Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Newer
Older
100644 130 lines (101 sloc) 4.563 kb
242f2c0 @jnewland docs
jnewland authored
1 Chef Helpers
2 ============
3
4 This cookbook handles configuring Elastic Load Balancers at AWS
5
6 Installation
7 ------------
8
9 The easiest way to install this is to use [knife-github-cookbooks](https://github.com/websterclay/knife-github-cookbooks):
10
11 gem install knife-github-cookbooks
12 knife github cookbook install websterclay/chef-elb
13
14 Usage
15 -----
16
17 This cookbook is designed to be run on a single node in your infrastructure. I
18 have a role called the 'rooster' I assign to one node to coordinate AWS API
19 calls based on the presence of other nodes.
20
21 Put `recipe[elb]` in the runlist of your coordinating node to install the
22 required dependeicnes on that node. Then, in a recipe also in that node's
23 runlist:
24
25 # Load your AWS credentials databag
26 aws = data_bag_item("aws", "main")
27
28 elb_load_balancer "http-frontend" do
29 aws_access_key aws['aws_access_key_id']
30 aws_secret_access_key aws['aws_secret_access_key']
31 search_query "role:app"
32 action :create
33 end
34
35 This will automatically create a Elastic Load Balancer that listens on port
36 80 and forwards requests to all servers that match the specified search on
37 port 80. You can change those defaults by specifying the `listeners`
38 attribute:
39
40 elb_load_balancer "http-frontend" do
41 aws_access_key aws['aws_access_key_id']
42 aws_secret_access_key aws['aws_secret_access_key']
43 search_query "role:app"
44 listeners [{"InstancePort" => 8080, "Protocol" => "HTTP", "LoadBalancerPort" => 80}]
45 action :create
46 end
47
48 You can also specify the `region` attribute to change what region the ELB is
49 created in, or specify the `instances` manually if you don't want to use a
50 search:
51
52 elb_load_balancer "ap-tcp-frontend" do
53 aws_access_key aws['aws_access_key_id']
54 aws_secret_access_key aws['aws_secret_access_key']
55 instances ['i-xxxxx', 'i-xxxxx']
56 region 'ap-southeast-1'
57 listeners [{"InstancePort" => 1234, "Protocol" => "TCP", "LoadBalancerPort" => 1234}]
58 action :create
59 end
60
61 You can also do SSL, but it's a little funky.
62
63 First, you have to [upload your cert](http://docs.amazonwebservices.com/ElasticLoadBalancing/latest/DeveloperGuide/index.html?US_SettingUpLoadBalancerHTTPSIntegrated.html).
64
65 Then setup your listeners array like so:
66
67 elb_load_balancer "http-and-https" do
68 aws_access_key aws['aws_access_key_id']
69 aws_secret_access_key aws['aws_secret_access_key']
70 search_query "chef_environment:#{node.chef_environment} AND role:my_ssl_app"
71 listeners [
72 {
73 "InstancePort" => 80,
74 "Protocol" => "HTTP",
75 "LoadBalancerPort" => 80
76 },
77 {
78 "InstancePort" => 80,
79 "Protocol" => "HTTPS",
80 "LoadBalancerPort" => 443,
81 "SSLCertificateId" => "arn:aws:iam::xxxxxxxx:server-certificate/YourCertName"
82 }
83 ]
84 action :create
85 end
86
87 This resource can't [update the
88 cert](http://docs.amazonwebservices.com/ElasticLoadBalancing/latest/DeveloperGuide/index.html?US_UpdatingLoadBalancerSSL.html)
89 ID for you yet because of missing support in Fog - it will only do that on ELB
90 creation, but you should update it to reflect reality.
91
92 Caveats
93 -------
94
95 The cookbook automates determining what availability zones your instances are
96 in and automatically registers the instances. ELB's distribute traffic equally
97 between all enabled Availibity Zones. It's up to you to confirm that your
98 instance distribution is equal if you have instances on more than one AZ.
99
100 Resources
101 ---------
102
103 [ELB Docs](http://aws.amazon.com/documentation/elasticloadbalancing/)
104
105 Author
106 ------
107
108 Jesse Newland
109 jesse@websterclay.com
110 @jnewland
111 jnewland on freenode
112
113 License
114 -------
115
116 Author:: Jesse Newland (<jesse@websterclay.com>)
117 Copyright:: Copyright (c) 2011 Webster Clay, LLC
118 License:: Apache License, Version 2.0
119
120 Licensed under the Apache License, Version 2.0 (the "License");
121 you may not use this file except in compliance with the License.
122 You may obtain a copy of the License at
123
124 http://www.apache.org/licenses/LICENSE-2.0
125
126 Unless required by applicable law or agreed to in writing, software
127 distributed under the License is distributed on an "AS IS" BASIS,
128 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
129 See the License for the specific language governing permissions and
130 limitations under the License.
Something went wrong with that request. Please try again.