Skip to content

C
configuration
Commit 095349fb by Fred Smith
Options

Merge pull request #1984 from edx/derf/cleanup 

Clean up some things
parents 6203c0dc a79355f6
Showing with 0 additions and 3897 deletions
cloud_migrations/vpc-migrate-analytics_api.yml deleted 100644 → 0
#
# Overview:
# This play needs to be run per environment-deployment and you will need to
# provide the boto environment and vpc_id as arguments
#
# ansible-playbook -i 'localhost,' ./vpc-migrate-analytics_api-edge-stage.yml \
# -e 'profile=edge vpc_id=vpc-416f9b24'
#
# Caveats
#
# - This requires ansible 1.6
# - Required the following branch of Ansible /e0d/add-instance-profile from
# https://github.com/e0d/ansible.git
# - This play isn't full idempotent because of and ec2 module update issue
# with ASGs. This can be worked around by deleting the ASG and re-running
# the play
# - The instance_profile_name will need to be created in advance as there
# isn't a way to do so from ansible.
#
# Prequisities:
# Create a iam ec2 role
#
- name: Add resources for the Analytics API
hosts: localhost
connection: local
gather_facts: False
tasks:
# Fail intermittantly with the following error:
# The specified rule does not exist in this security group
- name: Create instance security group
ec2_group:
profile: "{{ profile }}"
description: "Open up SSH access"
name: "{{ security_group }}"
vpc_id: "{{ vpc_id }}"
region: "{{ ec2_region }}"
rules:
- proto: tcp
from_port: "{{ sec_group_ingress_from_port }}"
to_port: "{{ sec_group_ingress_to_port }}"
cidr_ip: "{{ item }}"
with_items: sec_group_ingress_cidrs
register: created_sec_group
ignore_errors: True
- name: debug
debug:
msg: "Registered created_sec_group: {{ created_sec_group }}"
# Needs ansible 1.7 for vpc support of elbs
# - name: Create elb security group
# ec2_group:
# profile: "{{ profile }}"
# description: "ELB security group"
# name: "ELB-{{ security_group }}"
# vpc_id: "{{ vpc_id }}"
# region: "{{ ec2_region }}"
# rules:
# - proto: tcp
# from_port: "443"
# to_port: "443"
# cidr_ip: "0.0.0.0/0"
# register: created_elb_sec_group
# ignore_errors: True
# Needs 1.7 for VPC support
# - name: "Create ELB"
# ec2_elb_lb:
# profile: "{{ profile }}"
# region: "{{ ec2_region }}"
# zones:
# - us-east-1b
# - us-east-1c
# name: "{{ edp }}"
# state: present
# security_group_ids: "{{ created_elb_sec_group.group_id }}"
# listeners:
# - protocol: https
# load_balancer_port: 443
# instance_protocol: http # optional, defaults to value of protocol setting
# instance_port: 80
# # ssl certificate required for https or ssl
# ssl_certificate_id: "{{ ssl_cert }}"
# instance_profile_name was added by me in my fork
- name: Create the launch configuration
ec2_lc:
profile: "{{ profile }}"
region: "{{ ec2_region }}"
name: "{{ lc_name }}"
image_id: "{{ lc_ami }}"
key_name: "{{ key_name }}"
security_groups: "{{ created_sec_group.results[0].group_id }}"
instance_type: "{{ instance_type }}"
instance_profile_name: "{{ instance_profile_name }}"
volumes:
- device_name: "/dev/sda1"
volume_size: "{{ instance_volume_size }}"
- name: Create ASG
ec2_asg:
profile: "{{ profile }}"
region: "{{ ec2_region }}"
name: "{{ asg_name }}"
launch_config_name: "{{ lc_name }}"
load_balancers: "{{ elb_name }}"
availability_zones:
- us-east-1b
- us-east-1c
min_size: 0
max_size: 2
desired_capacity: 1
vpc_zone_identifier: "{{ subnets|join(',') }}"
instance_tags:
Name: "{{ env }}-{{ deployment }}-{{ play }}"
autostack: "true"
environment: "{{ env }}"
deployment: "{{ deployment }}"
play: "{{ play }}"
services: "{{ play }}"
register: asg
- name: debug
debug:
msg: "DEBUG: {{ asg }}"
- name: Create scale up policy
ec2_scaling_policy:
state: present
profile: "{{ profile }}"
region: "{{ ec2_region }}"
name: "{{ edp }}-ScaleUpPolicy"
adjustment_type: "ChangeInCapacity"
asg_name: "{{ asg_name }}"
scaling_adjustment: 1
min_adjustment_step: 1
cooldown: 60
register: scale_up_policy
- name: debug
debug:
msg: "Registered scale_up_policy: {{ scale_up_policy }}"
- name: Create scale down policy
ec2_scaling_policy:
state: present
profile: "{{ profile }}"
region: "{{ ec2_region }}"
name: "{{ edp }}-ScaleDownPolicy"
adjustment_type: "ChangeInCapacity"
asg_name: "{{ asg_name }}"
scaling_adjustment: -1
min_adjustment_step: 1
cooldown: 60
register: scale_down_policy
- name: debug
debug:
msg: "Registered scale_down_policy: {{ scale_down_policy }}"
#
# Sometimes the scaling policy reports itself changed, but
# does not return data about the policy. It's bad enough
# that consistent data isn't returned when things
# have and have not changed; this make writing idempotent
# tasks difficult.
- name: create high-cpu alarm
ec2_metric_alarm:
state: present
region: "{{ ec2_region }}"
name: "cpu-high"
metric: "CPUUtilization"
namespace: "AWS/EC2"
statistic: Average
comparison: ">="
threshold: 90.0
period: 300
evaluation_periods: 2
unit: "Percent"
description: "Scale-up if CPU > 90% for 10 minutes"
dimensions: {"AutoScalingGroupName":"{{ asg_name }}"}
alarm_actions: ["{{ scale_up_policy.arn }}"]
when: scale_up_policy.arn is defined
- name: create low-cpu alarm
ec2_metric_alarm:
state: present
region: "{{ ec2_region }}"
name: "cpu-low"
metric: "CPUUtilization"
namespace: "AWS/EC2"
statistic: Average
comparison: "<="
threshold: 50.0
period: 300
evaluation_periods: 2
unit: "Percent"
description: "Scale-down if CPU < 50% for 10 minutes"
dimensions: {"AutoScalingGroupName":"{{ asg_name }}"}
alarm_actions: ["{{ scale_down_policy.arn }}"]
when: scale_down_policy.arn is defined
\ No newline at end of file
cloud_migrations/vpc-migrate-xqwatcher.yml deleted 100644 → 0
#
# Overview:
# This play needs to be run per environment-deployment and you will need to
# provide the boto environment and vpc_id as arguments
#
# ansible-playbook -i 'localhost,' ./vpc-migrate-xqwatcher-edge-stage.yml \
# -e 'profile=edge vpc_id=vpc-416f9b24'
#
# Caveats
#
# - This requires ansible 1.6
# - Required the following branch of Ansible /e0d/add-instance-profile from
# https://github.com/e0d/ansible.git
# - This play isn't full idempotent because of and ec2 module update issue
# with ASGs. This can be worked around by deleting the ASG and re-running
# the play
# - The instance_profile_name will need to be created in advance as there
# isn't a way to do so from ansible.
#
# Prequisities:
# Create a iam ec2 role
#
- name: Add resources for the XQWatcher
hosts: localhost
connection: local
gather_facts: False
tasks:
# ignore_error is used here because this module is not idempotent
# If tags already exist, the task will fail with the following message
# Tags already exists in subnet
- name: Update subnet tags
ec2_tag:
resource: "{{ item }}"
region: "{{ ec2_region }}"
state: present
tags:
Name: "{{ edp }}-subnet"
play: xqwatcher
immutable_metadata: "{'purpose':'{{ environment }}-{{ deployment }}-internal-{{ play }}','target':'ec2'}"
with_items: subnets
ignore_errors: True
# Fail intermittantly with the following error:
# The specified rule does not exist in this security group
- name: Create security group
ec2_group:
profile: "{{ profile }}"
description: "Open up SSH access"
name: "{{ security_group }}"
vpc_id: "{{ vpc_id }}"
region: "{{ ec2_region }}"
rules:
- proto: tcp
from_port: "{{ sec_group_ingress_from_port }}"
to_port: "{{ sec_group_ingress_to_port }}"
cidr_ip: "{{ item }}"
with_items: sec_group_ingress_cidrs
register: created_sec_group
ignore_errors: True
- name: debug
debug:
msg: "Registered created_sec_group: {{ created_sec_group }}"
# instance_profile_name was added by me in my fork
- name: Create the launch configuration
ec2_lc:
profile: "{{ profile }}"
region: "{{ ec2_region }}"
name: "{{ lc_name }}"
image_id: "{{ lc_ami }}"
key_name: "{{ key_name }}"
security_groups: "{{ created_sec_group.results[0].group_id }}"
instance_type: "{{ instance_type }}"
instance_profile_name: "{{ instance_profile_name }}"
volumes:
- device_name: "/dev/sda1"
volume_size: "{{ instance_volume_size }}"
- name: Create ASG
ec2_asg:
profile: "{{ profile }}"
region: "{{ ec2_region }}"
name: "{{ asg_name }}"
launch_config_name: "{{ lc_name }}"
min_size: 0
max_size: 0
desired_capacity: 0
vpc_zone_identifier: "{{ subnets|join(',') }}"
instance_tags:
Name: "{{ env }}-{{ deployment }}-{{ play }}"
autostack: "true"
environment: "{{ env }}"
deployment: "{{ deployment }}"
play: "{{ play }}"
services: "{{ play }}"
register: asg
- name: debug
debug:
msg: "DEBUG: {{ asg }}"
- name: Create scale up policy
ec2_scaling_policy:
state: present
profile: "{{ profile }}"
region: "{{ ec2_region }}"
name: "{{ edp }}-ScaleUpPolicy"
adjustment_type: "ChangeInCapacity"
asg_name: "{{ asg_name }}"
scaling_adjustment: 1
min_adjustment_step: 1
cooldown: 60
register: scale_up_policy
tags:
- foo
- name: debug
debug:
msg: "Registered scale_up_policy: {{ scale_up_policy }}"
- name: Create scale down policy
ec2_scaling_policy:
state: present
profile: "{{ profile }}"
region: "{{ ec2_region }}"
name: "{{ edp }}-ScaleDownPolicy"
adjustment_type: "ChangeInCapacity"
asg_name: "{{ asg_name }}"
scaling_adjustment: -1
min_adjustment_step: 1
cooldown: 60
register: scale_down_policy
- name: debug
debug:
msg: "Registered scale_down_policy: {{ scale_down_policy }}"
#
# Sometimes the scaling policy reports itself changed, but
# does not return data about the policy. It's bad enough
# that consistent data isn't returned when things
# have and have not changed; this make writing idempotent
# tasks difficult.
- name: create high-cpu alarm
ec2_metric_alarm:
state: present
region: "{{ ec2_region }}"
name: "cpu-high"
metric: "CPUUtilization"
namespace: "AWS/EC2"
statistic: Average
comparison: ">="
threshold: 90.0
period: 300
evaluation_periods: 2
unit: "Percent"
description: "Scale-up if CPU > 90% for 10 minutes"
dimensions: {"AutoScalingGroupName":"{{ asg_name }}"}
alarm_actions: ["{{ scale_up_policy.arn }}"]
when: scale_up_policy.arn is defined
- name: create low-cpu alarm
ec2_metric_alarm:
state: present
region: "{{ ec2_region }}"
name: "cpu-low"
metric: "CPUUtilization"
namespace: "AWS/EC2"
statistic: Average
comparison: "<="
threshold: 50.0
period: 300
evaluation_periods: 2
unit: "Percent"
description: "Scale-down if CPU < 50% for 10 minutes"
dimensions: {"AutoScalingGroupName":"{{ asg_name }}"}
alarm_actions: ["{{ scale_down_policy.arn }}"]
when: scale_down_policy.arn is defined
\ No newline at end of file
cloudformation_templates/edx-admin-reference-architecture.json deleted 100644 → 0
{
"AWSTemplateFormatVersion":"2010-09-09",
"Description":"Bring up a VPC for operations.",
"Parameters":{
"DeploymentTag":{
"Type":"String",
"Description":"A tag value applied to the hosts in the VPC indicating which deployment this is, e.g., edx, edge, <university>, <org>"
},
"KeyName":{
"Type":"String",
"Description":"Name of an existing EC2 KeyPair to enable SSH access to the web server",
"Default":"deployment"
},
"AdminInstanceType":{
"Description":"WebServer EC2 instance type",
"Type":"String",
"Default":"m1.large",
"AllowedValues":[
"t1.micro",
"m1.small",
"m1.medium",
"m1.large",
"m1.xlarge",
"m2.xlarge",
"m2.2xlarge",
"m2.4xlarge",
"cr1.8xlarge",
"cc2.8xlarge",
"c1.medium",
"c1.xlarge",
"m3.medium",
"m3.large",
"m3.xlarge",
"m3.2xlarge",
"c3.large",
"c3.xlarge",
"c3.2xlarge",
"c3.4xlarge",
"c3.8xlarge",
"r3.large",
"r3.xlarge",
"r3.2xlarge",
"r3.4xlarge",
"r3.8xlarge"
],
"ConstraintDescription":"must be a valid EC2 instance type."
},
"SSHLocation":{
"Description":"The IP address range that can be used to SSH to the EC2 instances",
"Type":"String",
"MinLength":"9",
"MaxLength":"18",
"Default":"0.0.0.0/0",
"AllowedPattern":"(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})",
"ConstraintDescription":"must be a valid IP CIDR range of the form x.x.x.x/x."
},
"BastionInstanceType":{
"Description":"Bastion Host EC2 instance type",
"Type":"String",
"Default":"t1.micro",
"AllowedValues":[
"t1.micro",
"m1.small",
"m1.medium",
"m1.large",
"m1.xlarge",
"m2.xlarge",
"m2.2xlarge",
"m2.4xlarge",
"cr1.8xlarge",
"cc2.8xlarge",
"c1.medium",
"c1.xlarge",
"m3.medium",
"m3.large",
"m3.xlarge",
"m3.2xlarge",
"c3.large",
"c3.xlarge",
"c3.2xlarge",
"c3.4xlarge",
"c3.8xlarge",
"r3.large",
"r3.xlarge",
"r3.2xlarge",
"r3.4xlarge",
"r3.8xlarge"
],
"ConstraintDescription":"must be a valid EC2 instance type."
},
"NATInstanceType":{
"Description":"NAT Device EC2 instance type",
"Type":"String",
"Default":"t1.micro",
"AllowedValues":[
"t1.micro",
"m1.small",
"m1.medium",
"m1.large",
"m1.xlarge",
"m2.xlarge",
"m2.2xlarge",
"m2.4xlarge",
"cr1.8xlarge",
"cc2.8xlarge",
"c1.medium",
"c1.xlarge",
"m3.medium",
"m3.large",
"m3.xlarge",
"m3.2xlarge",
"c3.large",
"c3.xlarge",
"c3.2xlarge",
"c3.4xlarge",
"c3.8xlarge",
"r3.large",
"r3.xlarge",
"r3.2xlarge",
"r3.4xlarge",
"r3.8xlarge"
],
"ConstraintDescription":"must be a valid EC2 instance type."
