren't actually declared as first-class resources,
+      # but instead inline on other objects. Schema is slightly different.
+      def self.inline
+        {
+          "type" => "array",
+          "minItems" => 1,
+          "items" => {
+            "description" => "Create a CloudWatch Alarm.",
+            "type" => "object",
+            "title" => "CloudWatch Alarm Parameters",
+            "required" => ["name", "metric_name", "statistic", "period", "evaluation_periods", "threshold", "comparison_operator"],
+            "additionalProperties" => false,
+            "properties" => common_properties
+          }
+        }
+      end
+
+      # Generic pre-processing of {MU::Config::BasketofKittens::alarms}, bare and unvalidated.
+      # @param alarm [Hash]: The resource to process and validate
+      # @param configurator [MU::Config]: The overall deployment configurator of which this resource is a member
+      # @return [Boolean]: True if validation succeeded, False otherwise
+      def self.validate(alarm, configurator)
+        ok = true
+
+        if alarm["namespace"].nil?
+          MU.log "You must specify 'namespace' when creating an alarm", MU::ERR
+          ok = false
+        end
+
+        if alarm["metric_name"].nil?
+          MU.log "You must specify 'metric_name' when creating an alarm", MU::ERR
+          ok = false
+        end
+
+        if alarm["statistic"].nil?
+          MU.log "You must specify 'statistic' when creating an alarm", MU::ERR
+          ok = false
+        end
+
+        if alarm["period"].nil?
+          MU.log "You must specify 'period' when creating an alarm", MU::ERR
+          ok = false
+        end
+
+        if alarm["evaluation_periods"].nil?
+          MU.log "You must specify 'evaluation_periods' when creating an alarm", MU::ERR
+          ok = false
+        end
+
+        if alarm["threshold"].nil?
+          MU.log "You must specify 'threshold' when creating an alarm", MU::ERR
+          ok = false
+        end
+
+        if alarm["comparison_operator"].nil?
+          MU.log "You must specify 'comparison_operator' when creating an alarm", MU::ERR
+          ok = false
+        end
+
+        if alarm["enable_notifications"]
+          if alarm["comparison_operator"].nil?
+            MU.log "You must specify 'comparison_operator' when creating an alarm", MU::ERR
+            ok = false
+          end
+
+          if alarm["notification_group"].nil?
+            MU.log "You must specify 'notification_group' when 'enable_notifications' is set to true", MU::ERR
+            ok = false
+          end
+
+          if alarm["notification_type"].nil?
+            MU.log "You must specify 'notification_type' when 'enable_notifications' is set to true", MU::ERR
+            ok = false
+          end
+
+          #if alarm["notification_endpoint"].nil?
+          #  MU.log "You must specify 'notification_endpoint' when 'enable_notifications' is set to true", MU::ERR
+          #  ok = false
+          #end
+        end
+        
+        if alarm["dimensions"]
+          alarm["dimensions"].each{ |dimension|
+            if dimension["mu_name"] && dimension["cloud_id"]
+              MU.log "You can only specfiy 'mu_name' or 'cloud_id'", MU::ERR
+              ok = false
+            end
+
+            if dimension["cloud_class"].nil?
+              ok = false
+              MU.log "You must specify 'cloud_class'", MU::ERR
+            end
+          }
+        end
+
+        ok
+      end
+
+    end
+  end
+end

data/modules/mu/config/cache_cluster.rb

@@ -0,0 +1,172 @@
+# Copyright:: Copyright (c) 2018 eGlobalTech, Inc., all rights reserved
+#
+# Licensed under the BSD-3 license (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License in the root of the project or at
+#
+#     http://egt-labs.com/mu/LICENSE.html
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+module MU
+  class Config
+    # Basket of Kittens config schema and parser logic. See modules/mu/clouds/*/cache_cluster.rb
+    class CacheCluster
+
+      # Base configuration schema for a CacheCluster
+      # @return [Hash]
+      def self.schema
+        {
+          "type" => "object",
+          "description" => "Create cache cluster(s).",
+          "required" => ["name", "engine", "size", "cloud"],
+          "additionalProperties" => false,
+          "properties" => {
+            "name" => {"type" => "string"},
+            "scrub_mu_isms" => {
+                "type" => "boolean",
+                "default" => false,
+                "description" => "When 'cloud' is set to 'CloudFormation,' use this flag to strip out Mu-specific artifacts (tags, standard userdata, naming conventions, etc) to yield a clean, source-agnostic template."
