s0undt3ch · February 15, 2013 12:40
diff --git a/gistfile1.json b/gistfile1.json
 {
  "AWSTemplateFormatVersion" : "2010-09-09",

  "Description" : "Salt Stack Master - Minion Test Setup $Rev: 001$",

  "Parameters" : {
    "KeyPairName" : {
      "Description" : "EC2 Key Pair Name for SSH Access",
      "Type" : "String"
    }
  },

  "Mappings" : {
    "AWSRegionAMIs" : {
      "us-east-1" : {
        "amazlinux" : "ami-1624987f"
      },
      "us-west-1" : {
        "amazlinux" : "ami-1bf9de5e"
      },
      "us-west-2" : {
        "amazlinux" : "ami-2a31bf1a"
      },
      "eu-west-1" : {
        "amazlinux" : "ami-c37474b7"
      },
      "sa-east-1" : {
        "amazlinux" : "ami-1e08d103"
      },
      "ap-southeast-1" : {
        "amazlinuz" : "ami-a6a7e7f4"
      },
      "ap-southeast-2" : {
        "amazlinux" : "ami-bd990e87"
      },
      "ap-northeast-1" : {
        "amazlinuz" : "ami-4e6cd34f"
      }
    }
  },

  "Resources" : {
    "SaltStackSecurityGroup" : {
      "Type" : "AWS::EC2::SecurityGroup",
      "Properties" : {
        "GroupDescription" : "Enable Salt n SSH Access from ALL",
        "SecurityGroupIngress" : [
          { "IpProtocol" : "tcp", "FromPort" : "22", "ToPort" : "22", "CidrIp" : "0.0.0.0/0" },
          { "IpProtocol" : "tcp", "FromPort" : "4505", "ToPort" : "4506", "CidrIp" : "0.0.0.0/0" }
        ]
      }
    },

    "SaltStackMasterServer" : {
      "Type" : "AWS::EC2::Instance",
      "Properties" : {
        "ImageId" : { "Fn::FindInMap" : [ "AWSRegionAMIs", { "Ref" : "AWS::Region" }, "amazlinux" ] },
        "InstanceType" : "t1.micro",
        "SecurityGroups" : [ { "Ref" : "SaltStackSecurityGroup" } ],
        "KeyName" : { "Ref" : "KeyPairName" },
        "DisableApiTermination" : "false",
        "UserData" : {
          "Fn::Base64" : {
            "Fn::Join" : [ "", [
              "#!/bin/bash\n",
              "\n",
              "yum -y update --security\n",
              "\n",
              "sed -i -e \"s/#PermitEmptyPasswords no/PermitEmptyPasswords no/\"",
              " -e \"s/PermitRootLogin forced-commands-only/PermitRootLogin yes/\"",
              " -e \"s/PasswordAuthentication no/PasswordAuthentication yes/\"",
              " /etc/ssh/sshd_config\n",
              "/etc/init.d/sshd restart\n",
              "install -m640 /home/ec2-user/.ssh/authorized_keys /root/.ssh\n",
              "\n",
              "mkdir -p /etc/salt/\n",
              "touch /etc/salt/master\n",
              "cat <<EOF > /etc/salt/master\n",
              "# Enable auto_accept (automatically accept all incoming public keys from the minions).\n",
              "auto_accept: True\n",
              "\n",
              "# File Server settings\n",
              "file_roots:\n",
              "  base:\n",
              "    - /srv/salt\n",
              "\n",
              "# The level of messages to send to the console.\n",
              "log_level: debug\n",
              "EOF\n",
              "\n",
              "mkdir -p /srv/salt\n",
              "cat <<EOF > /srv/salt/top.sls\n",
              "base:\n",
              "  'roles:minionTest':\n",
              "    - match: grain\n",
              "    - minionTest\n",
              "EOF\n",
              "\n",
              "mkdir -p /srv/salt/minionTest\n",
              "touch /srv/salt/minionTest/init.sls\n",
              "cat <<EOF > /srv/salt/minionTest/init.sls\n",
              "mc:\n",
              "  pkg:\n",
              "    - installed\n",
              "EOF\n",
              "\n",
              "cd /root/\n",
              "wget -O bootstrap-salt.sh http://bootstrap.saltstack.org\n",
              "sh ./bootstrap-salt.sh -M -N\n",
              "# Start Salt Master automatically at boot time.\n",
              "chkconfig salt-master on\n",
              "# Start the Salt Master now.\n",
              "service salt-master start\n" ] ]
          }
        }
      }
    },

    "SaltStackMasterEIP" : {
      "Type" : "AWS::EC2::EIP",
      "Properties" : {
        "InstanceId" : { "Ref" : "SaltStackMasterServer" }
      }
    },

