-
Notifications
You must be signed in to change notification settings - Fork 4
Expand file tree
/
Copy pathprovision-ec2-controller.sh
More file actions
executable file
·130 lines (114 loc) · 3.33 KB
/
provision-ec2-controller.sh
File metadata and controls
executable file
·130 lines (114 loc) · 3.33 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
#!/usr/bin/env bash
if [ -z $1 ]; then
echo usage: $0 [region]
exit 1
fi
# check for Deis' general dependencies
thisdir=`dirname $0`
if ! $thisdir/check-deis-deps.sh; then
echo 'Deis is missing some dependencies.'
exit 1
fi
# check for EC2 API tools in $PATH
if ! which ec2-describe-group > /dev/null; then
echo 'Please install the EC2 API command-line tools and ensure they are in your $PATH.'
exit 1
fi
# check for AWS environment variables
: ${AWS_ACCESS_KEY:?'Please set AWS_ACCESS_KEY in your environment for EC2 API access.'}
: ${AWS_SECRET_KEY:?'Please set AWS_SECRET_KEY in your environment for EC2 API access.'}
region=$1
# see contrib/prepare-ubuntu-ami.sh for instructions
# on creating your own deis-optmized AMIs
if [ "$region" == "ap-northeast-1" ]; then
image=ami-6da8356c
elif [ "$region" == "ap-southeast-1" ]; then
image=ami-a66f24f4
elif [ "$region" == "ap-southeast-2" ]; then
image=ami-d5f66bef
elif [ "$region" == "eu-west-1" ]; then
image=ami-acbf5adb
elif [ "$region" == "sa-east-1" ]; then
image=ami-f9fd5ae4
elif [ "$region" == "us-east-1" ]; then
image=ami-69f3bc00
elif [ "$region" == "us-west-1" ]; then
image=ami-f0695cb5
elif [ "$region" == "us-west-2" ]; then
image=ami-ea1e82da
else
echo "Cannot find AMI for region: $region"
exit 1
fi
# ec2 settings
flavor="m1.large"
ebs_size=100
sg_name=deis-controller
sg_src=0.0.0.0/0
key_name=deis-controller
export EC2_URL=https://ec2.$region.amazonaws.com/
# ssh settings
ssh_key_path=~/.ssh/$key_name
ssh_user="ubuntu"
# chef settings
node_name="deis-controller"
run_list="recipe[deis::controller]"
chef_version=11.4.4
function echo_color {
echo -e "\033[1m$1\033[0m"
}
# create security group and authorize ingress
if ! ec2-describe-group | grep -q "$sg_name"; then
echo_color "Creating security group: $sg_name"
set -x
ec2-create-group $sg_name -d "Created by Deis"
set +x
echo_color "Authorizing TCP ports 22,80,443,514 from $sg_src..."
set -x
ec2-authorize deis-controller -P tcp -p 22 -s $sg_src >/dev/null
ec2-authorize deis-controller -P tcp -p 80 -s $sg_src >/dev/null
ec2-authorize deis-controller -P tcp -p 443 -s $sg_src >/dev/null
ec2-authorize deis-controller -P tcp -p 514 -s $sg_src >/dev/null
set +x
else
echo_color "Security group $sg_name exists"
fi
# create ssh keypair and store it
if ! test -e $ssh_key_path; then
echo_color "Creating new SSH key: $key_name"
set -x
ec2-create-keypair $key_name > $ssh_key_path
chmod 600 $ssh_key_path
set +x
echo "Saved to $ssh_key_path"
else
echo_color "SSH key $ssh_key_path exists"
fi
# create data bags
knife data bag create deis-build 2>/dev/null
knife data bag create deis-formations 2>/dev/null
# create data bag item using a temp file
tempfile=$(mktemp -t tmp.deisXXXXXXXXXX)
mv $tempfile $tempfile.json
cat > $tempfile.json <<EOF
{ "id": "gitosis", "ssh_keys": {}, "formations": {} }
EOF
knife data bag from file deis-build $tempfile.json
rm -f $tempfile.json
# trigger ec2 instance bootstrap
echo_color "Provisioning $node_name with knife ec2..."
set -x
knife ec2 server create \
--bootstrap-version $chef_version \
--region $region \
--image $image \
--flavor $flavor \
--groups $sg_name \
--tags Name=$node_name \
--ssh-key $key_name \
--ssh-user $ssh_user \
--identity-file $ssh_key_path \
--node-name $node_name \
--ebs-size $ebs_size \
--run-list $run_list
set +x