+            },
+            "region" => MU::Config.region_primitive,
+            "tags" => MU::Config.tags_primitive,
+            "optional_tags" => MU::Config.optional_tags_primitive,
+            "engine_version" => {"type" => "string"},
+            "node_count" => {
+              "type" => "integer",
+                "description" => "The number of cache nodes in a cache cluster (memcached), or the number of cache clusters in a cache group (redis)",
+                "default" => 1
+            },
+            "add_firewall_rules" => MU::Config::FirewallRule.reference,
+            "ingress_rules" => {
+              "type" => "array",
+              "items" => MU::Config::FirewallRule.ruleschema
+            },
+            "engine" => {
+                "enum" => ["memcached", "redis"],
+                "type" => "string",
+                "default" => "redis"
+            },
+            "dns_records" => MU::Config::DNSZone.records_primitive(need_target: false, default_type: "CNAME", need_zone: true),
+            "dns_sync_wait" => {
+                "type" => "boolean",
+                "description" => "Wait for DNS record to propagate in DNS Zone.",
+                "default" => true
+            },
+            "alarms" => MU::Config::Alarm.inline,
+            "size" => { # XXX this is AWS-specific, and should be done via API check anyway
+              "pattern" => "^cache\.(t|m|c|i|g|hi|hs|cr|cg|cc){1,2}[0-9]\\.(micro|small|medium|[248]?x?large)$",
+              "type" => "string",
+              "description" => "The Amazon EleastiCache instance type to use when creating this cache cluster.",
+            },
+            "port" => {
+                "type" => "integer",
+                "default" => 6379,
+                "default_if" => [
+                    {
+                        "key_is" => "engine",
+                        "value_is" => "memcached",
+                        "set" => 11211
+                    },
+                    {
+                      "key_is" => "engine",
+                        "value_is" => "redis",
+                        "set" => 6379
+                    }
+                ]
+            },
+            "vpc" => MU::Config::VPC.reference(MU::Config::VPC::MANY_SUBNETS, MU::Config::VPC::NAT_OPTS, "all_public"),
+            "multi_az" => {
+                "type" => "boolean",
+                "description" => "Rather to deploy the cache cluster/cache group in Multi AZ or Single AZ",
+                "default" => false
+            },
+            "snapshot_arn" => {
+                "type" => "string",
+                "description" => "The ARN (Resource Name) of the redis backup stored in S3. Applies only to redis"
+            },
+            "snapshot_retention_limit" => {
+                "type" => "integer",
+                "description" => "The number of days to retain an automatic cache cluster snapshot. Applies only to redis"
+            },
+            "snapshot_window" => {
+                "type" => "string",
+                "description" => "The preferred time range to perform automatic cache cluster backups. Time is in UTC. Applies only to redis. Window must be at least 60 minutes long - 05:00-06:00."
+            },
+            "preferred_maintenance_window" => {
+                "type" => "string",
+                "description" => "The preferred data/time range to perform cache cluster maintenance. Window must be at least 60 minutes long - sun:06:00-sun:07:00. "
+            },
+            "auto_minor_version_upgrade" => {
+                "type" => "boolean",
+                "default" => true
+            },
+            "creation_style" => {
+                "type" => "string",
+                "enum" => ["new", "new_snapshot", "existing_snapshot"],
+                "description" => "'new' - create a new cache cluster; 'new_snapshot' - create a snapshot of of an existing cache cluster, and build a new cache cluster from that snapshot; 'existing_snapshot' - create a cache cluster from an existing snapshot.",
+                "default" => "new"
+            },
+            "identifier" => {
+                "type" => "string",
+                "description" => "For any creation_style other than 'new' this parameter identifies the cache cluster to use. In the case of new_snapshot it will create a snapshot from that cache cluster first; in the case of existing_snapshot, it will use the latest avaliable snapshot."
