RubyGems - wombat-cli - Versions diffs - 0.2.0 - Mend

wombat-cli 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (201) hide show

data/templates/cfn.json.erb ADDED Viewed

@@ -0,0 +1,661 @@
+{
+  "AWSTemplateFormatVersion": "2010-09-09",
+  "Description": "wombat",
+  "Parameters": {
+    "AvailabilityZone": {
+      "Description": "Availability Zone",
+      "Type": "String",
+      "Default": "<%= @availability_zone %>"
+    },
+    "DemoName": {
+      "Description": "Name of the customer or organization",
+      "Type": "String",
+      "Default": "<%= @demo %>"
+    },
+    "Version": {
+      "Description": "Version",
+      "Type": "String",
+      "Default": "<%= @version %>"
+    },
+    "KeyName": {
+      "Description": "Name of an existing ec2 KeyPair to enable SSH access",
+      "Type": "AWS::EC2::KeyPair::KeyName",
+      "ConstraintDescription": "must be the name of an existing EC2 KeyPair."
+    },
+    "SSHLocation": {
+      "Description": "The IP address range that can be used to SSH to the EC2 instances",
+      "Type": "String",
+      "MinLength": "9",
+      "MaxLength": "18",
+      "Default": "0.0.0.0/0",
+      "AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})",
+      "ConstraintDescription": "must be a valid IP CIDR range of the form x.x.x.x/x."
+    },
+    "TTL": {
+      "Description": "Time in hours for the demo to stay active. Default is 4, maximum is 720 hours (30 days).",
+      "Type": "Number",
+      "Default": <%= @ttl %>,
+      "MinValue": 0,
+      "MaxValue": 720
+    },
+    "ChefServerAMI": {
+      "Type": "String",
+      "Default": "<%= @chef_server_ami %>",
+      "Description": "AMI ID for the Chef Server"
+    },
+    "AutomateAMI": {
+      "Type": "String",
+      "Default": "<%= @automate_ami %>",
+      "Description": "AMI ID for the Automate Server"
+    },
+    "ComplianceAMI": {
+      "Type": "String",
+      "Default": "<%= @compliance_ami %>",
+      "Description": "AMI ID for the Compliance Server"
+    },
+<% 1.upto(@build_nodes) do |i| -%>
+    "BuildNode<%= i.to_s %>AMI": {
+      "Type": "String",
+      "Default": "<%= @build_node_ami[i] %>",
+      "Description": "AMI ID for Build Node <%= i %>"
+    },
+<% end -%>
+<% @infra.each do |name, ami| -%>
+    "<%= name %>AMI": {
+      "Type": "String",
+      "Default": "<%= ami %>",
+      "Description": "AMI ID for <%= name %>"
+    },
+<% end -%>
+<% 1.upto(@workstations) do |i| -%>
+    "WindowsWorkstation<%= i.to_s %>AMI": {
+      "Type": "String",
+      "Default": "<%= @workstation_ami[i] %>",
+      "Description": "AMI ID for the Windows Workstation"
+    }
+<% end -%>
+  },
+  "Resources": {
+    "VPC": {
+      "Type": "AWS::EC2::VPC",
+      "Properties": {
+        "CidrBlock": "172.31.0.0/16",
+        "EnableDnsSupport": "true",
+        "EnableDnsHostnames": "true",
+        "Tags": [
+          {
+            "Key": "Application",
+            "Value": {
+              "Ref": "AWS::StackId"
+            },
+            "Key": "Name",
+            "Value": {
+              "Fn::Join" : [ " ", [ { "Ref": "DemoName" }, "VPC" ] ]
+            }
+          }
+        ]
+      }
+    },
+    "SubnetAutomate": {
+      "Type": "AWS::EC2::Subnet",
+      "Properties": {
+        "AvailabilityZone": { "Ref": "AvailabilityZone" },
+        "VpcId": {
+          "Ref": "VPC"
+        },
+        "CidrBlock": "172.31.54.0/24",
+        "Tags": [
+          {
+            "Key": "Application",
+            "Value": {
+              "Ref": "AWS::StackId"
+            },
+            "Key": "Name",
+            "Value": {
+              "Fn::Join" : [ " ", [ { "Ref": "DemoName" }, "Automate Subnet" ] ]
+            }
+          }
+        ]
+      }
+    },
+    "SubnetProd": {
+      "Type": "AWS::EC2::Subnet",
+      "Properties": {
