chef_cfn Cookbook

This cookbook provides tools which aid in the integration of Chef and AWS, specifically with CloudFormation.

Todo

This cookbook will shortly be undergoing a refactor and cleanup

Requirements

Cookbooks:

chef_handler
python
ohai

Attributes

Feature Flags

The recipes included within default.rb my be selectively enabled by toggling the appropriate feature flags.

Attribute	Description	Default
`node['cfn']['recipes']['awslogs']`	Install the cloudwatch logs daemon named awslogs	`false`
`node['cfn']['recipes']['cloudinit']`	Configure a stripped down cloud-init to speed up cloud instance startup time	`false`
`node['cfn']['recipes']['coudwatch']`	Install a cloudwatch event handler to report chef runs back to cloudwatch events.	`true`
`node['cfn']['recipes']['handler']`	Deprecated Install a cfn-init chef handler which will report chef-run success to cloudformatin.	`true`
`node['cfn']['recipes']['mounts']`	Format and mount volumes based on metadata provided in cloudformation	`true`
`node['cfn']['recipes']['ohai']`	Install an ohai plugin to fetch instance, stack and metadata from ec2.	`true`
`node['cfn']['recipes']['shutdown']`	Deprecated Install a service which will delete the chef client and node on shutdown	`true`
`node['cfn']['recipes']['tools']`	Install the cfn-init and cfn-signal tools	`true`

Ohai Attributes

Attribute	Description	Default
`node['cfn']['vpc']`	Informaiton related to the VPC	`{}`
`node['cfn']['tags']`	Hash of the EC2 instance tags	`{}`
`node['cfn']['stack']`	Hash of Cloudformation stack parameters	`{}`
`node['cfn']['properties']`	Hash of arbitrary metadata provided in cloudformation	`{}`

Recipes

chef_cfn::default

Installs dependencies and includes additional recipes based on feature flags.

chef_cfn::awslogs

Install and configure the cloudwatch logs service

chef_cfn::cloudinit

Configure cloud-init in a more stripped down ec2-specific way. This recipe is mostly of use when packaging AMIs with Packer.

chef_cfn::handler

Install the CFN handler to callback to cloudformation on stack updates. Although this is still here, you'd likely be better off simply calling cfn-signal directly from user-data.

chef_cfn::knife

(optional) Provides a basic knife.rb

chef_cfn::ohai

Installs the aws-sdk chef_gem as well as the ohai[cfn] plugin. When this runs, it will populate the properties, stack, tags and vpc attribute hashes under the node['cfn'] namespace which may then be used to report signals with the signal handler.

In addition, the properties hash will be merged, and potentially overriden, by any hints set in the cfn hint.

Required IAM policies

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "Stmt1434370036000",
            "Effect": "Allow",
            "Action": [
                "cloudformation:DescribeStackResource",
                "ec2:DescribeInstances"
            ],
            "Resource": [
                "*"
            ]
        }
    ]
}

chef_cfn::handler

Installs a handler to signal cloudformation of the success or failure of the chef run. When used with either Creation or Update profiles in cloudformation, we can ensure that only nodes with valid chef runs are considered healthy.

This may be disabled by setting node.cfn.tools.signal_cloudformation.

Required IAM policies

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "Stmt1434370036000",
            "Effect": "Allow",
            "Action": [
                "cloudformation:SignalResource",
            ],
            "Resource": [
                "*"
            ]
        }
    ]
}

Example Cloudformation

{
  "AutoScailingGroup": {
    "CreationPolicy": {
      "ResourceSignal": {
        "Count": 1,
        "Timeout": "PT10M"
      }
    },
    "UpdatePolicy": {
      "AutoScalingRollingUpdate": {
        "WaitOnResourceSignals": "true"
      }
    }
  }
}

chef_cfn::mounts

Mounts cloudformation defined volumes.

Please take note that this recipe assumes that cloudformation was responsible to creating and managing the volumes, not chef. As such, all block devices must exist prior to attempting to mount them.

Example Cloudformation Attributes

{
  "AutoScailingGroup": {
    "Metadata": {
      "Mounts": {
        "xvdb3": {
          "mount_point": "/var/log",
          "mount_options": "",
          "filesystem": ""
        }
      }
    }
  }
}

chef_cfn::tools

Installs cloudformation cfn-init tools such as :

cfn-init
cfn-hup: Periodic polling of cloudformation resource metadata to determine when triggered actions should run.

chef_cfn::shutdown

Installs a service which will delete the node when the instance shuts down.

Resources

chef_cfn_signal

Provides an interface to trigger cloudformation signals from within recipes. This is designed to be used with cloudformation WaitConditions.

Actions

signal: Default action

Attribute Parameters

url: Url of the resource or WaitHandler to signal
unique_id: Unique id of the notification
data: Defaults to "".
success: Defaults to true.
reason: Defaults to "Chef triggered signal from resource".
once: Defaults to true.

Ohai Plugins

CFN

Fetches instance attributes from Cloudformation:DescribeResource as well as EC2:DescribeInstances.

License and Author

Author:: Jonathan Serafini ([email protected])

License:: Apache 2.0

ordinaryexperts / chef-cfn Goto Github PK

chef-cfn's Introduction

chef_cfn Cookbook

Todo

Requirements

Cookbooks:

Attributes

Feature Flags

Ohai Attributes

Recipes

chef_cfn::default

chef_cfn::awslogs

chef_cfn::cloudinit

chef_cfn::handler

chef_cfn::knife

chef_cfn::ohai

Required IAM policies

chef_cfn::handler

Required IAM policies

Example Cloudformation

chef_cfn::mounts

Example Cloudformation Attributes

chef_cfn::tools

chef_cfn::shutdown

Resources

chef_cfn_signal

Actions

Attribute Parameters

Ohai Plugins

CFN

License and Author

chef-cfn's People

Contributors

Watchers

Recommend Projects

Recommend Topics

Recommend Org

Jobs