Add the base2 cookbook to your berksfile and include the default recipe
include_recipe "base2::default"
default['system']['timezone'] - Country/City, as per /usr/share/zoneinfo default['common']['packages'] - Default packages to install.
Suported OS: Linux
Auto discovery of EC2 Tags to generate chef override.json and triggers chef
Add into userdata
/opt/base2/bin/ec2-bootstrap <AWS::Region> <AWS::AccountId>
Suported OS: Windows
Auto discovery of EC2 Tags to generate chef override.json and triggers chef
Call from userdata in cloudformation
C:/base2/bin/EC2-Bootstrap.ps1
Suported OS: Linux
Auto discovery of all EC2 instances based of the Environment tag and displays to the user Name, IP address and InstanceId
manually execute the file on the host or build in to your motd to see it when you log on.
Suported OS: Linux, Windows
Retrieve encrypted secrets in AWS SSM Parameter store and add into chef override.json
Requires a tag SSMParameters
set to true
on the EC2 instance for the bootstrap to run the script.
Create your SSM parameters using your favourite method
The SSM Parameter naming convention is as follows default..base2..app..SECRET
- Delimiter
..
Separates each section of the Name
- Environment or Global Identifier (First section of name)
default
is a global identifier allowing this secret to be used across all environments for a given AWS accountenvironment
is a environment specific Parameter that will only be retrieved for that environment. This will override any globally set parameters
- Chef attribute
- The identifier gets stripped off the name which then turns the rest of the name into a chef attribute i.e.
node['base2']['app']['SECRET']
- This attribute is store in the override.json file and can be called in a recipe as you normally would.
- The identifier gets stripped off the name which then turns the rest of the name into a chef attribute i.e.
Examples:
- The parameter name
default..base2..app..SECRET
becomes the chef attributenode['base2']['app']['SECRET']
in the chef recipe and is available in all environments - The parameter name
dev..base2..app..APIKEY
becomes the chef attributenode['base2']['app']['APIKEY']
in the chef recipe and is available in just the dev environment - The parameter name
prod..base2..app..SECRET
becomes the chef attributenode['base2']['app']['SECRET']
in the chef recipe and is available in just the prod environment and overrides thedefault..base2..app..SECRET
parameter
Suported OS: Linux, Windows
Waits for a EC2 instance to become healthy in specified target group(s)
Call from userdata in cloudformation after chef run.
/opt/base2/bin/wait_for_alb -r <AWS::Region> -i <InstanceId> -t <TargetGroupA>,<TargetGroupB> -T 2000
-r
--region
- specify a aws region i.e. -r ap-southeast-2
-t
--target-groups
- specify one or more target group arns seperated by comma i.e. -t arn::1,arn::2
-i
--instance-id
- specify the ec2 instance id i.e. -i i-0a5c9e3f2ff024ce9
-T
--timeout
- Time out in seconds, defaults to 3600
Suported OS: Linux, Windows
Queries all elastic load balancers in the region that contain the instance-id Waits for the ec2 instance to become healthy in the classic elastic load balancer(s)
Call from userdata in cloudformation after chef run.
/opt/base2/bin/wait_for_elb -r <AWS::Region> -i <InstanceId> -T 2000
-r
--region
- specify a aws region i.e. -r ap-southeast-2
-i
--instance-id
- specify the ec2 instance id i.e. -i i-0a5c9e3f2ff024ce9
-T
--timeout
- Time out in seconds, defaults to 3600
Suported OS: Windows
To create a stripped ephemeral disk on compatible windows EC2 instances
Call from userdata in cloudformation
C:/base2/bin/Stripe-Windows-Ephemeral-Disks.ps1
Suported OS: Linux, Windows (untested)
Attaches an Elastic Network Interface to an EC2 instance based on a tag or ID.
Call from userdata in cloudformation.
/opt/base2/bin/attach_eni -r <AWS::Region> -n <ElasticNetworkInterfaceID>
-r
--region
- specify a aws region i.e. -r ap-southeast-2
-t
--tag
- specify eni reservation tag [Required if -n or --network-interface not specified]
-n
--network-interface
- specify eni id [Required if -t or --tag not specified]
-d
--device-index
- specify device index for eni, defaults to 1 [Optional]
-T
--timeout
- specify timeout for script, defaults to 600 [Optional]
Author:: [email protected]