Ask Your Question
1

Provisioning AWS instances in a master-agent setup

asked 2015-08-18 22:56:17 -0500

delio gravatar image

I am interested in using the puppetlabs-aws module to define all of our EC2/RDS/etc instances. From the puppetlabs-aws examples, it looks like I just need to define a series of resources like this:

ec2_instance { 'my_web_server':
    ...
}

rds_instance { 'my_db_server':
    ...
}

But there is one fundamental concept I don't understand: In all of the examples I can find, they write a simple manifest like above and then manually apply them:

puppet apply create.pp --test

But how would this work in a master-agent setup? Do I need to put all of these AWS resource definitions inside of some node which is responsible for actually creating the AWS instances, and then have separate node definitions for configuring each AWS instance, like this?

node 'my_aws_controller' {

    ec2_instance { 'my_web_server':
        ...
    }
    rds_instance { 'my_db_server':
        ...
    }

}

node 'my_web_server': {
    class { 'nginx': }
    ...
}

Or is there some better way to do this?

edit retag flag offensive close merge delete

2 Answers

Sort by ยป oldest newest most voted
1

answered 2015-08-24 06:20:37 -0500

aharden gravatar image

I'm developing Puppet classes that implement an AWS "arbiter" and defined types for EC2 & RDS instances that wrap around the puppetlabs/aws resources. The intent is for the arbiter to be an EC2 instance running in the AWS availability zone where resources are to be managed; it's assigned an IAM role that grants it admin permissions for the resources required.

My current arbiter is just a t2.micro Linux instance classified with the prerequisites specified in the AWS module docs:

# install required ruby gems for Puppetlabs/aws
package { ['aws-sdk-core','retries']:
  ensure   => present,
  provider => 'pe_gem',
}

For defining the classes that manage AWS infrastructure (which are assigned to the arbiter) I'm experimenting with a "stacks & blocks" paradigm that mirrors the roles & profiles pattern. In the blocks are resource definitions for infrastructure requirements; stacks include all the blocks required to implement an application. Stacks are the classes assigned to the arbiter. It's an attempt to control dependencies in the same way that roles & profiles does, but in a separate way since some roles may depend on stacks.

The only quirk I've found so far is that the stacks assigned to the arbiter always result in "change" status during agent runs if it successfully deployed the stack, even after the managed AWS resources have been created and are running.

edit flag offensive delete link more
1

answered 2015-08-21 09:56:54 -0500

slk gravatar image

From what I've seen/read/heard you need a 'middle man' server to do this.

edit flag offensive delete link more

Comments

you can make you puppet master the 'middleman' server if you want it unified. if you have several environments (dev,test,uat,prod) you would need separate instances with that role.

DarylW gravatar imageDarylW ( 2016-03-05 09:44:27 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

2 followers

Stats

Asked: 2015-08-18 22:56:17 -0500

Seen: 293 times

Last updated: Aug 24 '15