    "SaltStackMinionServer" : {
      "Type" : "AWS::EC2::Instance",
      "Properties" : {
        "ImageId" : { "Fn::FindInMap" : [ "AWSRegionAMIs", { "Ref" : "AWS::Region" }, "amazlinux" ] },
        "InstanceType" : "t1.micro",
        "SecurityGroups" : [ { "Ref" : "SaltStackSecurityGroup" } ],
        "KeyName" : { "Ref" : "KeyPairName" },
        "DisableApiTermination" : "false",
        "UserData" : {
          "Fn::Base64" : {
            "Fn::Join" : [ "", [
              "#!/bin/bash\n",
              "\n",
              "yum -y update --security\n",
              "\n",
              "sed -i -e \"s/#PermitEmptyPasswords no/PermitEmptyPasswords no/\"",
              " -e \"s/PermitRootLogin forced-commands-only/PermitRootLogin yes/\"",
              " -e \"s/PasswordAuthentication no/PasswordAuthentication yes/\"",
              " /etc/ssh/sshd_config\n",
              "/etc/init.d/sshd restart\n",
              "install -m640 /home/ec2-user/.ssh/authorized_keys /root/.ssh\n",
              "\n",
              "mkdir -p /etc/salt/\n",
              "touch /etc/salt/minion\n",
              "cat <<EOF > /etc/salt/minion\n",
              "# IP of the salt master server.\n",
              "master: ", { "Ref" : "SaltStackMasterEIP" }, "\n",
              "\n",
              "# Custom grains for this minion.\n",
              "grains:\n",
              "  roles:\n",
              "    - minionTest\n",
              "  aws_region: ", { "Ref" : "AWS::Region" } , "\n",
              "\n",
              "# The level of messages to send to the console.\n",
              "log_level: debug\n",
              "EOF\n",
              "\n",
              "wget -O - http://bootstrap.saltstack.org | sh\n",
              "\n",
              "# Start the Salt Minion automatically at boot time.\n",
              "chkconfig salt-minion on\n",
              "# Start the Salt Minion now.\n",
              "service salt-minion start\n",
              "\n",
              "TIMEOUT=90\n",
              "COUNT=0\n",
              "while [ ! -f /etc/salt/pki/minion/minion_master.pub ]; do\n",
              "  echo 'Waiting for salt install.'\n",
              "  if [ \"$COUNT\" -ge \"$TIMEOUT\" ]; then\n",
              "    echo 'minion_master.pub not detected by timeout'\n",
              "    exit 1\n",
              "  fi\n",
              "  sleep 5s\n",
              "  COUNT=$((COUNT+5))\n",
              "done\n",
              "\n",
              "salt-call state.highstate -l debug\n" ] ]
          }
        }
      }
    }
  }
 }
	{
	"AWSTemplateFormatVersion" : "2010-09-09",

	"Description" : "Salt Stack Master - Minion Test Setup $Rev: 001$",

	"Parameters" : {
	"KeyPairName" : {
	"Description" : "EC2 Key Pair Name for SSH Access",
	"Type" : "String"
	}
	},

	"Mappings" : {
	"AWSRegionAMIs" : {
	"us-east-1" : {
	"amazlinux" : "ami-1624987f"
	},
	"us-west-1" : {
	"amazlinux" : "ami-1bf9de5e"
	},
	"us-west-2" : {
	"amazlinux" : "ami-2a31bf1a"
	},
	"eu-west-1" : {
	"amazlinux" : "ami-c37474b7"
	},
	"sa-east-1" : {
	"amazlinux" : "ami-1e08d103"
	},
	"ap-southeast-1" : {
	"amazlinuz" : "ami-a6a7e7f4"
	},
	"ap-southeast-2" : {
	"amazlinux" : "ami-bd990e87"
	},
	"ap-northeast-1" : {
	"amazlinuz" : "ami-4e6cd34f"
	}
	}
	},

	"Resources" : {
	"SaltStackSecurityGroup" : {
	"Type" : "AWS::EC2::SecurityGroup",
	"Properties" : {
	"GroupDescription" : "Enable Salt n SSH Access from ALL",
	"SecurityGroupIngress" : [
	{ "IpProtocol" : "tcp", "FromPort" : "22", "ToPort" : "22", "CidrIp" : "0.0.0.0/0" },
	{ "IpProtocol" : "tcp", "FromPort" : "4505", "ToPort" : "4506", "CidrIp" : "0.0.0.0/0" }
	]
	}
	},