},
"JenkinsServerPort":{
"Description":"The TCP port for the Jenkins server",
"Type":"Number",
"Default":"8080"
},
"AsgardServerPort":{
"Description":"The TCP port for the Asgard server",
"Type":"Number",
"Default":"8090"
},
"VPCSubnet":{
"Description":"The subnet CIDR for the whole VPC.",
"Type":"String",
"Default":"10.254.0.0/16"
},
"PrivateSubnet":{
"Description":"The subnet CIDR for the private VPC subnet.",
"Type":"String",
"Default":"10.254.0.0/24"
},
"PublicSubnet":{
"Description":"The subnet CIDR for the public VPC subnet.",
"Type":"String",
"Default":"10.254.1.0/24"
}
},
"Mappings":{
"AWSInstanceType2Arch":{
"t1.micro" : { "Arch" : "64" },
"m1.small" : { "Arch" : "64" },
"m1.medium" : { "Arch" : "64" },
"m1.large" : { "Arch" : "64" },
"m1.xlarge" : { "Arch" : "64" },
"m2.xlarge" : { "Arch" : "64" },
"m2.2xlarge" : { "Arch" : "64" },
"m2.4xlarge" : { "Arch" : "64" },
"cr1.8xlarge" : { "Arch" : "64" },
"cc2.8xlarge" : { "Arch" : "64" },
"c1.medium" : { "Arch" : "64" },
"c1.xlarge" : { "Arch" : "64" },
"m3.medium" : { "Arch" : "64" },
"m3.large" : { "Arch" : "64" },
"m3.xlarge" : { "Arch" : "64" },
"m3.2xlarge" : { "Arch" : "64" },
"m3.4xlarge" : { "Arch" : "64" },
"c3.large" : { "Arch" : "64" },
"c3.xlarge" : { "Arch" : "64" },
"c3.2xlarge" : { "Arch" : "64" },
"c3.4xlarge" : { "Arch" : "64" },
"c3.8xlarge" : { "Arch" : "64" },
"r3.large" : { "Arch" : "64" },
"r3.xlarge" : { "Arch" : "64" },
"r3.2xlarge" : { "Arch" : "64" },
"r3.4xlarge" : { "Arch" : "64" },
"r3.8xlarge" : { "Arch" : "64" }
},
"AWSRegionArch2AMI":{
"us-east-1": { "32":"ami-def89fb7", "64":"ami-d0f89fb9" },
"us-west-1": { "32":"ami-fc002cb9", "64":"ami-fe002cbb" },
"us-west-2": { "32":"ami-0ef96e3e", "64":"ami-70f96e40" },
"eu-west-1": { "32":"ami-c27b6fb6", "64":"ami-ce7b6fba" },
"sa-east-1": { "32":"ami-a1da00bc", "64":"ami-a3da00be" },
"ap-southeast-1": { "32":"ami-66084734", "64":"ami-64084736" },
"ap-southeast-2": { "32":"ami-06ea7a3c", "64":"ami-04ea7a3e" },
"ap-northeast-1": { "32":"ami-fc6ceefd", "64":"ami-fe6ceeff" }
},
"AWSNATAMI":{
"us-east-1": { "AMI":"ami-c6699baf" },
"us-west-2": { "AMI":"ami-52ff7262" },
"us-west-1": { "AMI":"ami-3bcc9e7e" },
"eu-west-1": { "AMI":"ami-0b5b6c7f" },
"ap-southeast-1": { "AMI":"ami-02eb9350" },
"ap-southeast-2": { "AMI":"ami-ab990e91" },
"ap-northeast-1": { "AMI":"ami-14d86d15" },
"sa-east-1": { "AMI":"ami-0439e619" }
},
"MapRegionsToAvailZones":{
"us-east-1": { "AZone2":"us-east-1d", "AZone0":"us-east-1b", "AZone1":"us-east-1c" },
"us-west-1": { "AZone0":"us-west-1a", "AZone2":"us-west-1b", "AZone1":"us-west-1c" },
"us-west-2": { "AZone0":"us-west-2a", "AZone1":"us-west-2b", "AZone2":"us-west-2c" },
"eu-west-1": { "AZone0":"eu-west-1a", "AZone1":"eu-west-1b", "AZone2":"eu-west-1c" },
"sa-east-1": { "AZone0":"sa-east-1a", "AZone1":"sa-east-1b", "AZone2":"sa-east-1c" },
"ap-southeast-1": { "AZone0":"ap-southeast-1a", "AZone1":"ap-southeast-1b", "AZone2":"ap-southeast-1c" },
"ap-southeast-2": { "AZone0":"ap-southeast-2a", "AZone1":"ap-southeast-2b", "AZone2":"ap-southeast-2c" },
"ap-northeast-1": { "AZone0":"ap-northeast-1a", "AZone1":"ap-northeast-1b", "AZone2":"ap-northeast-1c" }
}
},
"Resources":{
"AdminVPC":{
"Type":"AWS::EC2::VPC",
"Properties":{
"EnableDnsSupport" : "true",
"EnableDnsHostnames" : "true",
"CidrBlock": { "Ref": "VPCSubnet" },
"InstanceTenancy":"default"
}
},
"PublicSubnet01":{
"Type":"AWS::EC2::Subnet",
"Properties":{
"VpcId":{
"Ref":"AdminVPC"
},
"CidrBlock":{ "Ref": "PublicSubnet" },
"AvailabilityZone":{
"Fn::FindInMap":[
"MapRegionsToAvailZones",
{ "Ref":"AWS::Region" },
"AZone1"
]
},
"Tags":[
{
"Key":"immutable_metadata",
"Value":"{'purpose':'external','target':'ec2'}"
}
]
}
},
"AdminSubnet":{
"Type":"AWS::EC2::Subnet",
"Properties":{
"VpcId":{
"Ref":"AdminVPC"
},
"CidrBlock":{ "Ref": "PrivateSubnet" },
"AvailabilityZone":{
"Fn::FindInMap":[
"MapRegionsToAvailZones",
{ "Ref":"AWS::Region" },
"AZone1"
]
},
"Tags":[
{
"Key":"Application",
"Value":"admin"
},
{
"Key":"Network",
"Value":"Private"
}
]
}
},
"InternetGateway":{
"Type":"AWS::EC2::InternetGateway",
"Properties":{
"Tags":[
{
"Key":"Application",
"Value":{
"Ref":"AWS::StackId"
}
},
{
"Key":"Network",
"Value":"Public"
}
]
}
},
"GatewayToInternet":{
"Type":"AWS::EC2::VPCGatewayAttachment",
"Properties":{
"VpcId":{
"Ref":"AdminVPC"
},
"InternetGatewayId":{
"Ref":"InternetGateway"
}
}
},
"PublicRouteTable":{
"Type":"AWS::EC2::RouteTable",
"Properties":{
"VpcId":{
"Ref":"AdminVPC"
},
"Tags":[
{
"Key":"Application",
"Value":{
"Ref":"AWS::StackId"
}
},
{
"Key":"Network",
"Value":"Public"
}
]
}
},
"PublicRoute":{
"Type":"AWS::EC2::Route",
"Properties":{
"RouteTableId":{
"Ref":"PublicRouteTable"
},
"DestinationCidrBlock":"0.0.0.0/0",
"GatewayId":{
"Ref":"InternetGateway"
}
}
},
"PublicSubnetRouteTableAssociation01":{
"Type":"AWS::EC2::SubnetRouteTableAssociation",
"Properties":{
"SubnetId":{
"Ref":"PublicSubnet01"
},
"RouteTableId":{
"Ref":"PublicRouteTable"
}
}
},
"PublicNetworkAcl":{
"Type":"AWS::EC2::NetworkAcl",
"Properties":{
"VpcId":{
"Ref":"AdminVPC"
},
"Tags":[
{
"Key":"Application",
"Value":{
"Ref":"AWS::StackId"
}
},
{
"Key":"Network",
"Value":"Public"
}
]
}
},
"InboundHTTPPublicNetworkAclEntry":{
"Type":"AWS::EC2::NetworkAclEntry",
"Properties":{
"NetworkAclId":{
"Ref":"PublicNetworkAcl"
},
"RuleNumber":"100",
"Protocol":"6",
"RuleAction":"allow",
"Egress":"false",
"CidrBlock":"0.0.0.0/0",
"PortRange":{
"From":"80",
"To":"80"
}
}
},
"InboundHTTPSPublicNetworkAclEntry":{
"Type":"AWS::EC2::NetworkAclEntry",
"Properties":{
"NetworkAclId":{
"Ref":"PublicNetworkAcl"
},
"RuleNumber":"101",
"Protocol":"6",
"RuleAction":"allow",
"Egress":"false",
"CidrBlock":"0.0.0.0/0",
"PortRange":{
"From":"443",
"To":"443"
}
}
},
"InboundSSHPublicNetworkAclEntry":{
"Type":"AWS::EC2::NetworkAclEntry",
"Properties":{
"NetworkAclId":{
"Ref":"PublicNetworkAcl"
},
"RuleNumber":"102",
"Protocol":"6",
"RuleAction":"allow",
"Egress":"false",
"CidrBlock":{
"Ref":"SSHLocation"
},
"PortRange":{
"From":"22",
"To":"22"
}
}
},
"InboundSMTPPublicNetworkAclEntry":{
"Type":"AWS::EC2::NetworkAclEntry",
"Properties":{
"NetworkAclId":{
"Ref":"PublicNetworkAcl"
},
"RuleNumber":"103",
"Protocol":"6",
"RuleAction":"allow",
"Egress":"false",
"CidrBlock":"0.0.0.0/0",
"PortRange":{
"From":"587",
"To":"587"
}
}
},
"InboundEmphemeralPublicNetworkAclEntry":{
"Type":"AWS::EC2::NetworkAclEntry",
"Properties":{
"NetworkAclId":{
"Ref":"PublicNetworkAcl"
},
"RuleNumber":"104",
"Protocol":"6",
"RuleAction":"allow",
"Egress":"false",
"CidrBlock":"0.0.0.0/0",
"PortRange":{
"From":"1024",
"To":"65535"
}
}
},
"OutboundPublicNetworkAclEntry":{
"Type":"AWS::EC2::NetworkAclEntry",
"Properties":{
"NetworkAclId":{
"Ref":"PublicNetworkAcl"
},
"RuleNumber":"100",
"Protocol":"6",
"RuleAction":"allow",
"Egress":"true",
"CidrBlock":"0.0.0.0/0",
"PortRange":{
"From":"0",
"To":"65535"
}
}
},
"PublicSubnetNetworkAclAssociation01":{
"Type":"AWS::EC2::SubnetNetworkAclAssociation",
"Properties":{
"SubnetId":{
"Ref":"PublicSubnet01"
},
"NetworkAclId":{
"Ref":"PublicNetworkAcl"
}
}
},
"PrivateRouteTable":{
"Type":"AWS::EC2::RouteTable",
"Properties":{
"VpcId":{
"Ref":"AdminVPC"
},
"Tags":[
{
"Key":"Application",
"Value":{
"Ref":"AWS::StackId"
}
},
{
"Key":"Network",
"Value":"Private"
}
]
}
},
"PrivateRoute":{
"Type":"AWS::EC2::Route",
"Properties":{
"RouteTableId":{
"Ref":"PrivateRouteTable"
},
"DestinationCidrBlock":"0.0.0.0/0",
"InstanceId":{
"Ref":"NATDevice"
}
}
},
"PrivateSubnetRouteTableAssociationAdmin":{
"Type":"AWS::EC2::SubnetRouteTableAssociation",
"Properties":{
"SubnetId":{
"Ref":"AdminSubnet"
},
"RouteTableId":{
"Ref":"PrivateRouteTable"
}
}
},
"PrivateNetworkAcl":{
"Type":"AWS::EC2::NetworkAcl",
"Properties":{
"VpcId":{
"Ref":"AdminVPC"
},
"Tags":[
{
"Key":"Application",
"Value":{
"Ref":"AWS::StackId"
}
},
{
"Key":"Network",
"Value":"Private"
}
]
}
},
"InboundPrivateNetworkAclEntry":{
"Type":"AWS::EC2::NetworkAclEntry",
"Properties":{
"NetworkAclId":{
"Ref":"PrivateNetworkAcl"
},
"RuleNumber":"100",
"Protocol":"6",
"RuleAction":"allow",
"Egress":"false",
"CidrBlock":"0.0.0.0/0",
"PortRange":{
"From":"0",
"To":"65535"
}
}
},
"OutBoundPrivateNetworkAclEntry":{
"Type":"AWS::EC2::NetworkAclEntry",
"Properties":{
"NetworkAclId":{
"Ref":"PrivateNetworkAcl"
},
"RuleNumber":"100",
"Protocol":"6",
"RuleAction":"allow",
"Egress":"true",
"CidrBlock":"0.0.0.0/0",
"PortRange":{
"From":"0",
"To":"65535"
}
}
},
"PrivateSubnetNetworkAclAssociationAdmin":{
"Type":"AWS::EC2::SubnetNetworkAclAssociation",
"Properties":{
"SubnetId":{
"Ref":"AdminSubnet"
},
"NetworkAclId":{
"Ref":"PrivateNetworkAcl"
}
}
},
"NATIPAddress":{
"Type":"AWS::EC2::EIP",
"Properties":{
"Domain":"vpc",
"InstanceId":{
"Ref":"NATDevice"
}
}
},
"NATDevice":{
"Type":"AWS::EC2::Instance",
"Properties":{
"InstanceType":{
"Ref":"NATInstanceType"
},
"KeyName":{
"Ref":"KeyName"
},
"SubnetId":{
"Ref":"PublicSubnet01"
},
"SourceDestCheck":"false",
"ImageId":{
"Fn::FindInMap":[
"AWSNATAMI",
{
"Ref":"AWS::Region"
},
"AMI"
]
},
"SecurityGroupIds":[
{
"Ref":"NATSecurityGroup"
}
]
}
},
"NATSecurityGroup":{
"Type":"AWS::EC2::SecurityGroup",
"Properties":{
"GroupDescription":"Enable internal access to the NAT device",
"VpcId":{
"Ref":"AdminVPC"
},
"SecurityGroupIngress":[
{
"IpProtocol":"tcp",
"FromPort":"22",
"ToPort":"22",
"CidrIp":{
"Ref":"SSHLocation"
}
},
{
"IpProtocol":"tcp",
"FromPort":"80",
"ToPort":"80",
"CidrIp":"0.0.0.0/0"
},
{
"IpProtocol":"tcp",
"FromPort":"443",
"ToPort":"443",
"CidrIp":"0.0.0.0/0"
},
{
"IpProtocol":"tcp",
"FromPort":"587",
"ToPort":"587",
"CidrIp":"0.0.0.0/0"
},
{
"IpProtocol":"tcp",
"FromPort":"5222",
"ToPort":"5222",
"CidrIp":"0.0.0.0/0"
}
],
"SecurityGroupEgress":[
{
"IpProtocol":"tcp",
"FromPort":"22",
"ToPort":"22",
"CidrIp":{
"Ref":"SSHLocation"
}
},
{
"IpProtocol":"tcp",
"FromPort":"80",
"ToPort":"80",
"CidrIp":"0.0.0.0/0"
},
{
"IpProtocol":"tcp",
"FromPort":"443",
"ToPort":"443",
"CidrIp":"0.0.0.0/0"
},
{
"IpProtocol":"tcp",
"FromPort":"587",
"ToPort":"587",
"CidrIp":"0.0.0.0/0"
},
{
"IpProtocol":"tcp",
"FromPort":"5222",
"ToPort":"5222",
"CidrIp":"0.0.0.0/0"
}
]
}
},
"BastionIPAddress":{
"Type":"AWS::EC2::EIP",
"Properties":{
"Domain":"vpc",
"InstanceId":{
"Ref":"BastionHost"
}
}
},
"BastionHost":{
"Type":"AWS::EC2::Instance",
"Properties":{
"InstanceType":{
"Ref":"BastionInstanceType"
},
"KeyName":{
"Ref":"KeyName"
},
"SubnetId":{
"Ref":"PublicSubnet01"
},
"ImageId":{
"Fn::FindInMap":[
"AWSRegionArch2AMI",
{
"Ref":"AWS::Region"
},
{
"Fn::FindInMap":[
"AWSInstanceType2Arch",
{
"Ref":"BastionInstanceType"
},
"Arch"
]
}
]
},
"SecurityGroupIds":[
{
"Ref":"BastionSecurityGroup"
}
],
"Tags":[
{
"Key":"play",
"Value":"bastion"
},
{
"Key":"deployment",
"Value":{
"Ref":"DeploymentTag"
},
"PropagateAtLaunch":true
}
]
}
},
"BastionSecurityGroup":{
"Type":"AWS::EC2::SecurityGroup",
"Properties":{
"GroupDescription":"Enable access to the Bastion host",
"VpcId":{
"Ref":"AdminVPC"
},
"SecurityGroupIngress":[
{
"IpProtocol":"tcp",
"FromPort":"22",
"ToPort":"22",
"CidrIp":{
"Ref":"SSHLocation"
}
}
],
"SecurityGroupEgress":[
{
"IpProtocol":"tcp",
"FromPort":"22",
"ToPort":"22",
"CidrIp":"10.254.0.0/16"
},
{
"IpProtocol":"tcp",
"FromPort":"80",
"ToPort":"80",
"CidrIp":"0.0.0.0/0"
},
{
"IpProtocol":"tcp",
"FromPort":{ "Ref": "JenkinsServerPort" },
"ToPort":{ "Ref": "JenkinsServerPort" },
"CidrIp":"0.0.0.0/0"
},
{
"IpProtocol":"tcp",
"FromPort":{ "Ref": "AsgardServerPort" },
"ToPort":{ "Ref": "AsgardServerPort" },
"CidrIp":"0.0.0.0/0"
}
]
}
},
"AdminRole": {
"Type": "AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Statement": [ {
"Effect": "Allow",
"Principal": {
"Service": [ "ec2.amazonaws.com" ]
},
"Action": [ "sts:AssumeRole" ]
} ]
},
"Path": "/",
"Policies": [ {
"PolicyName": "AdminBasePolicy",
"PolicyDocument": {
"Statement":[
{
"Effect":"Allow",
"Action": "*",
"Resource":"*"
}
]
}
} ]
}
},
"AdminInstanceProfile": {
"Type": "AWS::IAM::InstanceProfile",
"Properties": {
"Path": "/",
"Roles": [ {
"Ref": "AdminRole"
} ]
}
},
"AdminHost":{
"Type":"AWS::EC2::Instance",
"Properties":{
"InstanceType":{
"Ref":"AdminInstanceType"
},
"KeyName":{
"Ref":"KeyName"
},
"IamInstanceProfile" : {
"Ref" : "AdminInstanceProfile"
},
"SubnetId":{
"Ref":"AdminSubnet"
},
"ImageId":{
"Fn::FindInMap":[
"AWSRegionArch2AMI",
{
"Ref":"AWS::Region"
},
{
"Fn::FindInMap":[
"AWSInstanceType2Arch",
{
"Ref":"AdminInstanceType"
},
"Arch"
]
}
]
},
"SecurityGroupIds":[
{
"Ref":"AdminSecurityGroup"
}
],
"Tags":[
{
"Key":"play",
"Value":"admin"
},
{
"Key":"deployment",
"Value":{
"Ref":"DeploymentTag"
},
"PropagateAtLaunch":true
}
],
"UserData":{
"Fn::Base64":{
"Fn::Join":[
"",
[
"#!/bin/bash -x\n",
"exec >> /home/ubuntu/cflog.log\n",
"exec 2>> /home/ubuntu/cflog.log\n",
"function error_exit\n",
"{\n",
" cfn-signal -e 1 -r \"$1\" '",
{
"Ref":"AdminServerWaitHandle"
},
"'\n",
" exit 1\n",
"}\n",
"apt-get -y update\n",
"apt-get -y install python-setuptools\n",
"echo \"Python Tools installed\" - `date`\n",
"easy_install https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-latest.tar.gz\n",
"echo \"Cloudformation Boostrap installed \" - `date`\n",
"# If all went well, signal success\n",
"cfn-signal -e $? -r 'Edx Server configuration' '",
{
"Ref":"AdminServerWaitHandle"
},
"'\n"
]
]
}
},
"BlockDeviceMappings": [
{
"DeviceName": "/dev/sda1",
"Ebs":{
"VolumeSize": 100
}
},
{
"DeviceName": "/dev/sdb",
"VirtualName": "ephemeral0"
},
{
"DeviceName": "/dev/sdc",
"VirtualName": "ephemeral1"
}
]
}
},
"AdminSecurityGroup":{
"Type":"AWS::EC2::SecurityGroup",
"Properties":{
"GroupDescription":"Admin Security Group",
"VpcId":{
"Ref":"AdminVPC"
},
"SecurityGroupIngress":[
{
"IpProtocol":"tcp",
"FromPort":"22",
"ToPort":"22",
"CidrIp":{
"Ref":"SSHLocation"
}
},
{
"IpProtocol":"tcp",
"FromPort":{ "Ref": "JenkinsServerPort" },
"ToPort":{ "Ref": "JenkinsServerPort" },
"CidrIp":"0.0.0.0/0"
},
{
"IpProtocol":"tcp",
"FromPort":{ "Ref": "AsgardServerPort" },
"ToPort":{ "Ref": "AsgardServerPort" },
"CidrIp":"0.0.0.0/0"
}
]
}
},
"AdminServerWaitHandle":{
"Type":"AWS::CloudFormation::WaitConditionHandle"
},
"AdminServerWaitCondition":{
"Type":"AWS::CloudFormation::WaitCondition",
"DependsOn":"AdminHost",
"Properties":{
"Handle":{
"Ref":"AdminServerWaitHandle"
},
"Timeout":"1200"
}
}
}
}
cloudformation_templates/edx-reference-architecture.json deleted 100644 → 0
This source diff could not be displayed because it is too large. You can view the blob instead.