+            },
+            "notification_arn" => {
+                "type" => "string",
+                "description" => "The AWS resource name of the AWS SNS notification topic notifications will be sent to.",
+            },
+            "parameter_group_parameters" => {
+              "type" => "array",
+              "minItems" => 1,
+              "items" => {
+                "description" => "The cache cluster parameter group parameter to change and when to apply the change.",
+                "type" => "object",
+                "title" => "Cache Cluster Parameter",
+                "required" => ["name", "value"],
+                "additionalProperties" => false,
+                "properties" => {
+                  "name" => {
+                    "type" => "string"
+                  },
+                  "value" => {
+                    "type" => "string"
+                  }
+                }
+              }
+            },
+            "parameter_group_family" => {
+                "type" => "String",
+                "enum" => ["memcached1.4", "redis2.6", "redis2.8"],
+                "description" => "The cache cluster family to create the Parameter Group for. The family type must be the same type as the cache cluster major version - eg if you set engine_version to 2.6 this parameter must be set to redis2.6."
+            }
+          }
+        }
+      end
+
+      # Generic pre-processing of {MU::Config::BasketofKittens::cache_clusters}, bare and unvalidated.
+      # @param cache [Hash]: The resource to process and validate
+      # @param configurator [MU::Config]: The overall deployment configurator of which this resource is a member
+      # @return [Boolean]: True if validation succeeded, False otherwise
+      def self.validate(cache, configurator)
+        ok = true
+        if cluster["creation_style"] != "new" && cluster["identifier"].nil?
+          MU.log "CacheCluster #{cluster['name']}'s creation_style is set to #{cluster['creation_style']} but no identifier was provided. Either set creation_style to new or provide an identifier", MU::ERR
+          ok = false
+        end
+        if !cluster.has_key?("node_count") or cluster["node_count"] < 1
+          MU.log "CacheCluster node_count must be >=1.", MU::ERR
+          ok = false
+        end
+        cluster["multi_az"] = true if cluster["node_count"] > 1
+
+        cluster['dependencies'] << adminFirewallRuleset(vpc: cluster['vpc'], region: cluster['region'], cloud: cluster['cloud']) if !cluster['scrub_mu_isms']
+
+        ok
+      end
+    end
+  end
+end

data/modules/mu/config/collection.rb

@@ -0,0 +1,87 @@
+# Copyright:: Copyright (c) 2018 eGlobalTech, Inc., all rights reserved
+#
+# Licensed under the BSD-3 license (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License in the root of the project or at
+#
+#     http://egt-labs.com/mu/LICENSE.html
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+module MU
+  class Config
+    # Basket of Kittens config schema and parser logic. See modules/mu/clouds/*/collection.rb
+    class Collection
+
+      # Base configuration schema for a Collection
+      # @return [Hash]
+      def self.schema
+        {
+          "type" => "object",
+          "required" => ["name"],
+          "additionalProperties" => false,
+          "description" => "Create an Amazon CloudFormation stack.",
+          "properties" => {
+            "name" => {"type" => "string"},
+            "tags" => MU::Config.tags_primitive,
+            "parameters" => {
+                "type" => "array",
+                "items" => {
+                    "type" => "object",
+                    "description" => "set cloudformation template parameter",
+                    "required" => ["parameter_key", "parameter_value"],
+                    "additionalProperties" => false,
+                    "properties" => {
+                        "parameter_key" => {"type" => "string"},
+                        "parameter_value" => {"type" => "string"}
+                    }
+                }
+            },
+            "pass_deploy_key_as" => {
+                "type" => "string",
+                "description" => "Pass in the deploy key for this stack as a CloudFormation parameter. Set this to the CloudFormation parameter name.",
+            },
+            "pass_parent_parameters" => {
+              "type" => "boolean",
+              "default" => true,
+              "description" => "If targeting CloudFormation, this will pass all of the parent template's parameters to the nested template"
+            },
+            "on_failure" => {
+                "type" => "string",
+                "enum" => ["DO_NOTHING", "ROLLBACK", "DELETE"],
+                "default" => "ROLLBACK"
+            },
+            "template_file" => {"type" => "string"},
+            "timeout" => {
+              "type" => "string",
+              "description" => "Timeout (in minutes) for building this Collection.",
+              "default" => "45"
+            },
+            "template_url" => {
+                "type" => "string",
+                "pattern" => "^#{URI::regexp(%w(http https))}$"
+            },
+            "creation_style" => {
+                "type" => "string",
+                "enum" => ["existing", "new"]
+            }
+          }
+        }
+      end
+
+      # Generic pre-processing of {MU::Config::BasketofKittens::collections}, bare and unvalidated.