+        "AvailabilityZone": { "Ref": "AvailabilityZone" },
+        "VpcId": {
+          "Ref": "VPC"
+        },
+        "CidrBlock": "172.31.62.0/24",
+        "Tags": [
+          {
+            "Key": "Application",
+            "Value": {
+              "Ref": "AWS::StackId"
+            },
+            "Key": "Name",
+            "Value": {
+              "Fn::Join" : [ " ", [ { "Ref": "DemoName" }, "Prod Subnet" ] ]
+            }
+          }
+        ]
+      }
+    },
+    "SubnetWorkstations": {
+      "Type": "AWS::EC2::Subnet",
+      "Properties": {
+        "AvailabilityZone": { "Ref": "AvailabilityZone" },
+        "VpcId": {
+          "Ref": "VPC"
+        },
+        "CidrBlock": "172.31.10.0/24",
+        "Tags": [
+          {
+            "Key": "Application",
+            "Value": {
+              "Ref": "AWS::StackId"
+            },
+            "Key": "Name",
+            "Value": {
+              "Fn::Join" : [ " ", [ { "Ref": "DemoName" }, "Workstations Subnet" ] ]
+            }
+          }
+        ]
+      }
+    },
+    "InternetGateway": {
+      "Type": "AWS::EC2::InternetGateway",
+      "Properties": {
+        "Tags": [
+          {
+            "Key": "Application",
+            "Value": {
+              "Ref": "AWS::StackId"
+            },
+            "Key": "Name",
+            "Value": {
+              "Fn::Join" : [ " ", [ { "Ref": "DemoName" }, " IG" ] ]
+            }
+          }
+        ]
+      }
+    },
+    "AttachGateway": {
+      "Type": "AWS::EC2::VPCGatewayAttachment",
+      "Properties": {
+        "VpcId": {
+          "Ref": "VPC"
+        },
+        "InternetGatewayId": {
+          "Ref": "InternetGateway"
+        }
+      }
+    },
+    "RouteTable": {
+      "Type": "AWS::EC2::RouteTable",
+      "Properties": {
+        "VpcId": {
+          "Ref": "VPC"
+        },
+        "Tags": [
+          {
+            "Key": "Application",
+            "Value": {
+              "Ref": "AWS::StackId"
+            },
+            "Key": "Name",
+            "Value": {
+              "Fn::Join" : [ " ", [ { "Ref": "DemoName" }, "Demo RouteTable" ] ]
+            }
+          }
+        ]
+      }
+    },
+    "Route": {
+      "Type": "AWS::EC2::Route",
+      "DependsOn": "AttachGateway",
+      "Properties": {
+        "RouteTableId": {
+          "Ref": "RouteTable"
+        },
+        "DestinationCidrBlock": "0.0.0.0/0",
+        "GatewayId": {
+          "Ref": "InternetGateway"
+        }
+      }
+    },
+    "SubnetRouteTableAssociationAutomate": {
+      "Type": "AWS::EC2::SubnetRouteTableAssociation",
+      "Properties": {
+        "SubnetId": {
+          "Ref": "SubnetAutomate"
+        },
+        "RouteTableId": {
+          "Ref": "RouteTable"
+        }
+      }
+    },
+    "SubnetRouteTableAssociationProd": {
+      "Type": "AWS::EC2::SubnetRouteTableAssociation",
+      "Properties": {
+        "SubnetId": {
+          "Ref": "SubnetProd"
+        },
+        "RouteTableId": {
+          "Ref": "RouteTable"
+        }
+      }
+    },
+    "SubnetRouteTableAssociationWorkstations": {
+      "Type": "AWS::EC2::SubnetRouteTableAssociation",
+      "Properties": {
+        "SubnetId": {
+          "Ref": "SubnetWorkstations"
+        },
+        "RouteTableId": {
+          "Ref": "RouteTable"
+        }
+      }
+    },
+    "NetworkAcl": {
+      "Type": "AWS::EC2::NetworkAcl",
+      "Properties": {
+        "VpcId": {
+          "Ref": "VPC"
+        },
+        "Tags": [
+          {
+            "Key": "Application",
+            "Value": {
+              "Ref": "AWS::StackId"
+            },
+            "Key": "Name",
+            "Value": {
+              "Fn::Join" : [ " ", [ { "Ref": "DemoName" }, "NetworkAcl" ] ]
+            }
+          }
+        ]
+      }
+    },
+    "InboundNetworkAclEntry": {
+      "Type": "AWS::EC2::NetworkAclEntry",
+      "Properties": {
+        "NetworkAclId": {
+          "Ref": "NetworkAcl"
+        },
+        "RuleNumber": "100",
+        "Protocol": "-1",
+        "RuleAction": "allow",
+        "Egress": "false",
+        "CidrBlock": "0.0.0.0/0"
+      }
+    },
+    "OutBoundNetworkAclEntry": {
+      "Type": "AWS::EC2::NetworkAclEntry",
+      "Properties": {
+        "NetworkAclId": {
+          "Ref": "NetworkAcl"
+        },
+        "RuleNumber": "100",
+        "Protocol": "-1",
+        "RuleAction": "allow",
+        "Egress": "true",
+        "CidrBlock": "0.0.0.0/0"
+      }
+    },
+    "SubnetNetworkAclAssociationAutomate": {
+      "Type": "AWS::EC2::SubnetNetworkAclAssociation",
+      "Properties": {
+        "SubnetId": {
+          "Ref": "SubnetAutomate"
+        },
+        "NetworkAclId": {
+          "Ref": "NetworkAcl"
+        }
+      }
+    },
+    "SubnetNetworkAclAssociationProd": {
+      "Type": "AWS::EC2::SubnetNetworkAclAssociation",
+      "Properties": {
+        "SubnetId": {
+          "Ref": "SubnetProd"
+        },
+        "NetworkAclId": {
+          "Ref": "NetworkAcl"
+        }
+      }
+    },
+    "SubnetNetworkAclAssociationPOCWorkstations": {
+      "Type": "AWS::EC2::SubnetNetworkAclAssociation",
+      "Properties": {
+        "SubnetId": {
+          "Ref": "SubnetWorkstations"
+        },
+        "NetworkAclId": {
+          "Ref": "NetworkAcl"
+        }
+      }
+    },
+<% 1.upto(@workstations) do |i| -%>
+    "WindowsWorkstation<%= i.to_s %>": {
+      "Type": "AWS::EC2::Instance",
+      "Properties": {
+        "InstanceType": "m3.large",
+        "AvailabilityZone": { "Ref": "AvailabilityZone" },
+        "NetworkInterfaces": [
+          {
+            "GroupSet": [
+              {
+                "Ref": "DemoSecurityGroup"
+              }
+            ],
+            "AssociatePublicIpAddress": "true",
+            "PrivateIpAddress": "172.31.54.<%= 200 + i %>",
+            "DeviceIndex": "0",
+            "DeleteOnTermination": "true",
+            "SubnetId": {
+              "Ref": "SubnetAutomate"
+            }
+          }
+        ],
+        "KeyName": {
+          "Ref": "KeyName"
+        },
+        "ImageId": {
+              "Ref": "WindowsWorkstation<%= i.to_s %>AMI"
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": {
+              "Fn::Join" : [ " ", [ { "Ref": "DemoName" }, "Workstation" ] ]
+            }
+          }
+        ]
+      }
+    },
+<% end -%>
+<% 1.upto(@build_nodes) do |i| -%>
+    "BuildNode<%= i.to_s %>": {
+      "Type": "AWS::EC2::Instance",
+      "Properties": {
+        "InstanceType": "m3.large",
+        "AvailabilityZone": { "Ref": "AvailabilityZone" },
+        "NetworkInterfaces": [
+          {
+            "GroupSet": [
+              {
+                "Ref": "DemoSecurityGroup"
+              }
+            ],
+            "AssociatePublicIpAddress": "true",
+            "PrivateIpAddress": "172.31.54.<%= 50 + i %>",
+            "DeviceIndex": "0",
+            "DeleteOnTermination": "true",
+            "SubnetId": {
+              "Ref": "SubnetAutomate"
+            }
+          }
+        ],
+        "KeyName": { "Ref": "KeyName" },
+        "UserData": { "Fn::Base64" : { "Fn::Join" : ["", [
+             "#!/bin/bash -xe\n",
+             "hostnamectl set-hostname build-node-<%= i.to_s %>\n"]]}
+        },
+        "ImageId": {
+              "Ref": "BuildNode<%= i.to_s %>AMI"
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": {
+              "Fn::Join" : [ " ", [ { "Ref": "DemoName" }, "Build Node <%= i.to_s %>" ] ]
+            }
+          }
+        ]
+      }
+    },
+<% end -%>
+<% @infra.sort.each do |name, _ami| -%>
+    "<%= name %>": {
+      "Type": "AWS::EC2::Instance",
+      "Properties": {
+        "InstanceType": "m3.large",
+        "AvailabilityZone": { "Ref": "AvailabilityZone" },
+        "NetworkInterfaces": [
+          {
+            "GroupSet": [
+              {
+                "Ref": "DemoSecurityGroup"
+              }
+            ],
+            "AssociatePublicIpAddress": "true",
+            "PrivateIpAddress": "172.31.54.<%= 101 + @infra.keys.find_index(name) %>",
+            "DeviceIndex": "0",
+            "DeleteOnTermination": "true",
+            "SubnetId": {
+              "Ref": "SubnetAutomate"
+            }
+          }
+        ],
+        "KeyName": { "Ref": "KeyName" },
+        "UserData": { "Fn::Base64" : { "Fn::Join" : ["", [
+             "#!/bin/bash -xe\n",
+             "hostnamectl set-hostname <%= name %>\n"]]}
+        },
+        "ImageId": {
+              "Ref": "<%= name %>AMI"
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": {
+              "Fn::Join" : [ " ", [ { "Ref": "DemoName" }, "<%= name %>" ] ]
+            }
+          }
+        ]
+      }
+    },
+<% end -%>
+    "Chef": {
+      "Type": "AWS::EC2::Instance",
+      "Properties": {
+        "InstanceType": "c3.xlarge",
+        "AvailabilityZone": { "Ref": "AvailabilityZone" },
+      	"BlockDeviceMappings" : [
+         	{
+        	  "DeviceName" : "/dev/sda1",
+        	  "Ebs" : { "VolumeSize" : "50" }
+         	}
+      	],
+        "NetworkInterfaces": [
+          {
+            "GroupSet": [
+              {
+                "Ref": "DemoSecurityGroup"
+              }
+            ],
+            "AssociatePublicIpAddress": "true",
+            "PrivateIpAddress": "172.31.54.10",
+            "DeviceIndex": "0",
+            "DeleteOnTermination": "true",
+            "SubnetId": {
+              "Ref": "SubnetAutomate"
+            }
+          }
+        ],
+        "KeyName": { "Ref": "KeyName" },
+        "UserData": { "Fn::Base64" : { "Fn::Join" : ["", [
+             "#!/bin/bash -xe\n",
+             "hostnamectl set-hostname chef\n",
+             "chef-server-ctl reconfigure\n"]]}
+        },
+        "ImageId": {
+              "Ref": "ChefServerAMI"
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": {
+              "Fn::Join" : [ " ", [ { "Ref": "DemoName" }, "Chef Server" ] ]
+            }
+          }
+        ]
+      }
+    },
+    "Automate": {
+      "Type": "AWS::EC2::Instance",
+      "Properties": {
+        "InstanceType": "c3.xlarge",
+        "AvailabilityZone": { "Ref": "AvailabilityZone" },
+      	"BlockDeviceMappings" : [
+         	{
+            	  "DeviceName" : "/dev/sda1",
+            	  "Ebs" : { "VolumeSize" : "50" }
+         	}
+      	] ,
+        "NetworkInterfaces": [
+          {
+            "GroupSet": [
+              {
+                "Ref": "DemoSecurityGroup"
+              }
+            ],
+            "AssociatePublicIpAddress": "true",
+            "PrivateIpAddress": "172.31.54.11",
+            "DeviceIndex": "0",
+            "DeleteOnTermination": "true",
+            "SubnetId": {
+              "Ref": "SubnetAutomate"
+            }
+          }
+        ],
+        "KeyName": { "Ref": "KeyName" },
+        "UserData": { "Fn::Base64" : { "Fn::Join" : ["", [
+             "#!/bin/bash -xe\n",
+             "hostnamectl set-hostname automate\n",
+             "delivery-ctl reconfigure\n"]]}
+        },
+        "ImageId": {
+              "Ref": "AutomateAMI"
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": {
+              "Fn::Join" : [ " ", [ { "Ref": "DemoName" }, "Automate Server" ] ]
+            }
+          }
+        ]
+      }
+    },
+    "Compliance": {
+      "Type": "AWS::EC2::Instance",
+      "Properties": {
+        "InstanceType": "c3.large",
+        "AvailabilityZone": { "Ref": "AvailabilityZone" },
+        "BlockDeviceMappings" : [
+          {