	"SaltStackMasterServer" : {
	"Type" : "AWS::EC2::Instance",
	"Properties" : {
	"ImageId" : { "Fn::FindInMap" : [ "AWSRegionAMIs", { "Ref" : "AWS::Region" }, "amazlinux" ] },
	"InstanceType" : "t1.micro",
	"SecurityGroups" : [ { "Ref" : "SaltStackSecurityGroup" } ],
	"KeyName" : { "Ref" : "KeyPairName" },
	"DisableApiTermination" : "false",
	"UserData" : {
	"Fn::Base64" : {
	"Fn::Join" : [ "", [
	"#!/bin/bash\n",
	"\n",
	"yum -y update --security\n",
	"\n",
	"sed -i -e \"s/#PermitEmptyPasswords no/PermitEmptyPasswords no/\"",
	" -e \"s/PermitRootLogin forced-commands-only/PermitRootLogin yes/\"",
	" -e \"s/PasswordAuthentication no/PasswordAuthentication yes/\"",
	" /etc/ssh/sshd_config\n",
	"/etc/init.d/sshd restart\n",
	"install -m640 /home/ec2-user/.ssh/authorized_keys /root/.ssh\n",
	"\n",
	"mkdir -p /etc/salt/\n",
	"touch /etc/salt/master\n",
	"cat <<EOF > /etc/salt/master\n",
	"# Enable auto_accept (automatically accept all incoming public keys from the minions).\n",
	"auto_accept: True\n",
	"\n",
	"# File Server settings\n",
	"file_roots:\n",
	" base:\n",
	" - /srv/salt\n",
	"\n",
	"# The level of messages to send to the console.\n",
	"log_level: debug\n",
	"EOF\n",
	"\n",
	"mkdir -p /srv/salt\n",
	"cat <<EOF > /srv/salt/top.sls\n",
	"base:\n",
	" 'roles:minionTest':\n",
	" - match: grain\n",
	" - minionTest\n",
	"EOF\n",
	"\n",
	"mkdir -p /srv/salt/minionTest\n",
	"touch /srv/salt/minionTest/init.sls\n",
	"cat <<EOF > /srv/salt/minionTest/init.sls\n",
	"mc:\n",
	" pkg:\n",
	" - installed\n",
	"EOF\n",
	"\n",
	"cd /root/\n",
	"wget -O bootstrap-salt.sh http://bootstrap.saltstack.org\n",
	"sh ./bootstrap-salt.sh -M -N\n",
	"# Start Salt Master automatically at boot time.\n",
	"chkconfig salt-master on\n",
	"# Start the Salt Master now.\n",
	"service salt-master start\n" ] ]
	}
	}
	}
	},

	"SaltStackMasterEIP" : {
	"Type" : "AWS::EC2::EIP",
	"Properties" : {
	"InstanceId" : { "Ref" : "SaltStackMasterServer" }
	}
	},

	"SaltStackMinionServer" : {
	"Type" : "AWS::EC2::Instance",
	"Properties" : {
	"ImageId" : { "Fn::FindInMap" : [ "AWSRegionAMIs", { "Ref" : "AWS::Region" }, "amazlinux" ] },
	"InstanceType" : "t1.micro",
	"SecurityGroups" : [ { "Ref" : "SaltStackSecurityGroup" } ],
	"KeyName" : { "Ref" : "KeyPairName" },
	"DisableApiTermination" : "false",
	"UserData" : {
	"Fn::Base64" : {
	"Fn::Join" : [ "", [
	"#!/bin/bash\n",
	"\n",
	"yum -y update --security\n",
	"\n",
	"sed -i -e \"s/#PermitEmptyPasswords no/PermitEmptyPasswords no/\"",
	" -e \"s/PermitRootLogin forced-commands-only/PermitRootLogin yes/\"",
	" -e \"s/PasswordAuthentication no/PasswordAuthentication yes/\"",
	" /etc/ssh/sshd_config\n",
	"/etc/init.d/sshd restart\n",
	"install -m640 /home/ec2-user/.ssh/authorized_keys /root/.ssh\n",
	"\n",
	"mkdir -p /etc/salt/\n",
	"touch /etc/salt/minion\n",
	"cat <<EOF > /etc/salt/minion\n",
	"# IP of the salt master server.\n",
	"master: ", { "Ref" : "SaltStackMasterEIP" }, "\n",
	"\n",
	"# Custom grains for this minion.\n",
	"grains:\n",
	" roles:\n",
	" - minionTest\n",
	" aws_region: ", { "Ref" : "AWS::Region" } , "\n",
	"\n",
	"# The level of messages to send to the console.\n",
	"log_level: debug\n",
	"EOF\n",
	"\n",
	"wget -O - http://bootstrap.saltstack.org \| sh\n",
	"\n",
	"# Start the Salt Minion automatically at boot time.\n",
	"chkconfig salt-minion on\n",
	"# Start the Salt Minion now.\n",
	"service salt-minion start\n",
	"\n",
	"TIMEOUT=90\n",
	"COUNT=0\n",
	"while [ ! -f /etc/salt/pki/minion/minion_master.pub ]; do\n",
	" echo 'Waiting for salt install.'\n",
	" if [ \"$COUNT\" -ge \"$TIMEOUT\" ]; then\n",
	" echo 'minion_master.pub not detected by timeout'\n",
	" exit 1\n",
	" fi\n",
	" sleep 5s\n",
	" COUNT=$((COUNT+5))\n",
	"done\n",
	"\n",
	"salt-call state.highstate -l debug\n" ] ]
	}
	}
	}
	}
	}
	}