+      # @param stack [Hash]: The resource to process and validate
+      # @param configurator [MU::Config]: The overall deployment configurator of which this resource is a member
+      # @return [Boolean]: True if validation succeeded, False otherwise
+      def self.validate(stack, configurator)
+        ok = true
+        ok
+      end
+
+    end
+  end
+end

data/modules/mu/config/container_cluster.rb

@@ -0,0 +1,103 @@
+# Copyright:: Copyright (c) 2018 eGlobalTech, Inc., all rights reserved
+#
+# Licensed under the BSD-3 license (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License in the root of the project or at
+#
+#     http://egt-labs.com/mu/LICENSE.html
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+module MU
+  class Config
+    # Basket of Kittens config schema and parser logic. See modules/mu/clouds/*/container_cluster.rb
+    class ContainerCluster
+
+      # Base configuration schema for a ContainerCluster
+      # @return [Hash]
+      def self.schema
+        base = {
+          "type" => "object",
+          "description" => "Create a cluster of container hosts.",
+          "required" => ["name", "cloud", "instance_type", "instance_count"],
+          "additionalProperties" => false,
+          "properties" => {
+            "name" => { "type" => "string" },
+            "region" => MU::Config.region_primitive,
+            "vpc" => MU::Config::VPC.reference(MU::Config::VPC::ONE_SUBNET + MU::Config::VPC::MANY_SUBNETS, MU::Config::VPC::NO_NAT_OPTS, "all"),
+            "tags" => MU::Config.tags_primitive,
+            "optional_tags" => MU::Config.optional_tags_primitive,
+            "instance_count" => {
+              "type" => "integer",
+              "default" => 2
+            },
+            "kubernetes" => {
+              "type" => "object",
+              "description" => "Options for Kubernetes, specific to EKS or GKE",
+              "properties" => {
+                "version" => {
+                  "type" => "string",
+                  "default" => "1.10",
+                  "description" => "Version of Kubernetes control plane to deploy",
+                },
+                "max_pods" => {
+                  "type" => "integer",
+                  "default" => 5,
+                  "description" => "Maximum number of pods that can be deployed on any given worker node",
+                }
+              }
+            },
+            "kubernetes_resources" => {
+              "type" => "array",
+              "items" => {
+                "type" => "object",
+                "description" => "Optional Kubernetes-specific resource descriptors to run with kubectl create|replace when grooming this cluster. See https://kubernetes.io/docs/concepts/overview/working-with-objects/kubernetes-objects/#understanding-kubernetes-objects"
+              }
+            },
+            "flavor" => {
+              "type" => "string",
+              "description" => "Container clusters in Amazon can be ECS, EKS, or Fargate; Google supports GKE only"
+            },
+            "platform" => {
+              "type" => "string",
+              "default" => "linux",
+# XXX change to reflect available keys in mu/defaults/amazon_images.yaml and mu/defaults/google_images.yaml
+              "enum" => ["linux", "windows", "centos", "ubuntu", "centos6", "ubuntu14", "win2k12", "win2k12r2", "win2k16", "centos7", "rhel7", "rhel71", "amazon"],
+              "description" => "Helps select default AMIs, and enables correct grooming behavior based on operating system type.",
+            },
+            "instance_type" => {
+              "type" => "string",
+              "description" => "Type of container host instances to use. Equivalent to 'size' parameter in Server or ServerPool"
+            },
+            "instance_subnet_pref" => {
+              "type" => "string",
+              "default" => "all_private",
+              "description" => "Worker nodes inherit the main cluster VPC configuration by default. This parameter allows targeting the worker node-cluster to a different class of subnets"
+            }
+          }
+        }
+        MU::Config::Server.common_properties.keys.each { |k|
+          if !base["properties"][k]
+            base["properties"][k] = MU::Config::Server.common_properties[k].dup
+          end
+        }
+
+        base
+      end
+
+      # Generic pre-processing of {MU::Config::BasketofKittens::container_clusters}, bare and unvalidated.
+      # @param cluster [Hash]: The resource to process and validate
+      # @param configurator [MU::Config]: The overall deployment configurator of which this resource is a member
+      # @return [Boolean]: True if validation succeeded, False otherwise
+      def self.validate(cluster, configurator)
+        ok = true
+        ok
+      end
+
+    end
+  end
+end