cloudformation_templates/edx-server-multi-instance.json deleted 100644 → 0
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "Sample template to bring up an Edx Server. A WaitCondition is used to hold up the stack creation until the application is deployed. **WARNING** This template creates one or more Amazon EC2 instances. You will be billed for the AWS resources used if you create a stack from this template.",
"Parameters": {
"GroupTag": {
"Type": "String",
"Description": "Group Tag"
},
"KeyName": {
"Type": "String",
"Description" : "Name of an existing EC2 KeyPair to enable SSH access to the web server"
},
"InstanceType" : {
"Description" : "WebServer EC2 instance type",
"Type" : "String",
"Default" : "m1.small",
"AllowedValues" : [ "t1.micro","m1.small","m1.medium","m1.large","m1.xlarge","m2.xlarge","m2.2xlarge","m2.4xlarge","m3.xlarge","m3.2xlarge","c1.medium","c1.xlarge","cc1.4xlarge","cc2.8xlarge","cg1.4xlarge"],
"ConstraintDescription" : "must be a valid EC2 instance type."
},
"SSHLocation" : {
"Description" : "The IP address range that can be used to SSH to the EC2 instances",
"Type": "String",
"MinLength": "9",
"MaxLength": "18",
"Default": "0.0.0.0/0",
"AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})",
"ConstraintDescription": "must be a valid IP CIDR range of the form x.x.x.x/x."
},
"WebServerPort" : {
"Description" : "The TCP port for the Web Server",
"Type" : "Number",
"Default" : "8888"
}
},
"Mappings" : {
"AWSInstanceType2Arch" : {
"t1.micro" : { "Arch" : "64" },
"m1.small" : { "Arch" : "64" },
"m1.medium" : { "Arch" : "64" },
"m1.large" : { "Arch" : "64" },
"m1.xlarge" : { "Arch" : "64" },
"m2.xlarge" : { "Arch" : "64" },
"m2.2xlarge" : { "Arch" : "64" },
"m2.4xlarge" : { "Arch" : "64" },
"cr1.8xlarge" : { "Arch" : "64" },
"cc2.8xlarge" : { "Arch" : "64" },
"c1.medium" : { "Arch" : "64" },
"c1.xlarge" : { "Arch" : "64" },
"m3.medium" : { "Arch" : "64" },
"m3.large" : { "Arch" : "64" },
"m3.xlarge" : { "Arch" : "64" },
"m3.2xlarge" : { "Arch" : "64" },
"m3.4xlarge" : { "Arch" : "64" },
"c3.large" : { "Arch" : "64" },
"c3.xlarge" : { "Arch" : "64" },
"c3.2xlarge" : { "Arch" : "64" },
"c3.4xlarge" : { "Arch" : "64" },
"c3.8xlarge" : { "Arch" : "64" },
"r3.large" : { "Arch" : "64" },
"r3.xlarge" : { "Arch" : "64" },
"r3.2xlarge" : { "Arch" : "64" },
"r3.4xlarge" : { "Arch" : "64" },
"r3.8xlarge" : { "Arch" : "64" }
},
"AWSRegionArch2AMI" : {
"us-east-1" : { "32" : "ami-def89fb7", "64" : "ami-d0f89fb9" },
"us-west-1" : { "32" : "ami-fc002cb9", "64" : "ami-fe002cbb" },
"us-west-2" : { "32" : "ami-0ef96e3e", "64" : "ami-70f96e40" },
"eu-west-1" : { "32" : "ami-c27b6fb6", "64" : "ami-ce7b6fba" },
"sa-east-1" : { "32" : "ami-a1da00bc", "64" : "ami-a3da00be" },
"ap-southeast-1" : { "32" : "ami-66084734", "64" : "ami-64084736" },
"ap-southeast-2" : { "32" : "ami-06ea7a3c", "64" : "ami-04ea7a3e" },
"ap-northeast-1" : { "32" : "ami-fc6ceefd", "64" : "ami-fe6ceeff" }
}
},
"Resources" : {
"WebServerGroup" : {
"Type" : "AWS::AutoScaling::AutoScalingGroup",
"Properties" : {
"Tags" : [ {
"Key" : "Group",
"Value" : { "Ref": "GroupTag" },
"PropagateAtLaunch" : true
} ],
"AvailabilityZones" : { "Fn::GetAZs" : ""},
"LaunchConfigurationName" : { "Ref" : "EdxServer" },
"MinSize" : "2",
"MaxSize" : "2",
"LoadBalancerNames" : [ { "Ref" : "ElasticLoadBalancer" } ]
}
},
"WebServerScaleUpPolicy" : {
"Type" : "AWS::AutoScaling::ScalingPolicy",
"Properties" : {
"AdjustmentType" : "ChangeInCapacity",
"AutoScalingGroupName" : { "Ref" : "WebServerGroup" },
"Cooldown" : "60",
"ScalingAdjustment" : "1"
}
},
"WebServerScaleDownPolicy" : {
"Type" : "AWS::AutoScaling::ScalingPolicy",
"Properties" : {
"AdjustmentType" : "ChangeInCapacity",
"AutoScalingGroupName" : { "Ref" : "WebServerGroup" },
"Cooldown" : "60",
"ScalingAdjustment" : "-1"
}
},
"CPUAlarmHigh": {
"Type": "AWS::CloudWatch::Alarm",
"Properties": {
"AlarmDescription": "Scale-up if CPU > 90% for 10 minutes",
"MetricName": "CPUUtilization",
"Namespace": "AWS/EC2",
"Statistic": "Average",
"Period": "300",
"EvaluationPeriods": "2",
"Threshold": "90",
"AlarmActions": [ { "Ref": "WebServerScaleUpPolicy" } ],
"Dimensions": [
{
"Name": "AutoScalingGroupName",
"Value": { "Ref": "WebServerGroup" }
}
],
"ComparisonOperator": "GreaterThanThreshold"
}
},
"CPUAlarmLow": {
"Type": "AWS::CloudWatch::Alarm",
"Properties": {
"AlarmDescription": "Scale-down if CPU < 70% for 10 minutes",
"MetricName": "CPUUtilization",
"Namespace": "AWS/EC2",
"Statistic": "Average",
"Period": "300",
"EvaluationPeriods": "2",
"Threshold": "70",
"AlarmActions": [ { "Ref": "WebServerScaleDownPolicy" } ],
"Dimensions": [
{
"Name": "AutoScalingGroupName",
"Value": { "Ref": "WebServerGroup" }
}
],
"ComparisonOperator": "LessThanThreshold"
}
},
"ElasticLoadBalancer" : {
"Type" : "AWS::ElasticLoadBalancing::LoadBalancer",
"Properties" : {
"AvailabilityZones" : { "Fn::GetAZs" : "" },
"Listeners" : [ {
"LoadBalancerPort" : "80",
"InstancePort" : { "Ref" : "WebServerPort" },
"Protocol" : "HTTP"
} ],
"HealthCheck" : {
"Target" : "TCP:22",
"HealthyThreshold" : "3",
"UnhealthyThreshold" : "5",
"Interval" : "30",
"Timeout" : "5"
}
}
},
"InstanceSecurityGroup" : {
"Type" : "AWS::EC2::SecurityGroup",
"Properties" : {
"GroupDescription" : "Enable SSH access and HTTP from the load balancer only",
"SecurityGroupIngress" : [ {
"IpProtocol" : "tcp",
"FromPort" : "22",
"ToPort" : "22",
"CidrIp" : { "Ref" : "SSHLocation"}
},
{
"IpProtocol" : "tcp",
"FromPort" : { "Ref" : "WebServerPort" },
"ToPort" : { "Ref" : "WebServerPort" },
"SourceSecurityGroupOwnerId" : {"Fn::GetAtt" : ["ElasticLoadBalancer", "SourceSecurityGroup.OwnerAlias"]},
"SourceSecurityGroupName" : {"Fn::GetAtt" : ["ElasticLoadBalancer", "SourceSecurityGroup.GroupName"]}
} ]
}
},
"EdxServerUser" : {
"Type" : "AWS::IAM::User",
"Properties" : {
"Path": "/",
"Policies": [{
"PolicyName": "root",
"PolicyDocument": { "Statement":[{
"Effect":"Allow",
"Action": [
"cloudformation:DescribeStackResource",
"s3:Put"
],
"Resource":"*"
}]}
}]
}
},
"HostKeys" : {
"Type" : "AWS::IAM::AccessKey",
"Properties" : {
"UserName" : {"Ref": "EdxServerUser"}
}
},
"EdxServer": {
"Type": "AWS::AutoScaling::LaunchConfiguration",
"Metadata" : {
"AWS::CloudFormation::Init" : {
"config" : {
"files" : {
"/home/ubuntu/.s3cfg" : {
"content" : { "Fn::Join" : ["", [
"[default]\n",
"access_key = ", { "Ref" : "HostKeys" }, "\n",
"secret_key = ", {"Fn::GetAtt": ["HostKeys", "SecretAccessKey"]}, "\n",
"use_https = True\n"
]]},
"mode" : "000644",
"owner" : "ubuntu",
"group" : "ubuntu"
}
}
}
}
},
"Properties": {
"SecurityGroups": [ { "Ref": "EdxServerSecurityGroup" } ],
"ImageId": { "Fn::FindInMap": [ "AWSRegionArch2AMI", { "Ref": "AWS::Region" }, { "Fn::FindInMap": [ "AWSInstanceType2Arch", { "Ref": "InstanceType" }, "Arch" ] } ]
},
"UserData" : { "Fn::Base64" : { "Fn::Join" : ["", [
"#!/bin/bash\n",
"exec >> /home/ubuntu/cflog.log\n",
"exec 2>> /home/ubuntu/cflog.log\n",
"function error_exit\n",
"{\n",
" cfn-signal -e 1 -r \"$1\" '", { "Ref" : "EdxServerWaitHandle" }, "'\n",
" exit 1\n",
"}\n",
"apt-get -y update\n",
"apt-get -y install python-setuptools\n",
"echo \"Python Tools installed\" - `date` >> /home/ubuntu/cflog.txt\n",
"easy_install https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-latest.tar.gz\n",
"echo \"Cloudformation Boostrap installed \" - `date` >> /home/ubuntu/cflog.txt\n",
"cfn-init --region ", { "Ref" : "AWS::Region" },
" -s ", { "Ref" : "AWS::StackName" }, " -r EdxServer ",
" --access-key ", { "Ref" : "HostKeys" },
" --secret-key ", {"Fn::GetAtt": ["HostKeys", "SecretAccessKey"]}, " || error_exit 'Failed to run cfn-init'\n",
"echo \"cfn-init run \" - `date` >> /home/ubuntu/cflog.txt\n",
"# If all went well, signal success\n",
"cfn-signal -e $? -r 'Edx Server configuration' '", { "Ref" : "EdxServerWaitHandle" }, "'\n"
]]}},
"KeyName": { "Ref": "KeyName" },
"InstanceType": { "Ref": "InstanceType" }
}
},
"EdxServerSecurityGroup" : {
"Type" : "AWS::EC2::SecurityGroup",
"Properties" : {
"GroupDescription" : "Open up SSH access plus Edx Server required ports",
"SecurityGroupIngress" : [
{ "IpProtocol": "tcp", "FromPort": "22", "ToPort": "22", "CidrIp": { "Ref" : "SSHLocation"} },
{ "IpProtocol": "tcp", "FromPort": "80", "ToPort": "80", "CidrIp": "0.0.0.0/0"},
{ "IpProtocol": "tcp", "FromPort": "443", "ToPort": "443", "CidrIp": "0.0.0.0/0"}
]
}
},
"EdxServerWaitHandle" : {
"Type" : "AWS::CloudFormation::WaitConditionHandle"
},
"EdxServerWaitCondition" : {
"Type" : "AWS::CloudFormation::WaitCondition",
"DependsOn" : "EdxServer",
"Properties" : {
"Handle" : { "Ref" : "EdxServerWaitHandle" },
"Timeout" : "1200"
}
}
},
"Outputs" : {
"EdxSecurityGroup" : {
"Description" : "EC2 Security Group with access to the Edx server",
"Value" : { "Ref" :"EdxServerSecurityGroup" }
}
}
}
cloudformation_templates/edx-server-single-instance.json deleted 100644 → 0
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "Sample template to bring up an Edx Server. A WaitCondition is used to hold up the stack creation until the application is deployed. **WARNING** This template creates one or more Amazon EC2 instances. You will be billed for the AWS resources used if you create a stack from this template.",
"Parameters": {
"NameTag": {
"Type": "String",
"Description": "Name Tag"
},
"GroupTag": {
"Type": "String",
"Description": "Group Tag"
},
"KeyName": {
"Type": "String",
"Description" : "Name of an existing EC2 KeyPair to enable SSH access to the web server"
},
"InstanceType" : {
"Description" : "WebServer EC2 instance type",
"Type" : "String",
"Default" : "m1.small",
"AllowedValues" : [ "t1.micro","m1.small","m1.medium","m1.large","m1.xlarge","m2.xlarge","m2.2xlarge","m2.4xlarge","m3.xlarge","m3.2xlarge","c1.medium","c1.xlarge","cc1.4xlarge","cc2.8xlarge","cg1.4xlarge"],
"ConstraintDescription" : "must be a valid EC2 instance type."
},
"SSHLocation" : {
"Description" : "The IP address range that can be used to SSH to the EC2 instances",
"Type": "String",
"MinLength": "9",
"MaxLength": "18",
"Default": "0.0.0.0/0",
"AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})",
"ConstraintDescription": "must be a valid IP CIDR range of the form x.x.x.x/x."
}
},
"Mappings" : {
"AWSInstanceType2Arch" : {
"t1.micro" : { "Arch" : "64" },
"m1.small" : { "Arch" : "64" },
"m1.medium" : { "Arch" : "64" },
"m1.large" : { "Arch" : "64" },
"m1.xlarge" : { "Arch" : "64" },
"m2.xlarge" : { "Arch" : "64" },
"m2.2xlarge" : { "Arch" : "64" },
"m2.4xlarge" : { "Arch" : "64" },
"cr1.8xlarge" : { "Arch" : "64" },
"cc2.8xlarge" : { "Arch" : "64" },
"c1.medium" : { "Arch" : "64" },
"c1.xlarge" : { "Arch" : "64" },
"m3.medium" : { "Arch" : "64" },
"m3.large" : { "Arch" : "64" },
"m3.xlarge" : { "Arch" : "64" },
"m3.2xlarge" : { "Arch" : "64" },
"m3.4xlarge" : { "Arch" : "64" },
"c3.large" : { "Arch" : "64" },
"c3.xlarge" : { "Arch" : "64" },
"c3.2xlarge" : { "Arch" : "64" },
"c3.4xlarge" : { "Arch" : "64" },
"c3.8xlarge" : { "Arch" : "64" },
"r3.large" : { "Arch" : "64" },
"r3.xlarge" : { "Arch" : "64" },
"r3.2xlarge" : { "Arch" : "64" },
"r3.4xlarge" : { "Arch" : "64" },
"r3.8xlarge" : { "Arch" : "64" }
},
"AWSRegionArch2AMI" : {
"us-east-1" : { "32" : "ami-def89fb7", "64" : "ami-d0f89fb9" },
"us-west-1" : { "32" : "ami-fc002cb9", "64" : "ami-fe002cbb" },
"us-west-2" : { "32" : "ami-0ef96e3e", "64" : "ami-70f96e40" },
"eu-west-1" : { "32" : "ami-c27b6fb6", "64" : "ami-ce7b6fba" },
"sa-east-1" : { "32" : "ami-a1da00bc", "64" : "ami-a3da00be" },
"ap-southeast-1" : { "32" : "ami-66084734", "64" : "ami-64084736" },
"ap-southeast-2" : { "32" : "ami-06ea7a3c", "64" : "ami-04ea7a3e" },
"ap-northeast-1" : { "32" : "ami-fc6ceefd", "64" : "ami-fe6ceeff" }
}
},
"Resources" : {
"EdxServerUser" : {
"Type" : "AWS::IAM::User",
"Properties" : {
"Path": "/",
"Policies": [{
"PolicyName": "root",
"PolicyDocument": { "Statement":[{
"Effect":"Allow",
"Action": [
"cloudformation:DescribeStackResource",
"s3:Put"
],
"Resource":"*"
}]}
}]
}
},
"HostKeys" : {
"Type" : "AWS::IAM::AccessKey",
"Properties" : {
"UserName" : {"Ref": "EdxServerUser"}
}
},
"EdxServer": {
"Type": "AWS::EC2::Instance",
"Metadata" : {
"AWS::CloudFormation::Init" : {
"config" : {
"files" : {
"/home/ubuntu/.s3cfg" : {
"content" : { "Fn::Join" : ["", [
"[default]\n",
"access_key = ", { "Ref" : "HostKeys" }, "\n",
"secret_key = ", {"Fn::GetAtt": ["HostKeys", "SecretAccessKey"]}, "\n",
"use_https = True\n"
]]},
"mode" : "000644",
"owner" : "ubuntu",
"group" : "ubuntu"
}
}
}
}
},
"Properties": {
"Tags" : [ {
"Key" : "Name",
"Value" :{ "Ref": "NameTag" }
},
{
"Key" : "Group",
"Value" : { "Ref": "GroupTag" }
}
],
"SecurityGroups": [ { "Ref": "EdxServerSecurityGroup" } ],
"ImageId": { "Fn::FindInMap": [ "AWSRegionArch2AMI", { "Ref": "AWS::Region" }, { "Fn::FindInMap": [ "AWSInstanceType2Arch", { "Ref": "InstanceType" }, "Arch" ] } ]
},
"UserData" : { "Fn::Base64" : { "Fn::Join" : ["", [
"#!/bin/bash\n",
"function error_exit\n",
"{\n",
" cfn-signal -e 1 -r \"$1\" '", { "Ref" : "EdxServerWaitHandle" }, "'\n",
" exit 1\n",
"}\n",
"apt-get -y install python-setuptools\n",
"echo \"Python Tools installed\" - `date` >> /home/ubuntu/cflog.txt\n",
"easy_install https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-latest.tar.gz\n",
"echo \"Cloudformation Boostrap installed \" - `date` >> /home/ubuntu/cflog.txt\n",
"cfn-init --region ", { "Ref" : "AWS::Region" },
" -s ", { "Ref" : "AWS::StackId" }, " -r EdxServer ",
" --access-key ", { "Ref" : "HostKeys" },
" --secret-key ", {"Fn::GetAtt": ["HostKeys", "SecretAccessKey"]}, " || error_exit 'Failed to run cfn-init'\n",
"echo \"cfn-init run \" - `date` >> /home/ubuntu/cflog.txt\n",
"# If all went well, signal success\n",
"cfn-signal -e $? -r 'Edx Server configuration' '", { "Ref" : "EdxServerWaitHandle" }, "'\n"
]]}},
"KeyName": { "Ref": "KeyName" },
"InstanceType": { "Ref": "InstanceType" }
}
},
"EdxServerSecurityGroup" : {
"Type" : "AWS::EC2::SecurityGroup",
"Properties" : {
"GroupDescription" : "Open up SSH access plus Edx Server required ports",
"SecurityGroupIngress" : [
{ "IpProtocol": "tcp", "FromPort": "22", "ToPort": "22", "CidrIp": { "Ref" : "SSHLocation"} },
{ "IpProtocol": "tcp", "FromPort": "4000", "ToPort": "4000", "SourceSecurityGroupName": { "Ref" :"EdxClientSecurityGroup" }},
{ "IpProtocol": "tcp", "FromPort": "4040", "ToPort": "4040", "CidrIp": "0.0.0.0/0"}
]
}
},
"EdxClientSecurityGroup" : {
"Type" : "AWS::EC2::SecurityGroup",
"Properties" : {
"GroupDescription" : "Group with access to Edx Server"
}
},
"EdxServerWaitHandle" : {
"Type" : "AWS::CloudFormation::WaitConditionHandle"
},
"EdxServerWaitCondition" : {
"Type" : "AWS::CloudFormation::WaitCondition",
"DependsOn" : "EdxServer",
"Properties" : {
"Handle" : { "Ref" : "EdxServerWaitHandle" },
"Timeout" : "1200"
}
}
},
"Outputs" : {
"EdxSecurityGroup" : {
"Description" : "EC2 Security Group with access to the Edx server",
"Value" : { "Ref" :"EdxClientSecurityGroup" }
}
}
}
cloudformation_templates/edx-single-vpc-no-nat-or-bastion.json deleted 100644 → 0
{
"AWSTemplateFormatVersion":"2010-09-09",
"Description":"Separate VPC for database clones and replicas.",
"Parameters":{
"EnvironmentTag":{
"Type":"String",
"Description":"A tag value applied to the hosts in the VPC indicating which environment to use during the configuration phase, e.g., stage, prod, sandbox",
"Default":"prod"
},
"DeploymentTag":{
"Type":"String",
"Description":"A tag value applied to the hosts in the VPC indicating which deployment this is, e.g., edx, edge, <university>, <org>",
"Default":"edx"
},
"KeyName":{
"Type":"String",
"Description":"Name of an existing EC2 KeyPair to enable SSH access to the web server",
"Default":"deployment-201407"
},
"ClassB":{
"Default":"1",
"Description":"The second octet of the Class B to be allocated for this VPC. 10.?.xxx.xxx",
"Type":"Number",
"MinValue":"0",
"MaxValue":"255",
"ConstraintDescription":"ClassB value must be between 0 and 255."
}
},
"Mappings":{
"SubnetConfig":{
"VPC": { "CIDR":".0.0/16" },
"Data01": { "CIDR":".50.0/24" },
"Data02": { "CIDR":".51.0/24" }
},
"MapRegionsToAvailZones":{
"us-east-1": { "AZone2":"us-east-1d", "AZone0":"us-east-1b", "AZone1":"us-east-1c" },
"us-west-1": { "AZone0":"us-west-1a", "AZone2":"us-west-1b", "AZone1":"us-west-1c" },
"us-west-2": { "AZone0":"us-west-2a", "AZone1":"us-west-2b", "AZone2":"us-west-2c" },
"eu-west-1": { "AZone0":"eu-west-1a", "AZone1":"eu-west-1b", "AZone2":"eu-west-1c" },
"sa-east-1": { "AZone0":"sa-east-1a", "AZone1":"sa-east-1b", "AZone2":"sa-east-1c" },
"ap-southeast-1": { "AZone0":"ap-southeast-1a", "AZone1":"ap-southeast-1b", "AZone2":"ap-southeast-1c" },
"ap-southeast-2": { "AZone0":"ap-southeast-2a", "AZone1":"ap-southeast-2b", "AZone2":"ap-southeast-2c" },
"ap-northeast-1": { "AZone0":"ap-northeast-1a", "AZone1":"ap-northeast-1b", "AZone2":"ap-northeast-1c" }
}
},
"Resources":{
"EdxVPC":{
"Type":"AWS::EC2::VPC",
"Properties":{
"EnableDnsSupport" : "true",
"EnableDnsHostnames" : "true",
"CidrBlock": { "Fn::Join": ["", ["10.", { "Ref": "ClassB" }, { "Fn::FindInMap": [ "SubnetConfig", "VPC", "CIDR"]}]]},
"InstanceTenancy":"default"
}
},
"Data01":{
"Type":"AWS::EC2::Subnet",
"Properties":{
"VpcId":{
"Ref":"EdxVPC"
},
"CidrBlock":{
"Fn::Join": ["", [
"10.", { "Ref": "ClassB"},
{"Fn::FindInMap":[
"SubnetConfig",
"Data01",
"CIDR"
]}
]]
},
"AvailabilityZone":{
"Fn::FindInMap":[
"MapRegionsToAvailZones",
{ "Ref":"AWS::Region" },
"AZone0"
]
},
"Tags":[
{
"Key":"Name",
"Value":"Subnet-for-sanitized-dbs"
}
]
}
},
"Data02":{
"Type":"AWS::EC2::Subnet",
"Properties":{
"VpcId":{
"Ref":"EdxVPC"
},
"CidrBlock":{
"Fn::Join": ["", [
"10.", { "Ref": "ClassB"},
{"Fn::FindInMap":[
"SubnetConfig",
"Data02",
"CIDR"
]}
]]
},
"AvailabilityZone":{
"Fn::FindInMap":[
"MapRegionsToAvailZones",
{ "Ref":"AWS::Region" },
"AZone1"
]
},
"Tags":[
{
"Key":"Name",
"Value":"Subnet-for-non-sanitized-clones"
}
]
}
},
"PrivateRouteTable":{
"Type":"AWS::EC2::RouteTable",
"Properties":{
"VpcId":{
"Ref":"EdxVPC"
},
"Tags":[
{
"Key":"Application",
"Value":{
"Ref":"AWS::StackId"
}
},
{
"Key":"Network",
"Value":"Private"
}
]
}
},
"PrivateSubnetRouteTableAssociationData01":{
"Type":"AWS::EC2::SubnetRouteTableAssociation",
"Properties":{
"SubnetId":{
"Ref":"Data01"
},
"RouteTableId":{
"Ref":"PrivateRouteTable"
}
}
},
"PrivateSubnetRouteTableAssociationData02":{
"Type":"AWS::EC2::SubnetRouteTableAssociation",
"Properties":{
"SubnetId":{
"Ref":"Data02"
},
"RouteTableId":{
"Ref":"PrivateRouteTable"
}
}
},
"PrivateNetworkAcl":{
"Type":"AWS::EC2::NetworkAcl",
"Properties":{
"VpcId":{
"Ref":"EdxVPC"
},
"Tags":[
{
"Key":"Application",
"Value":{
"Ref":"AWS::StackId"
}
},
{
"Key":"Network",
"Value":"Private"
}
]
}
},
"InboundPrivateNetworkAclEntry":{
"Type":"AWS::EC2::NetworkAclEntry",
"Properties":{
"NetworkAclId":{
"Ref":"PrivateNetworkAcl"
},
"RuleNumber":"100",
"Protocol":"6",
"RuleAction":"allow",
"Egress":"false",
"CidrBlock":"0.0.0.0/0",
"PortRange":{
"From":"0",
"To":"65535"
}
}
},
"OutBoundPrivateNetworkAclEntry":{
"Type":"AWS::EC2::NetworkAclEntry",
"Properties":{
"NetworkAclId":{
"Ref":"PrivateNetworkAcl"
},
"RuleNumber":"100",
"Protocol":"6",
"RuleAction":"allow",
"Egress":"true",
"CidrBlock":"0.0.0.0/0",
"PortRange":{
"From":"0",
"To":"65535"
}
}
},
"PrivateSubnetNetworkAclAssociationData01":{
"Type":"AWS::EC2::SubnetNetworkAclAssociation",
"Properties":{
"SubnetId":{
"Ref":"Data01"
},
"NetworkAclId":{
"Ref":"PrivateNetworkAcl"
}
}
},
"PrivateSubnetNetworkAclAssociationData02":{
"Type":"AWS::EC2::SubnetNetworkAclAssociation",
"Properties":{
"SubnetId":{
"Ref":"Data02"
},
"NetworkAclId":{
"Ref":"PrivateNetworkAcl"
}
}
},
"EdxDataSecurityGroup":{
"Type":"AWS::EC2::SecurityGroup",
"Properties":{
"GroupDescription":"Open up access to the data subnet",
"VpcId":{
"Ref":"EdxVPC"
},
"SecurityGroupIngress":[
{
"IpProtocol":"tcp",
"FromPort":"3306",
"ToPort":"3306",
"CidrIp":"0.0.0.0/0"
},
{
"IpProtocol":"tcp",
"FromPort":"27017",
"ToPort":"27017",
"CidrIp":"0.0.0.0/0"
}
]
}
},
"EdxDBSubnetGroup":{
"Type":"AWS::RDS::DBSubnetGroup",
"Properties":{
"DBSubnetGroupDescription":"Subnets available for the RDS DB Instance",
"SubnetIds":[
{
"Ref":"Data01"
},
{
"Ref":"Data02"
}
]
}
},
"DBSecurityGroup":{
"Type":"AWS::RDS::DBSecurityGroup",
"Properties":{
"EC2VpcId":{
"Ref":"EdxVPC"
},
"GroupDescription":"Data access"
}
}
}
}
cloudformation_templates/examples/EC2_Instance_With_Block_Device_Mapping.json deleted 100644 → 0
{
"AWSTemplateFormatVersion" : "2010-09-09",
"Description" : "AWS CloudFormation Sample Template EC2_Instance_With_Block_Device_Mapping: Example to show how to attach EBS volumes and modify the root device using EC2 block device mappings. **WARNING** This template creates an Amazon EC2 instance. You will be billed for the AWS resources used if you create a stack from this template.",
"Parameters" : {
"InstanceType" : {
"Description" : "WebServer EC2 instance type",
"Type" : "String",
"Default" : "m1.small",
"AllowedValues" : [ "t1.micro","m1.small","m1.medium","m1.large","m1.xlarge","m3.xlarge","m3.2xlarge","m2.xlarge","m2.2xlarge","m2.4xlarge","c1.medium","c1.xlarge","cc1.4xlarge","cc2.8xlarge","cg1.4xlarge","hi1.4xlarge","hs1.8xlarge"],
"ConstraintDescription" : "must be a valid EC2 instance type."
},
"KeyName" : {
"Description" : "Name of an existing EC2 KeyPair to enable SSH access to the web server",
"Type" : "String"
},
"SSHFrom": {
"Description": "Lockdown SSH access to the bastion host (default can be accessed from anywhere)",
"Type": "String",
"MinLength": "9",
"MaxLength": "18",
"Default": "0.0.0.0/0",
"AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})",
"ConstraintDescription": "must be a valid CIDR range of the form x.x.x.x/x."
}
},
"Mappings" : {
"AWSInstanceType2Arch" : {
"t1.micro" : { "Arch" : "PV64" },
"m1.small" : { "Arch" : "PV64" },
"m1.medium" : { "Arch" : "PV64" },
"m1.large" : { "Arch" : "PV64" },
"m1.xlarge" : { "Arch" : "PV64" },
"m3.xlarge" : { "Arch" : "PV64" },
"m3.2xlarge" : { "Arch" : "PV64" },
"m2.xlarge" : { "Arch" : "PV64" },
"m2.2xlarge" : { "Arch" : "PV64" },
"m2.4xlarge" : { "Arch" : "PV64" },
"c1.medium" : { "Arch" : "PV64" },
"c1.xlarge" : { "Arch" : "PV64" },
"cc1.4xlarge" : { "Arch" : "CLU64" },
"cc2.8xlarge" : { "Arch" : "CLU64" },
"cg1.4xlarge" : { "Arch" : "GPU64" },
"hi1.4xlarge" : { "Arch" : "PV64" },
"hs1.8xlarge" : { "Arch" : "PV64" }
},
"AWSRegionArch2AMI" : {
"us-east-1" : { "PV64" : "ami-3c994355", "CLU64" : "ami-08249861", "GPU64" : "ami-02f54a6b" },
"us-west-2" : { "PV64" : "ami-20800c10", "CLU64" : "ami-2431bf14", "GPU64" : "NOT_YET_SUPPORTED" },
"us-west-1" : { "PV64" : "ami-87712ac2", "CLU64" : "NOT_YET_SUPPORTED", "GPU64" : "NOT_YET_SUPPORTED" },
"eu-west-1" : { "PV64" : "ami-c37474b7", "CLU64" : "ami-d97474ad", "GPU64" : "ami-1b02026f" },
"ap-southeast-1" : { "PV64" : "ami-a6a7e7f4", "CLU64" : "NOT_YET_SUPPORTED", "GPU64" : "NOT_YET_SUPPORTED" },
"ap-southeast-2" : { "PV64" : "ami-bd990e87", "CLU64" : "NOT_YET_SUPPORTED", "GPU64" : "NOT_YET_SUPPORTED" },
"ap-northeast-1" : { "PV64" : "ami-4e6cd34f", "CLU64" : "NOT_YET_SUPPORTED", "GPU64" : "NOT_YET_SUPPORTED" },
"sa-east-1" : { "PV64" : "ami-1e08d103", "CLU64" : "NOT_YET_SUPPORTED", "GPU64" : "NOT_YET_SUPPORTED" }
}
},
"Resources" : {
"Ec2Instance" : {
"Type" : "AWS::EC2::Instance",
"Properties" : {
"ImageId" : { "Fn::FindInMap" : [ "AWSRegionArch2AMI", { "Ref" : "AWS::Region" },
{ "Fn::FindInMap" : [ "AWSInstanceType2Arch", { "Ref" : "InstanceType" }, "Arch" ] } ] },
"KeyName" : { "Ref" : "KeyName" },
"InstanceType" : { "Ref" : "InstanceType" },
"SecurityGroups" : [{ "Ref" : "Ec2SecurityGroup" }],
"BlockDeviceMappings" : [
{
"DeviceName" : "/dev/sda1",
"Ebs" : { "VolumeSize" : "50" }
},{
"DeviceName" : "/dev/sdm",
"Ebs" : { "VolumeSize" : "100" }
}
]
}
},
"Ec2SecurityGroup" : {
"Type" : "AWS::EC2::SecurityGroup",
"Properties" : {
"GroupDescription" : "HTTP and SSH access",
"SecurityGroupIngress" : [ {
"IpProtocol" : "tcp",
"FromPort" : "22", "ToPort" : "22",
"CidrIp" : { "Ref" : "SSHFrom" }
} ]
}
}
},
"Outputs" : {
"Instance" : {
"Value" : { "Fn::GetAtt" : [ "Ec2Instance", "PublicDnsName" ] },
"Description" : "DNS Name of the newly created EC2 instance"
}
}
}
cloudformation_templates/examples/ElastiCache.json deleted 100644 → 0
{
"AWSTemplateFormatVersion" : "2010-09-09",
"Description" : "AWS CloudFormation Sample Template ElastiCache: Sample template showing how to create an Amazon ElastiCache Cache Cluster with Auto Discovery and access it from a very simple PHP application. **WARNING** This template creates an Amazon Ec2 Instance and an Amazon ElastiCache Cluster. You will be billed for the AWS resources used if you create a stack from this template.",
"Parameters" : {
"KeyName" : {
"Description" : "Name of an existing Amazon EC2 KeyPair for SSH access to the Web Server",
"Type" : "String"
},
"InstanceType" : {
"Description" : "WebServer EC2 instance type",
"Type" : "String",
"Default" : "m1.small",
"AllowedValues" : [ "t1.micro","m1.small","m1.medium","m1.large","m1.xlarge", "m3.xlarge", "m3.2xlarge", "m2.xlarge","m2.2xlarge","m2.4xlarge","c1.medium","c1.xlarge","cc1.4xlarge","cc2.8xlarge","cg1.4xlarge", "hi1.4xlarge", "hs1.8xlarge"],
"ConstraintDescription" : "must be a valid EC2 instance type."
},
"CacheNodeType" : {
"Default" : "cache.m1.small",
"Description" : "The compute and memory capacity of the nodes in the Cache Cluster",
"Type" : "String",
"AllowedValues" : [ "cache.m1.small", "cache.m1.large", "cache.m1.xlarge", "cache.m2.xlarge", "cache.m2.2xlarge", "cache.m2.4xlarge", "cache.c1.xlarge" ],
"ConstraintDescription" : "must select a valid Cache Node type."
},
"NumberOfCacheNodes" : {
"Default": "1",
"Description" : "The number of Cache Nodes the Cache Cluster should have",
"Type": "Number",
"MinValue": "1",
"MaxValue": "10",
"ConstraintDescription" : "must be between 5 and 10."
},
"SSHLocation" : {
"Description" : "The IP address range that can be used to SSH to the EC2 instances",
"Type": "String",
"MinLength": "9",
"MaxLength": "18",
"Default": "0.0.0.0/0",
"AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})",
"ConstraintDescription": "must be a valid IP CIDR range of the form x.x.x.x/x."
}
},
"Mappings" : {
"AWSInstanceType2Arch" : {
"t1.micro" : { "Arch" : "PV64" },
"m1.small" : { "Arch" : "PV64" },
"m1.medium" : { "Arch" : "PV64" },
"m1.large" : { "Arch" : "PV64" },
"m1.xlarge" : { "Arch" : "PV64" },
"m3.xlarge" : { "Arch" : "PV64" },
"m3.2xlarge" : { "Arch" : "PV64" },
"m2.xlarge" : { "Arch" : "PV64" },
"m2.2xlarge" : { "Arch" : "PV64" },
"m2.4xlarge" : { "Arch" : "PV64" },
"c1.medium" : { "Arch" : "PV64" },
"c1.xlarge" : { "Arch" : "PV64" },
"cc1.4xlarge" : { "Arch" : "CLU64" },
"cc2.8xlarge" : { "Arch" : "CLU64" },
"cg1.4xlarge" : { "Arch" : "GPU64" },
"hi1.4xlarge" : { "Arch" : "PV64" },
"hs1.8xlarge" : { "Arch" : "PV64" }
},
"AWSRegionArch2AMI" : {
"us-east-1" : { "PV64" : "ami-1624987f", "CLU64" : "ami-08249861", "GPU64" : "ami-02f54a6b" },
"us-west-2" : { "PV64" : "ami-2a31bf1a", "CLU64" : "ami-2431bf14", "GPU64" : "NOT_YET_SUPPORTED" },
"us-west-1" : { "PV64" : "ami-1bf9de5e", "CLU64" : "NOT_YET_SUPPORTED", "GPU64" : "NOT_YET_SUPPORTED" },
"eu-west-1" : { "PV64" : "ami-c37474b7", "CLU64" : "ami-d97474ad", "GPU64" : "ami-1b02026f" },
"ap-southeast-1" : { "PV64" : "ami-a6a7e7f4", "CLU64" : "NOT_YET_SUPPORTED", "GPU64" : "NOT_YET_SUPPORTED" },
"ap-southeast-2" : { "PV64" : "ami-bd990e87", "CLU64" : "NOT_YET_SUPPORTED", "GPU64" : "NOT_YET_SUPPORTED" },
"ap-northeast-1" : { "PV64" : "ami-4e6cd34f", "CLU64" : "NOT_YET_SUPPORTED", "GPU64" : "NOT_YET_SUPPORTED" },
"sa-east-1" : { "PV64" : "ami-1e08d103", "CLU64" : "NOT_YET_SUPPORTED", "GPU64" : "NOT_YET_SUPPORTED" }
}
},
"Resources" : {
"CacheCluster" : {
"Type": "AWS::ElastiCache::CacheCluster",
"Properties": {
"CacheNodeType" : { "Ref" : "CacheNodeType" },
"CacheSecurityGroupNames" : [ { "Ref" : "CacheSecurityGroup" } ],
"Engine" : "memcached",
"NumCacheNodes" : { "Ref" : "NumberOfCacheNodes" }
}
},
"CacheSecurityGroup": {
"Type": "AWS::ElastiCache::SecurityGroup",
"Properties": {
"Description" : "Lock cache down to Web Server access only"
}
},
"CacheSecurityGroupIngress": {
"Type": "AWS::ElastiCache::SecurityGroupIngress",
"Properties": {
"CacheSecurityGroupName" : { "Ref" : "CacheSecurityGroup" },
"EC2SecurityGroupName" : { "Ref" : "WebServerSecurityGroup" }
}
},
"WebServerSecurityGroup" : {
"Type" : "AWS::EC2::SecurityGroup",
"Properties" : {
"GroupDescription" : "Enable HTTP and SSH access",
"SecurityGroupIngress" : [
{"IpProtocol" : "tcp", "FromPort" : "22", "ToPort" : "22", "CidrIp" : { "Ref" : "SSHLocation"} },
{"IpProtocol" : "tcp", "FromPort" : "80", "ToPort" : "80", "CidrIp" : "0.0.0.0/0"}
]
}
},
"WebServerHost": {
"Type" : "AWS::EC2::Instance",
"Metadata" : {
"AWS::CloudFormation::Init" : {
"config" : {
"packages" : {
"yum" : {
"httpd" : [],
"gcc-c++" : [],
"php" : [],
"php-pear" : []
}
},
"files" : {
"/var/www/html/index.php" : {
"content" : { "Fn::Join" : ["", [
"<?php\n",
"echo '<h1>AWS CloudFormation sample application for Amazon ElastiCache</h1>';\n",
"\n",
"$server_endpoint = '", { "Fn::GetAtt" : [ "CacheCluster", "ConfigurationEndpoint.Address" ]}, "';\n",
"$server_port = ", { "Fn::GetAtt" : [ "CacheCluster", "ConfigurationEndpoint.Port" ]}, ";\n",
"\n",
"/**\n",
" * The following will initialize a Memcached client to utilize the Auto Discovery feature.\n",
" * \n",
" * By configuring the client with the Dynamic client mode with single endpoint, the\n",
" * client will periodically use the configuration endpoint to retrieve the current cache\n",
" * cluster configuration. This allows scaling the cache cluster up or down in number of nodes\n",
" * without requiring any changes to the PHP application. \n",
" */\n",
"\n",
"$dynamic_client = new Memcached();\n",
"$dynamic_client->setOption(Memcached::OPT_CLIENT_MODE, Memcached::DYNAMIC_CLIENT_MODE);\n",
"$dynamic_client->addServer($server_endpoint, $server_port);\n",
"\n",
"$tmp_object = new stdClass;\n",
"$tmp_object->str_attr = 'test';\n",
"$tmp_object->int_attr = 123;\n",
"\n",
"$dynamic_client->set('key', $tmp_object, 10) or die ('Failed to save data to the cache');\n",
"echo '<p>Store data in the cache (data will expire in 10 seconds)</p>';\n",
"\n",
"$get_result = $dynamic_client->get('key');\n",
"echo '<p>Data from the cache:<br/>';\n",
"\n",
"var_dump($get_result);\n",
"\n",
"echo '</p>';\n",
"?>\n"
]]},
"mode" : "000644",
"owner" : "apache",
"group" : "apache"
}
},
"commands" : {
"00_install_memcached_client" : {
"command" : "pecl install https://s3.amazonaws.com/elasticache-downloads/ClusterClient/PHP/latest-64bit"
},
"01_enable_auto_discovery" : {
"command" : "echo 'extension=amazon-elasticache-cluster-client.so' > /etc/php.d/memcached.ini"
}
},
"services" : {
"sysvinit" : {
"httpd" : { "enabled" : "true", "ensureRunning" : "true" },
"sendmail" : { "enabled" : "false", "ensureRunning" : "false" }
}
}
}
}
},
"Properties": {
"ImageId" : { "Fn::FindInMap" : [ "AWSRegionArch2AMI", { "Ref" : "AWS::Region" },
{ "Fn::FindInMap" : [ "AWSInstanceType2Arch", { "Ref" : "InstanceType" }, "Arch" ]}]},
"InstanceType" : { "Ref" : "InstanceType" },
"SecurityGroups" : [ {"Ref" : "WebServerSecurityGroup"} ],
"KeyName" : { "Ref" : "KeyName" },
"UserData" : { "Fn::Base64" : { "Fn::Join" : ["", [
"#!/bin/bash -v\n",
"yum update -y aws-cfn-bootstrap\n",
"# Setup the PHP sample application\n",
"/opt/aws/bin/cfn-init ",
" --stack ", { "Ref" : "AWS::StackName" },
" --resource WebServerHost ",
" --region ", { "Ref" : "AWS::Region" }, "\n",
"# Signal the status of cfn-init\n",
"/opt/aws/bin/cfn-signal -e $? '", { "Ref" : "WebServerWaitHandle" }, "'\n"
]]}}
}
},
"WebServerWaitHandle" : {
"Type" : "AWS::CloudFormation::WaitConditionHandle"
},
"WebServerWaitCondition" : {
"Type" : "AWS::CloudFormation::WaitCondition",
"DependsOn" : "WebServerHost",
"Properties" : {
"Handle" : {"Ref" : "WebServerWaitHandle"},
"Timeout" : "300"
}
}
},
"Outputs" : {
"WebsiteURL" : {
"Value" : { "Fn::Join" : ["", ["http://", { "Fn::GetAtt" : [ "WebServerHost", "PublicDnsName" ]} ]] },
"Description" : "Application URL"
}
}
}
cloudformation_templates/examples/RDS_MySQL_55_With_Tags.json deleted 100644 → 0
{
"AWSTemplateFormatVersion" : "2010-09-09",
"Description" : "AWS CloudFormation Sample Template RDS_MySQL_55_With_Tags: Sample template showing how to create an RDS DBInstance version 5.5 with tags and alarming on important metrics that indicate the health of the database **WARNING** This template creates an Amazon Relational Database Service database instance and Amazon CloudWatch alarms. You will be billed for the AWS resources used if you create a stack from this template.",
"Parameters": {
"DBName": {
"Default": "MyDatabase",
"Description" : "The database name",
"Type": "String",
"MinLength": "1",
"MaxLength": "64",
"AllowedPattern" : "[a-zA-Z][a-zA-Z0-9]*",
"ConstraintDescription" : "must begin with a letter and contain only alphanumeric characters."
},
"DBUser": {
"NoEcho": "true",
"Description" : "The database admin account username",
"Type": "String",
"MinLength": "1",
"MaxLength": "16",
"AllowedPattern" : "[a-zA-Z][a-zA-Z0-9]*",
"ConstraintDescription" : "must begin with a letter and contain only alphanumeric characters."
},
"DBPassword": {
"NoEcho": "true",
"Description" : "The database admin account password",
"Type": "String",
"MinLength": "1",
"MaxLength": "41",
"AllowedPattern" : "[a-zA-Z0-9]*",
"ConstraintDescription" : "must contain only alphanumeric characters."
},
"DBAllocatedStorage": {
"Default": "5",
"Description" : "The size of the database (Gb)",
"Type": "Number",
"MinValue": "5",
"MaxValue": "1024",
"ConstraintDescription" : "must be between 5 and 1024Gb."
},
"DBInstanceClass": {
"Default": "db.m1.small",
"Description" : "The database instance type",
"Type": "String",
"AllowedValues" : [ "db.m1.small", "db.m1.large", "db.m1.xlarge", "db.m2.xlarge", "db.m2.2xlarge", "db.m2.4xlarge" ],
"ConstraintDescription" : "must select a valid database instance type."
}
},
"Mappings" : {
"InstanceTypeMap" : {
"db.m1.small" : {
"CPULimit" : "60",
"FreeStorageSpaceLimit" : "1024",
"ReadIOPSLimit" : "100",
"WriteIOPSLimit" : "100"
},
"db.m1.large" : {
"CPULimit" : "60",
"FreeStorageSpaceLimit" : "1024",
"ReadIOPSLimit" : "100",
"WriteIOPSLimit" : "100"
},
"db.m1.xlarge" : {
"CPULimit" : "60",
"FreeStorageSpaceLimit" : "1024",
"ReadIOPSLimit" : "100",
"WriteIOPSLimit" : "100"
},
"db.m2.xlarge" : {
"CPULimit" : "60",
"FreeStorageSpaceLimit" : "1024",
"ReadIOPSLimit" : "100",
"WriteIOPSLimit" : "100"
},
"db.m2.2xlarge" : {
"CPULimit" : "60",
"FreeStorageSpaceLimit" : "1024",
"ReadIOPSLimit" : "100",
"WriteIOPSLimit" : "100"
},
"db.m2.4xlarge" : {
"CPULimit" : "60",
"FreeStorageSpaceLimit" : "1024",
"ReadIOPSLimit" : "100",
"WriteIOPSLimit" : "100"
}
}
},
"Resources" : {
"MyDB" : {
"Type" : "AWS::RDS::DBInstance",
"Properties" : {
"DBName" : { "Ref" : "DBName" },
"AllocatedStorage" : { "Ref" : "DBAllocatedStorage" },
"DBInstanceClass" : { "Ref" : "DBInstanceClass" },
"Engine" : "MySQL",
"EngineVersion" : "5.5",
"MasterUsername" : { "Ref" : "DBUser" },
"MasterUserPassword" : { "Ref" : "DBPassword" },
"Tags" : [{
"Key" : "Name",
"Value" : "My SQL Database"
}]
},
"DeletionPolicy" : "Snapshot"
}
},
"Outputs" : {
"JDBCConnectionString": {
"Description" : "JDBC connection string for database",
"Value" : { "Fn::Join": [ "", [ "jdbc:mysql://",
{ "Fn::GetAtt": [ "MyDB", "Endpoint.Address" ] },
":",
{ "Fn::GetAtt": [ "MyDB", "Endpoint.Port" ] },
"/",
{ "Ref": "DBName" }]]}
},
"DBAddress" : {
"Description" : "Address of database endpoint",
"Value" : { "Fn::GetAtt": [ "MyDB", "Endpoint.Address" ] }
},
"DBPort" : {
"Description" : "Database endpoint port number",
"Value" : { "Fn::GetAtt": [ "MyDB", "Endpoint.Port" ] }
}
}
}
git-hooks/post-checkout.in deleted 100755 → 0
#!/bin/sh
dir=`git rev-parse --show-toplevel`
if [ -z $dir ]; then
exit 1
fi
echo -n Setting up hooks from git-hooks..
$dir/util/sync_hooks.sh >/dev/null
if [ $? -eq 0 ]; then
echo . done.
else
exit 1
fi
git-hooks/pre-commit.in deleted 100755 → 0
#!/bin/sh
dir=`git rev-parse --show-toplevel`
if [ -z $dir ]; then
exit 1
fi
echo -n Checking JSON parses..
$dir/util/json_lint.sh
if [ $? -eq 0 ]; then
echo . it does!
else
exit 1
fi
playbooks/edx-east/mlapi_prod.yml deleted 100644 → 0
- hosts:
- tag_Group_mlapi_prod
vars_files:
- "{{ secure_dir }}/vars/mlapi_prod_vars.yml"
- "{{ secure_dir }}/vars/users.yml"
- "{{ secure_dir }}/vars/mlapi_prod_users.yml"
roles:
- discern
sudo: True
- hosts:
- tag_Group_mlapi-bastion_prod
- tag_Group_mlapi-rabbitmq_prod
vars_files:
- "{{ secure_dir }}/vars/mlapi_prod_vars.yml"
- "{{ secure_dir }}/vars/users.yml"
- "{{ secure_dir }}/vars/mlapi_prod_users.yml"
roles:
- common
sudo: True
playbooks/edx-east/mlapi_sandbox.yml deleted 100644 → 0
- hosts:
- tag_Group_mlapi_sandbox
vars_files:
- "{{ secure_dir }}/vars/mlapi_sandbox_vars.yml"
- "{{ secure_dir }}/vars/users.yml"
- "{{ secure_dir }}/vars/mlapi_sandbox_users.yml"
roles:
- discern
sudo: True
- hosts:
- tag_Group_mlapi-bastion_sandbox
- tag_Group_mlapi-rabbitmq_sandbox
vars_files:
- "{{ secure_dir }}/vars/mlapi_sandbox_vars.yml"
- "{{ secure_dir }}/vars/users.yml"
- "{{ secure_dir }}/vars/mlapi_sandbox_users.yml"
roles:
- common
sudo: True
playbooks/edx-east/mlapi_stage.yml deleted 100644 → 0
- hosts:
- tag_Group_mlapi_stage
vars_files:
- "{{ secure_dir }}/vars/mlapi_stage_vars.yml"
- "{{ secure_dir }}/vars/users.yml"
- "{{ secure_dir }}/vars/mlapi_stage_users.yml"
roles:
- discern
sudo: True
- hosts:
- tag_Group_mlapi-bastion_stage
- tag_Group_mlapi-rabbitmq_stage
vars_files:
- "{{ secure_dir }}/vars/mlapi_stage_vars.yml"
- "{{ secure_dir }}/vars/users.yml"
- "{{ secure_dir }}/vars/mlapi_stage_users.yml"
roles:
- common
sudo: True
playbooks/files/edx-server-ubuntu-configuration.json deleted 100644 → 0
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "Sample template to bring up an Edx Server. A WaitCondition is used to hold up the stack creation until the application is deployed. **WARNING** This template creates one or more Amazon EC2 instances. You will be billed for the AWS resources used if you create a stack from this template.",
"Parameters": {
"NameTag": {
"Type": "String",
"Description": "Name Tag"
},
"GroupTag": {
"Type": "String",
"Description": "Group Tag"
},
"KeyName": {
"Type": "String",
"Description" : "Name of an existing EC2 KeyPair to enable SSH access to the web server"
},
"InstanceType" : {
"Description" : "WebServer EC2 instance type",
"Type" : "String",
"Default" : "m1.small",
"AllowedValues" : [ "t1.micro","m1.small","m1.medium","m1.large","m1.xlarge","m2.xlarge","m2.2xlarge","m2.4xlarge","m3.xlarge","m3.2xlarge","c1.medium","c1.xlarge","cc1.4xlarge","cc2.8xlarge","cg1.4xlarge"],
"ConstraintDescription" : "must be a valid EC2 instance type."
},
"SSHLocation" : {
"Description" : "The IP address range that can be used to SSH to the EC2 instances",
"Type": "String",
"MinLength": "9",
"MaxLength": "18",
"Default": "0.0.0.0/0",
"AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})",
"ConstraintDescription": "must be a valid IP CIDR range of the form x.x.x.x/x."
}
},
"Mappings" : {
"AWSInstanceType2Arch" : {
"t1.micro" : { "Arch" : "64" },
"m1.small" : { "Arch" : "64" },
"m1.medium" : { "Arch" : "64" },
"m1.large" : { "Arch" : "64" },
"m1.xlarge" : { "Arch" : "64" },
"m2.xlarge" : { "Arch" : "64" },
"m2.2xlarge" : { "Arch" : "64" },
"m2.4xlarge" : { "Arch" : "64" },
"m3.xlarge" : { "Arch" : "64" },
"m3.2xlarge" : { "Arch" : "64" },
"c1.medium" : { "Arch" : "64" },
"c1.xlarge" : { "Arch" : "64" }
},
"AWSRegionArch2AMI" : {
"us-east-1" : { "32" : "ami-def89fb7", "64" : "ami-d0f89fb9" },
"us-west-1" : { "32" : "ami-fc002cb9", "64" : "ami-fe002cbb" },
"us-west-2" : { "32" : "ami-0ef96e3e", "64" : "ami-70f96e40" },
"eu-west-1" : { "32" : "ami-c27b6fb6", "64" : "ami-ce7b6fba" },
"sa-east-1" : { "32" : "ami-a1da00bc", "64" : "ami-a3da00be" },
"ap-southeast-1" : { "32" : "ami-66084734", "64" : "ami-64084736" },
"ap-southeast-2" : { "32" : "ami-06ea7a3c", "64" : "ami-04ea7a3e" },
"ap-northeast-1" : { "32" : "ami-fc6ceefd", "64" : "ami-fe6ceeff" }
}
},
"Resources" : {
"EdxServerUser" : {
"Type" : "AWS::IAM::User",
"Properties" : {
"Path": "/",
"Policies": [{
"PolicyName": "root",
"PolicyDocument": { "Statement":[{
"Effect":"Allow",
"Action": [
"cloudformation:DescribeStackResource",
"s3:Put"
],
"Resource":"*"
}]}
}]
}
},
"HostKeys" : {
"Type" : "AWS::IAM::AccessKey",
"Properties" : {
"UserName" : {"Ref": "EdxServerUser"}
}
},
"EdxServer": {
"Type": "AWS::EC2::Instance",
"Metadata" : {
"AWS::CloudFormation::Init" : {
"config" : {
"packages" : {
"apt" : {
"ruby" : [],
"ruby-dev" : [],
"libopenssl-ruby" : [],
"rdoc" : [],
"ri" : [],
"irb" : [],
"build-essential" : [],
"wget" : [],
"ssl-cert" : [],
"rubygems" : [],
"git" : [],
"s3cmd" : []
}
},
"files" : {
"/home/ubuntu/.s3cfg" : {
"content" : { "Fn::Join" : ["", [
"[default]\n",
"access_key = ", { "Ref" : "HostKeys" }, "\n",
"secret_key = ", {"Fn::GetAtt": ["HostKeys", "SecretAccessKey"]}, "\n",
"use_https = True\n"
]]},
"mode" : "000644",
"owner" : "ubuntu",
"group" : "ubuntu"
}
}
}
}
},
"Properties": {
"Tags" : [ {
"Key" : "Name",
"Value" :{ "Ref": "NameTag" }
},
{
"Key" : "Group",
"Value" : { "Ref": "GroupTag" }
}
],
"SecurityGroups": [ { "Ref": "EdxServerSecurityGroup" } ],
"ImageId": { "Fn::FindInMap": [ "AWSRegionArch2AMI", { "Ref": "AWS::Region" }, { "Fn::FindInMap": [ "AWSInstanceType2Arch", { "Ref": "InstanceType" }, "Arch" ] } ]
},
"UserData" : { "Fn::Base64" : { "Fn::Join" : ["", [
"#!/bin/bash\n",
"function error_exit\n",
"{\n",
" cfn-signal -e 1 -r \"$1\" '", { "Ref" : "EdxServerWaitHandle" }, "'\n",
" exit 1\n",
"}\n",
"apt-get update\n",
"apt-get -y install python-setuptools\n",
"echo \"Python Tools installed\" - `date` >> /home/ubuntu/cflog.txt\n",
"easy_install https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-latest.tar.gz\n",
"echo \"Cloudformation Boostrap installed \" - `date` >> /home/ubuntu/cflog.txt\n",
"cfn-init --region ", { "Ref" : "AWS::Region" },
" -s ", { "Ref" : "AWS::StackId" }, " -r EdxServer ",
" --access-key ", { "Ref" : "HostKeys" },
" --secret-key ", {"Fn::GetAtt": ["HostKeys", "SecretAccessKey"]}, " || error_exit 'Failed to run cfn-init'\n",
"echo \"cfn-init run \" - `date` >> /home/ubuntu/cflog.txt\n",
"# If all went well, signal success\n",
"cfn-signal -e $? -r 'Edx Server configuration' '", { "Ref" : "EdxServerWaitHandle" }, "'\n"
]]}},
"KeyName": { "Ref": "KeyName" },
"InstanceType": { "Ref": "InstanceType" }
}
},
"EdxServerSecurityGroup" : {
"Type" : "AWS::EC2::SecurityGroup",
"Properties" : {
"GroupDescription" : "Open up SSH access plus Edx Server required ports",
"SecurityGroupIngress" : [
{ "IpProtocol": "tcp", "FromPort": "22", "ToPort": "22", "CidrIp": { "Ref" : "SSHLocation"} },
{ "IpProtocol": "tcp", "FromPort": "4000", "ToPort": "4000", "SourceSecurityGroupName": { "Ref" :"EdxClientSecurityGroup" }},
{ "IpProtocol": "tcp", "FromPort": "4040", "ToPort": "4040", "CidrIp": "0.0.0.0/0"}
]
}
},
"EdxClientSecurityGroup" : {
"Type" : "AWS::EC2::SecurityGroup",
"Properties" : {
"GroupDescription" : "Group with access to Edx Server"
}
},
"EdxServerWaitHandle" : {
"Type" : "AWS::CloudFormation::WaitConditionHandle"
},
"EdxServerWaitCondition" : {
"Type" : "AWS::CloudFormation::WaitCondition",
"DependsOn" : "EdxServer",
"Properties" : {
"Handle" : { "Ref" : "EdxServerWaitHandle" },
"Timeout" : "1200"
}
}
},
"Outputs" : {
"EdxSecurityGroup" : {
"Description" : "EC2 Security Group with access to the Edx server",
"Value" : { "Ref" :"EdxClientSecurityGroup" }
}
}
}
playbooks/files/examples/EC2_Instance_With_Block_Device_Mapping.json deleted 100644 → 0
{
"AWSTemplateFormatVersion" : "2010-09-09",
"Description" : "AWS CloudFormation Sample Template EC2_Instance_With_Block_Device_Mapping: Example to show how to attach EBS volumes and modify the root device using EC2 block device mappings. **WARNING** This template creates an Amazon EC2 instance. You will be billed for the AWS resources used if you create a stack from this template.",
"Parameters" : {
"InstanceType" : {
"Description" : "WebServer EC2 instance type",
"Type" : "String",
"Default" : "m1.small",
"AllowedValues" : [ "t1.micro","m1.small","m1.medium","m1.large","m1.xlarge","m3.xlarge","m3.2xlarge","m2.xlarge","m2.2xlarge","m2.4xlarge","c1.medium","c1.xlarge","cc1.4xlarge","cc2.8xlarge","cg1.4xlarge","hi1.4xlarge","hs1.8xlarge"],
"ConstraintDescription" : "must be a valid EC2 instance type."
},
"KeyName" : {
"Description" : "Name of an existing EC2 KeyPair to enable SSH access to the web server",
"Type" : "String"
},
"SSHFrom": {
"Description": "Lockdown SSH access to the bastion host (default can be accessed from anywhere)",
"Type": "String",
"MinLength": "9",
"MaxLength": "18",
"Default": "0.0.0.0/0",
"AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})",
"ConstraintDescription": "must be a valid CIDR range of the form x.x.x.x/x."
}
},
"Mappings" : {
"AWSInstanceType2Arch" : {
"t1.micro" : { "Arch" : "PV64" },
"m1.small" : { "Arch" : "PV64" },
"m1.medium" : { "Arch" : "PV64" },
"m1.large" : { "Arch" : "PV64" },
"m1.xlarge" : { "Arch" : "PV64" },
"m3.xlarge" : { "Arch" : "PV64" },
"m3.2xlarge" : { "Arch" : "PV64" },
"m2.xlarge" : { "Arch" : "PV64" },
"m2.2xlarge" : { "Arch" : "PV64" },
"m2.4xlarge" : { "Arch" : "PV64" },
"c1.medium" : { "Arch" : "PV64" },
"c1.xlarge" : { "Arch" : "PV64" },
"cc1.4xlarge" : { "Arch" : "CLU64" },
"cc2.8xlarge" : { "Arch" : "CLU64" },
"cg1.4xlarge" : { "Arch" : "GPU64" },
"hi1.4xlarge" : { "Arch" : "PV64" },
"hs1.8xlarge" : { "Arch" : "PV64" }
},
"AWSRegionArch2AMI" : {
"us-east-1" : { "PV64" : "ami-3c994355", "CLU64" : "ami-08249861", "GPU64" : "ami-02f54a6b" },
"us-west-2" : { "PV64" : "ami-20800c10", "CLU64" : "ami-2431bf14", "GPU64" : "NOT_YET_SUPPORTED" },
"us-west-1" : { "PV64" : "ami-87712ac2", "CLU64" : "NOT_YET_SUPPORTED", "GPU64" : "NOT_YET_SUPPORTED" },
"eu-west-1" : { "PV64" : "ami-c37474b7", "CLU64" : "ami-d97474ad", "GPU64" : "ami-1b02026f" },
"ap-southeast-1" : { "PV64" : "ami-a6a7e7f4", "CLU64" : "NOT_YET_SUPPORTED", "GPU64" : "NOT_YET_SUPPORTED" },
"ap-southeast-2" : { "PV64" : "ami-bd990e87", "CLU64" : "NOT_YET_SUPPORTED", "GPU64" : "NOT_YET_SUPPORTED" },
"ap-northeast-1" : { "PV64" : "ami-4e6cd34f", "CLU64" : "NOT_YET_SUPPORTED", "GPU64" : "NOT_YET_SUPPORTED" },
"sa-east-1" : { "PV64" : "ami-1e08d103", "CLU64" : "NOT_YET_SUPPORTED", "GPU64" : "NOT_YET_SUPPORTED" }
}
},
"Resources" : {
"Ec2Instance" : {
"Type" : "AWS::EC2::Instance",
"Properties" : {
"ImageId" : { "Fn::FindInMap" : [ "AWSRegionArch2AMI", { "Ref" : "AWS::Region" },
{ "Fn::FindInMap" : [ "AWSInstanceType2Arch", { "Ref" : "InstanceType" }, "Arch" ] } ] },
"KeyName" : { "Ref" : "KeyName" },
"InstanceType" : { "Ref" : "InstanceType" },
"SecurityGroups" : [{ "Ref" : "Ec2SecurityGroup" }],
"BlockDeviceMappings" : [
{
"DeviceName" : "/dev/sda1",
"Ebs" : { "VolumeSize" : "50" }
},{
"DeviceName" : "/dev/sdm",
"Ebs" : { "VolumeSize" : "100" }
}
]
}
},
"Ec2SecurityGroup" : {
"Type" : "AWS::EC2::SecurityGroup",
"Properties" : {
"GroupDescription" : "HTTP and SSH access",
"SecurityGroupIngress" : [ {
"IpProtocol" : "tcp",
"FromPort" : "22", "ToPort" : "22",
"CidrIp" : { "Ref" : "SSHFrom" }
} ]
}
}
},
"Outputs" : {
"Instance" : {
"Value" : { "Fn::GetAtt" : [ "Ec2Instance", "PublicDnsName" ] },
"Description" : "DNS Name of the newly created EC2 instance"
}
}
}
playbooks/files/examples/ElastiCache.json deleted 100644 → 0
{
"AWSTemplateFormatVersion" : "2010-09-09",
"Description" : "AWS CloudFormation Sample Template ElastiCache: Sample template showing how to create an Amazon ElastiCache Cache Cluster with Auto Discovery and access it from a very simple PHP application. **WARNING** This template creates an Amazon Ec2 Instance and an Amazon ElastiCache Cluster. You will be billed for the AWS resources used if you create a stack from this template.",
"Parameters" : {
"KeyName" : {
"Description" : "Name of an existing Amazon EC2 KeyPair for SSH access to the Web Server",
"Type" : "String"
},
"InstanceType" : {
"Description" : "WebServer EC2 instance type",
"Type" : "String",
"Default" : "m1.small",
"AllowedValues" : [ "t1.micro","m1.small","m1.medium","m1.large","m1.xlarge", "m3.xlarge", "m3.2xlarge", "m2.xlarge","m2.2xlarge","m2.4xlarge","c1.medium","c1.xlarge","cc1.4xlarge","cc2.8xlarge","cg1.4xlarge", "hi1.4xlarge", "hs1.8xlarge"],
"ConstraintDescription" : "must be a valid EC2 instance type."
},
"CacheNodeType" : {
"Default" : "cache.m1.small",
"Description" : "The compute and memory capacity of the nodes in the Cache Cluster",
"Type" : "String",
"AllowedValues" : [ "cache.m1.small", "cache.m1.large", "cache.m1.xlarge", "cache.m2.xlarge", "cache.m2.2xlarge", "cache.m2.4xlarge", "cache.c1.xlarge" ],
"ConstraintDescription" : "must select a valid Cache Node type."
},
"NumberOfCacheNodes" : {
"Default": "1",
"Description" : "The number of Cache Nodes the Cache Cluster should have",
"Type": "Number",
"MinValue": "1",
"MaxValue": "10",
"ConstraintDescription" : "must be between 5 and 10."
},
"SSHLocation" : {
"Description" : "The IP address range that can be used to SSH to the EC2 instances",
"Type": "String",
"MinLength": "9",
"MaxLength": "18",
"Default": "0.0.0.0/0",
"AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})",
"ConstraintDescription": "must be a valid IP CIDR range of the form x.x.x.x/x."
}
},
"Mappings" : {
"AWSInstanceType2Arch" : {
"t1.micro" : { "Arch" : "PV64" },
"m1.small" : { "Arch" : "PV64" },
"m1.medium" : { "Arch" : "PV64" },
"m1.large" : { "Arch" : "PV64" },
"m1.xlarge" : { "Arch" : "PV64" },
"m3.xlarge" : { "Arch" : "PV64" },
"m3.2xlarge" : { "Arch" : "PV64" },
"m2.xlarge" : { "Arch" : "PV64" },
"m2.2xlarge" : { "Arch" : "PV64" },
"m2.4xlarge" : { "Arch" : "PV64" },
"c1.medium" : { "Arch" : "PV64" },
"c1.xlarge" : { "Arch" : "PV64" },
"cc1.4xlarge" : { "Arch" : "CLU64" },
"cc2.8xlarge" : { "Arch" : "CLU64" },
"cg1.4xlarge" : { "Arch" : "GPU64" },
"hi1.4xlarge" : { "Arch" : "PV64" },
"hs1.8xlarge" : { "Arch" : "PV64" }
},
"AWSRegionArch2AMI" : {
"us-east-1" : { "PV64" : "ami-1624987f", "CLU64" : "ami-08249861", "GPU64" : "ami-02f54a6b" },
"us-west-2" : { "PV64" : "ami-2a31bf1a", "CLU64" : "ami-2431bf14", "GPU64" : "NOT_YET_SUPPORTED" },
"us-west-1" : { "PV64" : "ami-1bf9de5e", "CLU64" : "NOT_YET_SUPPORTED", "GPU64" : "NOT_YET_SUPPORTED" },
"eu-west-1" : { "PV64" : "ami-c37474b7", "CLU64" : "ami-d97474ad", "GPU64" : "ami-1b02026f" },
"ap-southeast-1" : { "PV64" : "ami-a6a7e7f4", "CLU64" : "NOT_YET_SUPPORTED", "GPU64" : "NOT_YET_SUPPORTED" },
"ap-southeast-2" : { "PV64" : "ami-bd990e87", "CLU64" : "NOT_YET_SUPPORTED", "GPU64" : "NOT_YET_SUPPORTED" },
"ap-northeast-1" : { "PV64" : "ami-4e6cd34f", "CLU64" : "NOT_YET_SUPPORTED", "GPU64" : "NOT_YET_SUPPORTED" },
"sa-east-1" : { "PV64" : "ami-1e08d103", "CLU64" : "NOT_YET_SUPPORTED", "GPU64" : "NOT_YET_SUPPORTED" }
}
},
"Resources" : {
"CacheCluster" : {
"Type": "AWS::ElastiCache::CacheCluster",
"Properties": {
"CacheNodeType" : { "Ref" : "CacheNodeType" },
"CacheSecurityGroupNames" : [ { "Ref" : "CacheSecurityGroup" } ],
"Engine" : "memcached",
"NumCacheNodes" : { "Ref" : "NumberOfCacheNodes" }
}
},
"CacheSecurityGroup": {
"Type": "AWS::ElastiCache::SecurityGroup",
"Properties": {
"Description" : "Lock cache down to Web Server access only"
}
},
"CacheSecurityGroupIngress": {
"Type": "AWS::ElastiCache::SecurityGroupIngress",
"Properties": {
"CacheSecurityGroupName" : { "Ref" : "CacheSecurityGroup" },
"EC2SecurityGroupName" : { "Ref" : "WebServerSecurityGroup" }
}
},
"WebServerSecurityGroup" : {
"Type" : "AWS::EC2::SecurityGroup",
"Properties" : {
"GroupDescription" : "Enable HTTP and SSH access",
"SecurityGroupIngress" : [
{"IpProtocol" : "tcp", "FromPort" : "22", "ToPort" : "22", "CidrIp" : { "Ref" : "SSHLocation"} },
{"IpProtocol" : "tcp", "FromPort" : "80", "ToPort" : "80", "CidrIp" : "0.0.0.0/0"}
]
}
},
"WebServerHost": {
"Type" : "AWS::EC2::Instance",
"Metadata" : {
"AWS::CloudFormation::Init" : {
"config" : {
"packages" : {
"yum" : {
"httpd" : [],
"gcc-c++" : [],
"php" : [],
"php-pear" : []
}
},
"files" : {
"/var/www/html/index.php" : {
"content" : { "Fn::Join" : ["", [
"<?php\n",
"echo '<h1>AWS CloudFormation sample application for Amazon ElastiCache</h1>';\n",
"\n",
"$server_endpoint = '", { "Fn::GetAtt" : [ "CacheCluster", "ConfigurationEndpoint.Address" ]}, "';\n",
"$server_port = ", { "Fn::GetAtt" : [ "CacheCluster", "ConfigurationEndpoint.Port" ]}, ";\n",
"\n",
"/**\n",
" * The following will initialize a Memcached client to utilize the Auto Discovery feature.\n",
" * \n",
" * By configuring the client with the Dynamic client mode with single endpoint, the\n",
" * client will periodically use the configuration endpoint to retrieve the current cache\n",
" * cluster configuration. This allows scaling the cache cluster up or down in number of nodes\n",
" * without requiring any changes to the PHP application. \n",
" */\n",
"\n",
"$dynamic_client = new Memcached();\n",
"$dynamic_client->setOption(Memcached::OPT_CLIENT_MODE, Memcached::DYNAMIC_CLIENT_MODE);\n",
"$dynamic_client->addServer($server_endpoint, $server_port);\n",
"\n",
"$tmp_object = new stdClass;\n",
"$tmp_object->str_attr = 'test';\n",
"$tmp_object->int_attr = 123;\n",
"\n",
"$dynamic_client->set('key', $tmp_object, 10) or die ('Failed to save data to the cache');\n",
"echo '<p>Store data in the cache (data will expire in 10 seconds)</p>';\n",
"\n",
"$get_result = $dynamic_client->get('key');\n",
"echo '<p>Data from the cache:<br/>';\n",
"\n",
"var_dump($get_result);\n",
"\n",
"echo '</p>';\n",
"?>\n"
]]},
"mode" : "000644",
"owner" : "apache",
"group" : "apache"
}
},
"commands" : {
"00_install_memcached_client" : {
"command" : "pecl install https://s3.amazonaws.com/elasticache-downloads/ClusterClient/PHP/latest-64bit"
},
"01_enable_auto_discovery" : {
"command" : "echo 'extension=amazon-elasticache-cluster-client.so' > /etc/php.d/memcached.ini"
}
},
"services" : {
"sysvinit" : {
"httpd" : { "enabled" : "true", "ensureRunning" : "true" },
"sendmail" : { "enabled" : "false", "ensureRunning" : "false" }
}
}
}
}
},
"Properties": {
"ImageId" : { "Fn::FindInMap" : [ "AWSRegionArch2AMI", { "Ref" : "AWS::Region" },
{ "Fn::FindInMap" : [ "AWSInstanceType2Arch", { "Ref" : "InstanceType" }, "Arch" ]}]},
"InstanceType" : { "Ref" : "InstanceType" },
"SecurityGroups" : [ {"Ref" : "WebServerSecurityGroup"} ],
"KeyName" : { "Ref" : "KeyName" },
"UserData" : { "Fn::Base64" : { "Fn::Join" : ["", [
"#!/bin/bash -v\n",
"yum update -y aws-cfn-bootstrap\n",
"# Setup the PHP sample application\n",
"/opt/aws/bin/cfn-init ",
" --stack ", { "Ref" : "AWS::StackName" },
" --resource WebServerHost ",
" --region ", { "Ref" : "AWS::Region" }, "\n",
"# Signal the status of cfn-init\n",
"/opt/aws/bin/cfn-signal -e $? '", { "Ref" : "WebServerWaitHandle" }, "'\n"
]]}}
}
},
"WebServerWaitHandle" : {
"Type" : "AWS::CloudFormation::WaitConditionHandle"
},
"WebServerWaitCondition" : {
"Type" : "AWS::CloudFormation::WaitCondition",
"DependsOn" : "WebServerHost",
"Properties" : {
"Handle" : {"Ref" : "WebServerWaitHandle"},
"Timeout" : "300"
}
}
},
"Outputs" : {
"WebsiteURL" : {
"Value" : { "Fn::Join" : ["", ["http://", { "Fn::GetAtt" : [ "WebServerHost", "PublicDnsName" ]} ]] },
"Description" : "Application URL"
}
}
}
playbooks/files/examples/RDS_MySQL_55_With_Tags.json deleted 100644 → 0
{
"AWSTemplateFormatVersion" : "2010-09-09",
"Description" : "AWS CloudFormation Sample Template RDS_MySQL_55_With_Tags: Sample template showing how to create an RDS DBInstance version 5.5 with tags and alarming on important metrics that indicate the health of the database **WARNING** This template creates an Amazon Relational Database Service database instance and Amazon CloudWatch alarms. You will be billed for the AWS resources used if you create a stack from this template.",
"Parameters": {
"DBName": {
"Default": "MyDatabase",
"Description" : "The database name",
"Type": "String",
"MinLength": "1",
"MaxLength": "64",
"AllowedPattern" : "[a-zA-Z][a-zA-Z0-9]*",
"ConstraintDescription" : "must begin with a letter and contain only alphanumeric characters."
},
"DBUser": {
"NoEcho": "true",
"Description" : "The database admin account username",
"Type": "String",
"MinLength": "1",
"MaxLength": "16",
"AllowedPattern" : "[a-zA-Z][a-zA-Z0-9]*",
"ConstraintDescription" : "must begin with a letter and contain only alphanumeric characters."
},
"DBPassword": {
"NoEcho": "true",
"Description" : "The database admin account password",
"Type": "String",
"MinLength": "1",
"MaxLength": "41",
"AllowedPattern" : "[a-zA-Z0-9]*",
"ConstraintDescription" : "must contain only alphanumeric characters."
},
"DBAllocatedStorage": {
"Default": "5",
"Description" : "The size of the database (Gb)",
"Type": "Number",
"MinValue": "5",
"MaxValue": "1024",
"ConstraintDescription" : "must be between 5 and 1024Gb."
},
"DBInstanceClass": {
"Default": "db.m1.small",
"Description" : "The database instance type",
"Type": "String",
"AllowedValues" : [ "db.m1.small", "db.m1.large", "db.m1.xlarge", "db.m2.xlarge", "db.m2.2xlarge", "db.m2.4xlarge" ],
"ConstraintDescription" : "must select a valid database instance type."
