Purpose is to automate most of recurring processes like creating user, installing application (apache, apache-tomcat, mysql-server …etc), and modifying security file to hardening Linux machines in AWS environment.
1. Click AWS OpsWorks option from AWS console panel:
2. Now click on Add Stack to create a new Stack:
3. Enter the details required below:
4. Click to enable custom cookbooks where you have kept your prebuilt script in supported language:
5. Provide the repository location where you have stored or going to store scripts and also enter the details asked for:
6. Click Add Stack now:
7. Now the Stack has been added:
8. Now you can see that there are Zero Instances in that stack:
Now steps to Add server in newly created Stack:
1. Open AWS OpsWorks
2. Click on Stack:
3. Click on Instances and Register Instances:
4. Choose EC2 Instances and select instance(s) and Install AWS CLI:
5. As Amazon Linux has the client pre-installed, select this option and Register Instances:
6. Copy the command and run it on server (through putty) as root. Click Done only when installation of cli is complete:
7. Should see this message if the installation is successful:
8. Running Setup. This will take a few minutes to complete deployment:
Deployment:
1. Click Deployments and Run Command:
2. Select “Update Custom Cookbooks” and choose instances, and Update Custom Cookbooks:
3. Choose “Repeat Command” then Choose Execute Recipes from dropdown and enter command in Recipes to Execute:
e.g. testCookBooks::01-backup-config
Check correct Instance(s) are selected and “Execute Recipes”
Here is a sample script, save in the file name “00-backup-config” in svn repository and save it in ruby extension like this 01-backup-config.rb (you can save it using any file name)
Below command will create a directory in root location else you can specify any other also:
directory '/backup-conf' do owner 'root' group 'root' mode '0750' action :create end
Below commands will read the source file and paste it in new file in folder you: created above as specified here i.e. /backup-conf/sshd_config
file '/backup-conf/sshd_config' do content IO.read('/etc/ssh/sshd_config') action :create end file '/backup-conf/rsyslog.conf' do content IO.read('/etc/rsyslog.conf') action :create end file '/backup-conf/login.defs' do content IO.read('/etc/login.defs') action :create end file '/backup-conf/audit.rules' do content IO.read('/etc/audit/audit.rules') action :create end file '/backup-conf/sudoers' do content IO.read('/etc/sudoers') action :create end file '/backup-conf/system-auth' do content IO.read('/etc/pam.d/system-auth') action :create end file '/backup-conf/cloud-init' do content IO.read('/etc/sudoers.d/cloud-init') action :create end file '/backup-conf/hosts' do content IO.read('/etc/hosts') action :create end file '/backup-conf/network' do content IO.read('/etc/sysconfig/network') action :create end
You can see the list of executed command in history and those can be run straight away from there also: