Created
November 12, 2014 12:30
-
-
Save fernandohonig/5feb21d96a9cac0e9150 to your computer and use it in GitHub Desktop.
Heat Template to deploy a full ELK stack
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
heat_template_version: 2013-05-23 | |
description: | | |
ELK stack Unlocked 18th November 2014 | |
# START OUTPUT SECTION ########################################### | |
outputs: | |
load_balancer_ip: | |
value: { get_attr: [kibana_loadbalancer, PublicIp] } | |
description: Kibana Load Balancer public IP | |
private_key: | |
value: { get_attr: [ssh_key, private_key] } | |
description: "SSH Private Key" | |
web_increment_url: | |
description: POST to this URL to add capacity to Kibana | |
value: {get_attr: [kibana_as_group_inc_policy_01_inc_webhook_01, capabilityUrl]} | |
web_decrement_url: | |
description: POST to this URL to remove capacity from Kibana | |
value: {get_attr: [kibana_as_group_dec_policy_01_dec_webhook_01, capabilityUrl]} | |
# END OUTPUT SECTION ############################################# | |
# START PARAMS SECTION ########################################### | |
parameter_groups: | |
- label: Kibana load balancer parameters | |
parameters: | |
- kibana_loadbalancer_name | |
- label: Kibana servers parameters | |
parameters: | |
- kibana_hostname | |
- kibana_image | |
- kibana_flavor | |
- label: Chef parameters | |
parameters: | |
- chef_server_url | |
- chef_version | |
- encrypted_data_bag_secret | |
- environment | |
- organization | |
- role | |
- validation_key | |
parameters: | |
# Kibana load balancer Parameters # | |
kibana_loadbalancer_name: | |
label: Kibana load balancer name | |
description: Cloud Load Balancer's name (listening on port 443) | |
type: string | |
default: kibana | |
constraints: | |
- length: | |
min: 1 | |
max: 64 | |
- allowed_pattern: "^[a-zA-Z][a-zA-Z0-9-]*$" | |
description: | | |
Must begin with a letter and contain only alphanumeric characters. | |
# Server Parameters # | |
kibana_hostname: | |
label: Kibana servers name | |
description: Kibana servers name | |
type: string | |
default: elkstack | |
constraints: | |
- length: | |
min: 1 | |
max: 64 | |
- allowed_pattern: "^[a-zA-Z][a-zA-Z0-9-]*$" | |
description: | | |
Must begin with a letter and contain only alphanumeric characters. | |
kibana_image: | |
label: Operating system | |
description: | | |
Optional: Server image used for the server created | |
as a part of this deployment. | |
type: string | |
default: 598a4282-f14b-4e50-af4c-b3e52749d9f9 | |
constraints: | |
- allowed_values: | |
- 70d38a32-5f63-45df-a0e7-7e06fc89370a # CentOS 6.5 | |
- 7e746552-2212-41d7-b216-a1024b83b0c4 # CentOS 6.5 (PVHVM) | |
- bfa5783c-e40e-4668-adc1-feb0ae3d7a46 # CentOS 7 (PVHVM) | |
- 7c0fe28a-6e29-4049-83bf-b8ac57608736 # Debian 6 (Squeeze) | |
- b279d8e6-1cbd-4e7c-875a-f6dbffc4c4a0 # Debian 7 (Wheezy) (PVHVM) | |
- e3015c6f-0103-4bb0-a6ca-59d619f9b645 # Red Hat Enterprise Linux 5.11 | |
- 8a10a510-ec4c-43db-8b87-6a58438b3f19 # Red Hat Enterprise Linux 6.5 | |
- ceb5d3d9-5879-4b30-a3d6-9175127d94ac # Red Hat Enterprise Linux 6.5 (PVHVM) | |
- cca73d10-8953-4949-a2f2-1e5444a4130d # Ubuntu 12.04 LTS (Precise Pangolin) | |
- a3da5530-71c6-4405-b64f-fd2da99d303c # Ubuntu 12.04 LTS (Precise Pangolin) (PVHVM) | |
- a3ba4cf5-70b9-4805-afa2-30d1ab81a625 # Ubuntu 14.04 LTS (Trusty Tahr) | |
- 598a4282-f14b-4e50-af4c-b3e52749d9f9 # Ubuntu 14.04 LTS (Trusty Tahr) (PVHVM) | |
description: Must be a supported operating system. | |
kibana_flavor: | |
label: Kibana Server Size | |
description: | | |
Optional: Rackspace Cloud Server flavor to use. The size is based on the | |
amount of RAM for the provisioned server. | |
type: string | |
default: performance1-1 | |
constraints: | |
- allowed_values: | |
- general1-1 | |
- general1-2 | |
- general1-4 | |
- general1-8 | |
- io1-120 | |
- io1-15 | |
- io1-30 | |
- io1-60 | |
- io1-90 | |
- performance1-1 | |
- performance1-2 | |
- performance1-4 | |
- performance1-8 | |
- performance2-120 | |
- performance2-15 | |
- performance2-30 | |
- performance2-60 | |
- performance2-90 | |
description: | | |
Must be a valid Rackspace Cloud Server flavor for the region you have | |
selected to deploy into. | |
# Chef Parameters # | |
chef_server_url: | |
label: Chef Server URL | |
description: | | |
Optional: Chef Server URL. Defaults to None, but the BASH script will | |
infer the Managed Chef URL from the organization | |
type: string | |
default: '' | |
chef_version: | |
label: version | |
description: | | |
Optional: Version of Chef Client to use | |
type: string | |
default: latest | |
encrypted_data_bag_secret: | |
label: encrypted_data_bag_secret | |
description: | | |
Required: Encrypted Data Bag Secret | |
type: string | |
default: '' | |
environment: | |
label: Environment | |
description: | | |
Required: Chef environment | |
type: string | |
default: '' | |
organization: | |
label: Organization | |
description: | | |
Required: Chef organization | |
type: string | |
default: '' | |
role: | |
label: Role | |
description: | | |
Optional: Chef Role. Will default to "production" | |
type: string | |
default: '' | |
validation_key: | |
label: Chef Validation Key | |
description: | | |
Required: chef-client will attempt to use the private key assigned to the | |
chef-validator, located in /etc/chef/validation.pem. If, for any reason, | |
the chef-validator is unable to make an authenticated request to the | |
Chef server, the initial chef-client run will fail. | |
type: string | |
default: '' | |
# END PARAMS SECTION ########################################### | |
# START RESOURCES SECTION ###################################### | |
resources: | |
ssh_key: | |
type: "OS::Nova::KeyPair" | |
properties: | |
name: { get_param: "OS::stack_id" } | |
save_private_key: true | |
# Kibana Load Balancer | |
kibana_loadbalancer: | |
type: Rackspace::Cloud::LoadBalancer | |
properties: | |
name: { get_param: kibana_loadbalancer_name } | |
metadata: | |
rax-heat: { get_param: "OS::stack_id" } | |
nodes: [] | |
protocol: HTTPS | |
port: 443 | |
virtualIps: | |
- {"type": "PUBLIC", "ipVersion": "IPV4"} | |
# Kibana Web Servers # | |
kibana_as_group: | |
type: Rackspace::AutoScale::Group | |
properties: | |
groupConfiguration: | |
name: kibana_as_group | |
cooldown: 10 | |
minEntities: 2 | |
maxEntities: 10 | |
launchConfiguration: | |
type: launch_server | |
args: | |
server: | |
name: { get_param: kibana_hostname } | |
imageRef: { get_param: kibana_image } | |
flavorRef: { get_param: kibana_flavor } | |
key_name: { get_resource: ssh_key } | |
config_drive: true | |
metadata: | |
hotness_factor: "100" | |
rax-heat: { get_param: "OS::stack_id" } | |
networks: | |
- uuid: "00000000-0000-0000-0000-000000000000" | |
- uuid: "11111111-1111-1111-1111-111111111111" | |
user_data: | |
str_replace: | |
template: | | |
#!/bin/bash | |
# Exit script if any command fails | |
set -e | |
set -o pipefail | |
LOGFILE="/var/log/cloud-init-chef-bootstrap.setup.$$" | |
# Initial timestamp and debug information | |
date > $LOGFILE | |
echo 'Starting cloud-init bootstrap' >> $LOGFILE | |
# Infer the Chef Server's URL if none was passed | |
CHEFSERVERURL='%chef_server_url%' | |
if [ -n $CHEFSERVERURL ]; then | |
echo 'chef_server_url parameter: not passed' >> $LOGFILE | |
CHEFSERVERURL='https://api.opscode.com/organizations/%organization%' | |
else | |
echo "chef_server_url parameter: $CHEFSERVERURL" >> $LOGFILE | |
CHEFSERVERURL='%chef_server_url%' | |
fi | |
echo 'chef_version parameter: %chef_version%' >> $LOGFILE | |
echo 'organization parameter: %organization%' >> $LOGFILE | |
echo 'role parameter: %role%' >> $LOGFILE | |
# Store the validation key in /etc/chef/validator.pem | |
echo 'Storing validation key in /etc/chef/validator.pem' >> $LOGFILE | |
mkdir /etc/chef /var/log/chef &>/dev/null | |
echo -e '%validation_key%' >/etc/chef/validator.pem | |
# Cook a minimal client.rb for getting the chef-client registered | |
echo 'Creating a minimal /etc/chef/client.rb' >> $LOGFILE | |
cat >/etc/chef/client.rb <<EOF | |
log_level :info | |
log_location STDOUT | |
chef_server_url "$CHEFSERVERURL" | |
validation_key "/etc/chef/validator.pem" | |
validation_client_name "%organization%-validator" | |
EOF | |
# Cook the first boot file | |
echo "Creating a minimal /etc/chef/first-boot.json" >> $LOGFILE | |
touch /etc/chef/first-boot.json | |
cat >/etc/chef/first-boot.json <<EOF | |
{"environment": "%environment%","run_list":["role[%role%]"]} | |
EOF | |
# Create the encrypted data bag file | |
echo 'Creating an encrypted data bag file in /etc/chef/encrypted_data_bag_secret' >> $LOGFILE | |
echo -e '%encrypted_data_bag_secret%' > /etc/chef/encrypted_data_bag_secret | |
# Install chef-client through omnibus (if not already available) | |
# Adjust to install the latest vs. a particular version | |
# TODO: if ! (hash 'chef-client' 2>/dev/null); then | |
#if [ ! -x /usr/bin/chef-client ]; then | |
echo 'Installing Chef using Omnibus installer' >> $LOGFILE | |
# Try "curl" first | |
# TODO: if hash 'curl' 2>/dev/null; then | |
if [ -x /usr/bin/curl ]; then | |
curl -L https://www.opscode.com/chef/install.sh | bash -s -- -v %chef_version% &>$LOGFILE | |
# Otherwise try "wget" | |
# TODO: elif hash 'wget' 2>/dev/null; then | |
elif [ -x /usr/bin/wget ]; then | |
wget -qO- https://www.opscode.com/chef/install.sh | bash -s -- -v %chef_version% &>$LOGFILE | |
else | |
echo 'Neither curl or wget are available' >> $LOGFILE | |
fi | |
# Kick off the first chef run | |
# TODO: if hash 'chef-client' 2>/dev/null; then | |
if [ -x /usr/bin/chef-client ]; then | |
echo 'Executing the first chef-client run' >> $LOGFILE | |
chef-client -j /etc/chef/first-boot.json | |
else | |
echo 'Failed to install Chef using Omnibus installer' >> $LOGFILE | |
fi | |
# Script complete. Log final timestamp | |
date >> $LOGFILE | |
params: | |
"%chef_server_url%": { get_param: chef_server_url} | |
"%chef_version%": { get_param: chef_version} | |
"%encrypted_data_bag_secret%": { get_param: encrypted_data_bag_secret} | |
"%environment%": { get_param: environment} | |
"%organization%": { get_param: organization} | |
"%role%": { get_param: role} | |
"%validation_key%": { get_param: validation_key } | |
loadBalancers: | |
- | |
loadBalancerId: { get_resource: kibana_loadbalancer } | |
port: 443 | |
kibana_as_group_inc_policy_01: | |
type: Rackspace::AutoScale::ScalingPolicy | |
properties: | |
group: { get_resource: kibana_as_group } | |
name: "Add capacity to Kibana" | |
change: 1 | |
cooldown: 59 | |
type: webhook | |
kibana_as_group_dec_policy_01: | |
type: Rackspace::AutoScale::ScalingPolicy | |
properties: | |
group: {get_resource: kibana_as_group } | |
name: "Remove capacity from Kibana" | |
change: -1 | |
cooldown: 59 | |
type: webhook | |
kibana_as_group_inc_policy_01_inc_webhook_01: | |
type: Rackspace::AutoScale::WebHook | |
properties: | |
policy: { get_resource: kibana_as_group_inc_policy_01 } | |
name: "Add capacity to Kibana - Webhook" | |
metadata: | |
is_cool: "true" | |
rax-heat: { get_param: "OS::stack_id" } | |
kibana_as_group_dec_policy_01_dec_webhook_01: | |
type: Rackspace::AutoScale::WebHook | |
properties: | |
policy: { get_resource: kibana_as_group_dec_policy_01 } | |
name: "Remove capacity from Kibana - Webhook" | |
metadata: | |
is_cool: "false" | |
rax-heat: { get_param: "OS::stack_id" } | |
# END RESOURCES SECTION ######################################## |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment