Permalink
Switch branches/tags
Nothing to show
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
124 lines (123 sloc) 4.7 KB
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "CoreOS on EC2: http://coreos.com/docs/running-coreos/cloud-providers/ec2/",
"Mappings" : {
"RegionMap" : {
"us-east-1" : {
"AMI" : "ami-eeefb886"
}
}
},
"Parameters": {
"InstanceType" : {
"Description" : "EC2 PV instance type (m3.medium, etc).",
"Type" : "String",
"Default" : "m3.medium",
"ConstraintDescription" : "Must be a valid EC2 PV instance type."
},
"ClusterSize": {
"Default": "3",
"MinValue": "3",
"MaxValue": "3",
"Description": "Number of nodes in cluster (3-12).",
"Type": "Number"
},
"DiscoveryURL": {
"Description": "An unique etcd cluster discovery URL. Grab a new token from https://discovery.etcd.io/new",
"Type": "String"
},
"AdvertisedIPAddress": {
"Description": "Use 'private' if your etcd cluster is within one region or 'public' if it spans regions or cloud providers.",
"Default": "private",
"AllowedValues": ["private", "public"],
"Type": "String"
},
"KeyPair" : {
"Description" : "The name of an EC2 Key Pair to allow SSH access to the instance.",
"Type" : "String"
}
},
"Resources": {
"CoreOSSecurityGroup": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"GroupDescription": "CoreOS SecurityGroup",
"VpcId": "vpc-73ea7218",
"SecurityGroupIngress": [
{"IpProtocol": "tcp", "FromPort": "22", "ToPort": "22", "CidrIp": "0.0.0.0/0"},
{"IpProtocol": "tcp", "FromPort": "4001", "ToPort": "4001", "CidrIp": "0.0.0.0/0"},
{"IpProtocol": "tcp", "FromPort": "7001", "ToPort": "7001", "CidrIp": "0.0.0.0/0"},
{"IpProtocol": "tcp", "FromPort": "80", "ToPort": "80", "CidrIp": "0.0.0.0/0"},
{"IpProtocol": "tcp", "FromPort": "443", "ToPort": "443", "CidrIp": "0.0.0.0/0"},
]
}
},
"CoreOSServerAutoScale": {
"Type": "AWS::AutoScaling::AutoScalingGroup",
"Properties": {
"AvailabilityZones": [ "us-east-1c", "us-east-1d", "us-east-1e" ],
"LaunchConfigurationName": {"Ref": "CoreOSServerLaunchConfig"},
"MinSize": "3",
"MaxSize": "3",
"DesiredCapacity": {"Ref": "ClusterSize"},
"VPCZoneIdentifier": [ "<< subnet 1 >>", "<< subnet 2 >>", "<< subnet 3 >>" ],
"Tags": [
{"Key": "Name", "Value": { "Ref" : "AWS::StackName" }, "PropagateAtLaunch": true}
]
}
},
"CoreOSServerLaunchConfig": {
"Type": "AWS::AutoScaling::LaunchConfiguration",
"Properties": {
"ImageId" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "AMI" ]},
"InstanceType": {"Ref": "InstanceType"},
"KeyName": {"Ref": "KeyPair"},
"SecurityGroups": [{"Ref": "CoreOSSecurityGroup"}, "sg-8c0ca7e8"],
"IamInstanceProfile": "devops-infra",
"UserData" : { "Fn::Base64":
{ "Fn::Join": [ "", [
"#cloud-config\n\n",
"coreos:\n",
" fleet:\n",
" metadata: role=service,access=private\n",
" etcd_servers: \"http://<< etcd1 ip >>:4001,http://<< etcd2 ip >>:4001,http://<< etcd3 ip >>:4001\"\n",
" units:\n",
" - name: etcd.service\n",
" command: start\n",
" - name: fleet.service\n",
" command: start\n",
" - name: docker-tcp.socket\n",
" command: start\n",
" enable: true\n",
" content: |\n",
" [Unit]\n",
" Description=Docker Socket for the API\n",
" [Socket]\n",
" ListenStream=2375\n",
" BindIPv6Only=both\n",
" Service=docker.service\n",
" [Install]\n",
" WantedBy=sockets.target\n",
"write_files:\n",
" - path: /etc/profile.d/etcdctl.sh\n",
" permissions: 0644\n",
" owner: core\n",
" content: |\n",
" export ETCDCTL_PEERS=\"http://<< etcd1 ip >>:4001,http://<< etcd2 ip >>:4001,http://<< etcd3 ip >>:4001\"\n",
" - path: /etc/profile.d/fleetctl.sh\n",
" permissions: 0644\n",
" owner: core\n",
" content: |\n",
" export FLEETCTL_ENDPOINT=/var/run/fleet.sock\n",
" export FLEETCTL_EXPERIMENTAL_API=true\n",
" - path: /etc/systemd/system/docker.service.d/50-insecure-registry.conf\n",
" content: |\n",
" [Service]\n",
" Environment=DOCKER_OPTS='--insecure-registry=\"registry.yourdomain.com\"'\n"
] ]
}
}
}
}
}
}