+                "DeviceName" : "/dev/sda1",
+                "Ebs" : { "VolumeSize" : "8" }
+          }
+        ] ,
+        "NetworkInterfaces": [
+          {
+            "GroupSet": [
+              {
+                "Ref": "DemoSecurityGroup"
+              }
+            ],
+            "AssociatePublicIpAddress": "true",
+            "PrivateIpAddress": "172.31.54.12",
+            "DeviceIndex": "0",
+            "DeleteOnTermination": "true",
+            "SubnetId": {
+              "Ref": "SubnetAutomate"
+            }
+          }
+        ],
+        "KeyName": { "Ref": "KeyName" },
+        "UserData": { "Fn::Base64" : { "Fn::Join" : ["", [
+             "#!/bin/bash -xe\n",
+             "hostnamectl set-hostname compliance\n",
+             "chef-compliance-ctl reconfigure\n"]]}
+        },
+        "ImageId": {
+              "Ref": "ComplianceAMI"
+        },
+        "Tags": [
+          {
+            "Key": "Name",
+            "Value": {
+              "Fn::Join" : [ " ", [ { "Ref": "DemoName" }, "Compliance Server" ] ]
+            }
+          }
+        ]
+      }
+    },
+    "DemoSecurityGroup": {
+      "Type": "AWS::EC2::SecurityGroup",
+      "Properties": {
+        "VpcId": {
+          "Ref": "VPC"
+        },
+        "GroupDescription": "Enable required ports for Chef Server",
+        "SecurityGroupIngress": [
+          {
+            "IpProtocol": "tcp",
+            "FromPort": "22",
+            "ToPort": "22",
+            "CidrIp": {
+              "Ref": "SSHLocation"
+            }
+          },
+          {
+            "IpProtocol": "tcp",
+            "FromPort": "0",
+            "ToPort": "65535",
+            "CidrIp": "172.31.0.0/16"
+          },
+          {
+            "IpProtocol": "tcp",
+            "FromPort": "3389",
+            "ToPort": "3389",
+            "CidrIp": "0.0.0.0/0"
+          },
+          {
+            "IpProtocol": "tcp",
+            "FromPort": "443",
+            "ToPort": "443",
+            "CidrIp": "0.0.0.0/0"
+          },
+          {
+            "IpProtocol": "icmp",
+            "FromPort": "8",
+            "ToPort": "-1",
+            "CidrIp": "0.0.0.0/0"
+          },
+          {
+            "IpProtocol": "udp",
+            "FromPort": "3389",
+            "ToPort": "3389",
+            "CidrIp": "0.0.0.0/0"
+          }
+        ]
+      }
+    }
+  },
+  "Outputs": {
+<% 1.upto(@workstations) do |i| -%>
+    "WindowsWorkstation<%= i.to_s %>PubDNS": {
+      "Description": "Public IP address of the Windows Workstation",
+      "Value": {
+        "Fn::GetAtt": [
+          "WindowsWorkstation<%= i.to_s %>",
+          "PublicIp"
+          ]
+      }
+    }
+<% end -%>
+  }
+}

data/terraform/README.md ADDED Viewed

@@ -0,0 +1,13 @@
+# Terraform
+ - `wombat.tf` is a Terraform configuration for the wombat
+## Using Terraform
+1. Install Terraform https://www.terraform.io/downloads.html
+2. configure AWS keys for Terraform
+  - either with env vars `TF_VAR_access_key TF_VAR_secret_key` or a terraform.tfvars file
+  - https://gist.github.com/scarolan/60ae8a2d5f2a8fdb5c55
+3. `terraform plan` to see what resources would be built
+4. `terraform apply` to build (or update) resources
+5. `terraform output` to display outputs (in our case public IPs)
+6. `terraform destroy` to destroy resources

data/terraform/templates/terraform.tfvars.erb ADDED Viewed

@@ -0,0 +1,12 @@
+# We have to define these, but we leave them blank so that Terraform
+# knows to read them from environment vars or ~/.aws/credentials
+access_key = ""
+secret_key = ""
+key_name = ""
+customer = "wombat"
+# Default AMIs for building the demo
+ami-chef-server = "<%= @chef_server_ami %>"
+ami-automate = "<%= @automate_ami %>"
+ami-build-node = "<%= @automate_builder_ami %>"
+ami-workstation = "<%= @workstation_ami %>"