}
},
"Mappings" : {
"InstanceTypeMap" : {
"db.m1.small" : {
"CPULimit" : "60",
"FreeStorageSpaceLimit" : "1024",
"ReadIOPSLimit" : "100",
"WriteIOPSLimit" : "100"
},
"db.m1.large" : {
"CPULimit" : "60",
"FreeStorageSpaceLimit" : "1024",
"ReadIOPSLimit" : "100",
"WriteIOPSLimit" : "100"
},
"db.m1.xlarge" : {
"CPULimit" : "60",
"FreeStorageSpaceLimit" : "1024",
"ReadIOPSLimit" : "100",
"WriteIOPSLimit" : "100"
},
"db.m2.xlarge" : {
"CPULimit" : "60",
"FreeStorageSpaceLimit" : "1024",
"ReadIOPSLimit" : "100",
"WriteIOPSLimit" : "100"
},
"db.m2.2xlarge" : {
"CPULimit" : "60",
"FreeStorageSpaceLimit" : "1024",
"ReadIOPSLimit" : "100",
"WriteIOPSLimit" : "100"
},
"db.m2.4xlarge" : {
"CPULimit" : "60",
"FreeStorageSpaceLimit" : "1024",
"ReadIOPSLimit" : "100",
"WriteIOPSLimit" : "100"
}
}
},
"Resources" : {
"MyDB" : {
"Type" : "AWS::RDS::DBInstance",
"Properties" : {
"DBName" : { "Ref" : "DBName" },
"AllocatedStorage" : { "Ref" : "DBAllocatedStorage" },
"DBInstanceClass" : { "Ref" : "DBInstanceClass" },
"Engine" : "MySQL",
"EngineVersion" : "5.5",
"MasterUsername" : { "Ref" : "DBUser" },
"MasterUserPassword" : { "Ref" : "DBPassword" },
"Tags" : [{
"Key" : "Name",
"Value" : "My SQL Database"
}]
},
"DeletionPolicy" : "Snapshot"
}
},
"Outputs" : {
"JDBCConnectionString": {
"Description" : "JDBC connection string for database",
"Value" : { "Fn::Join": [ "", [ "jdbc:mysql://",
{ "Fn::GetAtt": [ "MyDB", "Endpoint.Address" ] },
":",
{ "Fn::GetAtt": [ "MyDB", "Endpoint.Port" ] },
"/",
{ "Ref": "DBName" }]]}
},
"DBAddress" : {
"Description" : "Address of database endpoint",
"Value" : { "Fn::GetAtt": [ "MyDB", "Endpoint.Address" ] }
},
"DBPort" : {
"Description" : "Database endpoint port number",
"Value" : { "Fn::GetAtt": [ "MyDB", "Endpoint.Port" ] }
}
}
}
playbooks/group_vars/all deleted 100644 → 0
---
# these pathes are relative to the playbook dir
# directory for secret settings (keys, etc)
#
secure_dir: 'path/to/secure_example'
# this indicates the path to site-specific (with precedence)
# things like nginx template files
local_dir: 'path/to/ansible_local'
playbooks/secure_example/keys/frank.key deleted 100644 → 0
ssh-rsa ASFDG frank@somehost
ssh-rsa GHJKL frank@anotherhost
playbooks/secure_example/keys/joe.key deleted 100644 → 0
ssh-rsa ASFDG joe@somehost
ssh-rsa GHJKL joe@notherhost
playbooks/secure_example/vars/README.md deleted 100644 → 0
This is an example secure/ data which would normally have passwords and sensitive bits
playbooks/secure_example/vars/edx_jenkins_tests.yml deleted 100644 → 0
---
# override the default virtualenv for ora
ora_venv_dir: "/opt/wwc/virtualenvs/ora"
# ease and ora share the same virtualenv
ease_venv_dir: "/opt/wwc/virtualenvs/ora"
playbooks/secure_example/vars/edxapp_ref_custom_vars.yml deleted 100644 → 0
---
lms_auth_config:
'DATABASES':
'default': { 'ENGINE': 'custom',
'HOST': 'custom', 'NAME': 'custom',
'PASSWORD': 'custom', 'PORT': 0000,
'USER': 'custom'}
playbooks/secure_example/vars/edxapp_ref_users.yml deleted 100644 → 0
---
# these user lists cannot be merged
# because they are not hashes
env_users: []
env_keys: []
# administrator accounts, added to all roles
# The create_users role task automatically adds all these users to the
# 'adm' and 'edx' system groups
admin_users:
- user: joe
email: joe@example.com
groups:
# But at least one group must be defined
- adm
admin_keys:
- user: joe
path: "{{ secure_dir }}/keys/joe.key"
playbooks/secure_example/vars/edxapp_ref_vars.yml deleted 100644 → 0
---
#Use YAML references (& and *) and hash merge <<: to factor out shared settings
#see http://atechie.net/2009/07/merging-hashes-in-yaml-conf-files/
lms_auth_config: &lms_auth
'ANALYTICS_API_KEY': 'hidden-prod'
'AWS_ACCESS_KEY_ID': 'hidden-prod'
'AWS_SECRET_ACCESS_KEY': 'hidden-prod'
'CONTENTSTORE':
'ENGINE': 'xmodule.contentstore.mongo.MongoContentStore'
'OPTIONS':
'db': 'hidden-prod'
'host': [ 'hidden-prod', 'hidden-prod']
'password': 'hidden-prod'
'port': 0000
'user': 'hidden-prod'
'DATABASES':
'default': { 'ENGINE': 'hidden-prod',
'HOST': 'hidden-prod', 'NAME': 'hidden-prod',
'PASSWORD': 'hidden-prod', 'PORT': 0000,
'USER': 'hidden-prod'}
'MODULESTORE':
'default':
'ENGINE': 'xmodule.modulestore.mongo.MongoModuleStore'
'OPTIONS': &lms_modulestore_default_options
'collection': 'hidden-prod'
'db': 'hidden-prod'
'default_class': 'hidden-prod'
'fs_root': 'hidden-prod'
'host': [ 'hidden-prod', 'hidden-prod']
'password': 'hidden-prod'
'port': 0000
'render_template': 'hidden-prod'
'user': 'hidden-prod'
'OPEN_ENDED_GRADING_INTERFACE': { 'hidden-prod': 'hidden-prod',
'password': 'hidden-prod', 'hidden-prod': 'hidden-prod',
'staff_grading': 'hidden-prod', 'hidden-prod': 'hidden-prod',
'username': 'hidden-prod'}
'PEARSON_TEST_PASSWORD': 'hidden-prod'
'SECRET_KEY': 'hidden-prod'
'XQUEUE_INTERFACE':
'basic_auth': [ 'hidden-prod', 'hidden-prod']
'django_auth': { 'password': 'hidden-prod',
'username': 'hidden-prod'}
'url': 'hidden-prod'
lms_env_config: &lms_env
'CERT_QUEUE': 'certificates'
# 'COURSE_LISTINGS':
# 'default': ['MITx/6.002x/2012_Fall']
# 'stage-berkeley': [ 'BerkeleyX/CS169/fa12']
# 'stage-harvard': [ 'HarvardX/CS50/2012H']
# 'stage-mit': [ 'MITx/3.091/MIT_2012_Fall']
# 'stage-num': [ 'MITx/6.002x-NUM/2012_Fall_NUM']
# 'stage-sjsu': [ 'MITx/6.002x-EE98/2012_Fall_SJSU']
'LOCAL_LOGLEVEL': 'INFO'
# 'META_UNIVERSITIES':
# 'UTx': [ 'UTAustinX']
'MITX_FEATURES':
'AUTH_USE_OPENID_PROVIDER': true
'CERTIFICATES_ENABLED': true
'ENABLE_DISCUSSION_SERVICE': true
'ENABLE_INSTRUCTOR_ANALYTICS': true
'ENABLE_PEARSON_HACK_TEST': false
'SUBDOMAIN_BRANDING': false
'SUBDOMAIN_COURSE_LISTINGS': false
# 'SUBDOMAIN_BRANDING':
# 'stage-berkeley': 'BerkeleyX'
# 'stage-harvard': 'HarvardX'
# 'stage-mit': 'MITx'
# 'stage-num': 'MITx'
# 'stage-sjsu': 'MITx'
# 'VIRTUAL_UNIVERSITIES': []
'WIKI_ENABLED': true
'SYSLOG_SERVER': 'hidden-prod'
'SITE_NAME': 'hidden-prod'
'LOG_DIR': 'hidden-prod'
'MEDIA_URL': 'hidden-prod'
'BOOK_URL': 'hidden-prod'
'ANALYTICS_SERVER_URL': 'hidden-prod'
'DEFAULT_FROM_EMAIL': 'hidden-stage'
'DEFAULT_FEEDBACK_EMAIL': 'hidden-stage'
'ADMINS' :
- ['name', 'email']
'TIME_ZONE': 'America/New_York'
'CACHES': &lms_caches
'default':
'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache'
'KEY_FUNCTION': 'util.memcache.safe_key'
'KEY_PREFIX': 'hidden-prod'
'LOCATION': [ 'hidden-prod',
'hidden-prod']
'general':
'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache'
'KEY_FUNCTION': 'util.memcache.safe_key'
'KEY_PREFIX': 'hidden-prod'
'LOCATION': [ 'hidden-prod',
'hidden-prod']
'mongo_metadata_inheritance':
'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache'
'KEY_FUNCTION': 'util.memcache.safe_key'
'TIMEOUT': 300
'KEY_PREFIX': 'hidden-prod'
'LOCATION': [ 'hidden-prod',
'hidden-prod']
'staticfiles':
'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache'
'KEY_FUNCTION': 'util.memcache.safe_key'
'KEY_PREFIX': 'hidden-prod'
'LOCATION': [ 'hidden-prod',
'hidden-prod']
'COMMENTS_SERVICE_URL': 'hidden-prod'
'LOGGING_ENV': 'hidden-prod'
'SESSION_COOKIE_DOMAIN': 'hidden-prod'
'COMMENTS_SERVICE_KEY': 'hidden-prod'
cms_auth_config:
'AWS_ACCESS_KEY_ID': 'hidden-prod'
'AWS_SECRET_ACCESS_KEY': 'hidden-prod'
'CONTENTSTORE':
'ENGINE': 'xmodule.contentstore.mongo.MongoContentStore'
'OPTIONS':
'db': 'hidden-prod'
'host': [ 'hidden-prod', 'hidden-prod']
'password': 'hidden-prod'
'port': 0000
'user': 'hidden-prod'
'DATABASES':
'default': { 'ENGINE': 'hidden-prod',
'HOST': 'hidden-prod', 'NAME': 'hidden-prod',
'PASSWORD': 'hidden-prod', 'PORT': 0000,
'USER': 'hidden-prod'}
'MODULESTORE':
'default':
'ENGINE': 'xmodule.modulestore.mongo.DraftMongoModuleStore'
'OPTIONS':
'collection': 'hidden-prod'
'db': 'hidden-prod'
'default_class': 'hidden-prod'
'fs_root': 'hidden-prod'
'host': [ 'hidden-prod', 'hidden-prod']
'password': 'hidden-prod'
'port': 0000
'render_template': 'hidden-prod'
'user': 'hidden-prod'
'direct':
'ENGINE': 'xmodule.modulestore.mongo.MongoModuleStore'
'OPTIONS':
'collection': 'hidden-prod'
'db': 'hidden-prod'
'default_class': 'hidden-prod'
'fs_root': 'hidden-prod'
'host': [ 'hidden-prod', 'hidden-prod']
'password': 'hidden-prod'
'port': 0000
'render_template': 'hidden-prod'
'user': 'hidden-prod'
'SECRET_KEY': 'hidden-prod'
cms_env_config:
'CACHES':
'default':
'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache'
'KEY_FUNCTION': 'util.memcache.safe_key'
'KEY_PREFIX': 'cms.edx.org'
'LOCATION': [ "deploycache-large.foo-bar.amazonaws.com:11211" ]
'mongo_metadata_inheritance':
'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache'
'KEY_FUNCTION': 'util.memcache.safe_key'
'TIMEOUT': 300
'KEY_PREFIX': 'cms.edx.org'
'LOCATION': [ "deploycache-large.foo-bar.amazonaws.com:11211" ]
'staticfiles':
'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache'
'KEY_FUNCTION': 'util.memcache.safe_key'
'KEY_PREFIX': 'cms.edx.org'
'LOCATION': [ "deploycache-large.foo-bar.amazonaws.com:11211" ]
'general':
'KEY_PREFIX': 'hidden-prod'
'LOCATION': [ 'hidden-prod',
'hidden-prod']
'LOG_DIR': '{{ COMMON_LOG_DIR }}/edx'
'LOGGING_ENV': 'cms-dev'
'SITE_NAME': 'studio.cms-dev.m.edx.org'
'SYSLOG_SERVER': 'syslog.a.m.i4x.org'
'LMS_BASE': 'cms-dev.m.edx.org'
'SESSION_COOKIE_DOMAIN': '.cms-dev.m.edx.org'
'SEGMENT_IO_KEY': 'hidden-prod'
'MITX_FEATURES':
'DISABLE_COURSE_CREATION': false
'SEGMENT_IO': false
lms_preview_auth_config:
<<: *lms_auth
'MODULESTORE':
'default':
'ENGINE': 'xmodule.modulestore.mongo.DraftMongoModuleStore'
'OPTIONS': *lms_modulestore_default_options
lms_preview_env_config:
<<: *lms_env
'SITE_NAME': 'preview.class.stanford.edu'
'COMMENTS_SERVICE_KEY': false
'CACHES':
<<: *lms_caches
'general':
'BACKEND' : 'django.core.cache.backends.memcached.MemcachedCache'
'KEY_PREFIX': 'preview.edx.org'
'KEY_FUNCTION': 'util.memcache.safe_key'
'LOCATION': [ 'vpc-974dbeff-cache.oyg26r.0001.usw1.cache.amazonaws.com:12345',
'vpc-974dbeff-cache.oyg26r.0002.usw1.cache.amazonaws.com:12345' ]
playbooks/secure_example/vars/gerrit.yml deleted 100644 → 0
---
gerrit_github_client_id: alskdjdfkjasdjfsdlfkj
gerrit_github_client_secret: 0938908450deffaaa87665a555a6fc6de5777f77f
gerrit_db_hostname: somedb.88374jhyehf.us-east-1.rds.amazonaws.com
gerrit_db_admin_username: adminuser
gerrit_db_admin_password: adminpassword
gerrit_db_password: gerrituserpassword
gerrit_artifact_s3_bucket:
name: some-s3-bucket
aws_access_key_id: "{{ lookup('env', 'AWS_ACCESS_KEY_ID') }}"
aws_secret_access_key: "{{ lookup('env', 'AWS_SECRET_ACCESS_KEY') }}"
gerrit_hostname: "gerrit.example.com"
gerrit_smtp_enabled: false
gerrit_email: gerrit@example.com
gerrit_smtp_server: smtp.example.com
gerrit_smtp_encryption: none
gerrit_smtp_user: someuser
gerrit_smtp_pass: somepassword
playbooks/util/elb_reg.py deleted 100755 → 0
#!/usr/bin/env python
from argparse import ArgumentParser
import time
import boto
def await_elb_instance_state(lb, instance_id, awaited_state):
"""blocks until the ELB reports awaited_state
for instance_id.
lb = loadbalancer object
instance_id : instance_id (string)
awaited_state : state to poll for (string)"""
start_time = time.time()
while True:
state = lb.get_instance_health([instance_id])[0].state
if state == awaited_state:
print "Load Balancer {lb} is in awaited state " \
"{awaited_state}, proceeding.".format(
lb=lb.dns_name,
awaited_state=awaited_state)
break
else:
print "Checking again in 2 seconds. Elapsed time: {0}".format(
time.time() - start_time)
time.sleep(2)
def deregister():
"""Deregister the instance from all ELBs and wait for the ELB
to report them out-of-service"""
for lb in active_lbs:
lb.deregister_instances([args.instance])
await_elb_instance_state(lb, args.instance, 'OutOfService')
def register():
"""Register the instance for all ELBs and wait for the ELB
to report them in-service"""
for lb in active_lbs:
lb.register_instances([args.instance])
await_elb_instance_state(lb, args.instance, 'InService')
def parse_args():
parser = ArgumentParser()
subparsers = parser.add_subparsers(dest="sp_action")
subparsers.add_parser('register', help='register an instance')
subparsers.add_parser('deregister', help='deregister an instance')
parser.add_argument('-e', '--elbs', required=True,
help="Comma separated list of ELB names")
parser.add_argument('-i', '--instance', required=True,
help="Single instance to operate on")
return parser.parse_args()
if __name__ == '__main__':
args = parse_args()
elb = boto.connect_elb()
elbs = elb.get_all_load_balancers()
active_lbs = sorted(
lb
for lb in elbs
if lb.name in args.elbs.split(','))
print "ELB : " + str(args.elbs.split(','))
print "Instance: " + str(args.instance)
if args.sp_action == 'deregister':
print "Deregistering an instance"
deregister()
elif args.sp_action == 'register':
print "Registering an instance"
register()
playbooks/util/github_oauth_token.py deleted 100755 → 0
#!/usr/bin/env python
"""
Generate a GitHub OAuth token with a particular
set of permissions.
Usage:
github_oauth_token.py USERNAME PASSWORD [SCOPE ...]
Example:
github_oauth_token.py jenkins_user repo:status public_repo
This will prompt the user for the password.
"""
import sys
import requests
import json
import getpass
from textwrap import dedent
USAGE = "Usage: {0} USERNAME NOTE [SCOPE ...]"
def parse_args(arg_list):
"""
Return a dict of the command line arguments.
Prints an error message and exits if the arguments are invalid.
"""
if len(arg_list) < 4:
print USAGE.format(arg_list[0])
exit(1)
# Prompt for the password
password = getpass.getpass()
return {
'username': arg_list[1],
'password': password,
'note': arg_list[2],
'scopes': arg_list[3:],
}
def get_oauth_token(username, password, scopes, note):
"""
Create a GitHub OAuth token with the given scopes.
If unsuccessful, print an error message and exit.
Returns a tuple `(token, scopes)`
"""
params = {'scopes': scopes, 'note': note}
response = response = requests.post(
'https://api.github.com/authorizations',
data=json.dumps(params),
auth=(username, password)
)
if response.status_code != 201:
print dedent("""
Could not create OAuth token.
HTTP status code: {0}
Content: {1}
""".format(response.status_code, response.text)).strip()
exit(1)
try:
token_data = response.json()
return token_data['token'], token_data['scopes']
except TypeError:
print "Could not parse response data."
exit(1)
except KeyError:
print "Could not retrieve data from response."
exit(1)
def main():
arg_dict = parse_args(sys.argv)
token, scopes = get_oauth_token(
arg_dict['username'], arg_dict['password'],
arg_dict['scopes'], arg_dict['note']
)
print "Token: {0}".format(token)
print "Scopes: {0}".format(", ".join(scopes))
if __name__ == "__main__":
main()
util/sync_hooks.sh deleted 100755 → 0
#!/bin/bash
# A small utility to symlink the files from git-hooks/ with filenames ending
# like .in into the directory .git/hooks/
#
# It's intended this be run once near the start of a project by hand, and then
# subsequently a hook that it installs keeps it running at project checkouts.
# Save current directory so we can come back; change to repo root
STARTED_FROM=`pwd`
cd $(git rev-parse --show-toplevel)
# Sync git-hooks directory entries into .git/hooks/
for file in git-hooks/*.in; do
filepart=`basename $file .in`
if [ -e .git/hooks/$filepart -a ! -L .git/hooks/$filepart ]; then
echo ".git/hooks/$filepart not link-managed; bailing..."
echo "please examine your .git/hooks/ directory and repair inconsistencies manually"
cd $STARTED_FROM
exit 1
else
ln -v -s -f `pwd`/$file .git/hooks/$filepart
fi
done
# Ok, everything went well; restore previous context
cd $STARTED_FROM
exit 0
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment