How to create AWS OpsWorks Stack

|
| By Webner

Purpose is to automate most of recurring processes like creating user, installing application (apache, apache-tomcat, mysql-server …etc), and modifying security file to hardening Linux machines in AWS environment.

1. Click AWS OpsWorks option from AWS console panel:
1
2. Now click on Add Stack to create a new Stack:
2
3. Enter the details required below:
3
4. Click to enable custom cookbooks where you have kept your prebuilt script in supported language:
4
5. Provide the repository location where you have stored or going to store scripts and also enter the details asked for:
5
6. Click Add Stack now:
6
7. Now the Stack has been added:
7
8. Now you can see that there are Zero Instances in that stack:
8
Now steps to Add server in newly created Stack:

1. Open AWS OpsWorks

2. Click on Stack:
9
3. Click on Instances and Register Instances:
10
4. Choose EC2 Instances and select instance(s) and Install AWS CLI:
11
5. As Amazon Linux has the client pre-installed, select this option and Register Instances:
12
6. Copy the command and run it on server (through putty) as root. Click Done only when installation of cli is complete:
13
14
7. Should see this message if the installation is successful:
15
8. Running Setup. This will take a few minutes to complete deployment:
16

Deployment:

1. Click Deployments and Run Command:
17
2. Select “Update Custom Cookbooks” and choose instances, and Update Custom Cookbooks:
18
19
20
3. Choose “Repeat Command” then Choose Execute Recipes from dropdown and enter command in Recipes to Execute:

e.g. testCookBooks::01-backup-config

Check correct Instance(s) are selected and “Execute Recipes”

Here is a sample script, save in the file name “00-backup-config” in svn repository and save it in ruby extension like this 01-backup-config.rb (you can save it using any file name)

Below command will create a directory in root location else you can specify any other also:

directory '/backup-conf' do
  owner 'root'
  group 'root'
  mode '0750'
  action :create
end

Below commands will read the source file and paste it in new file in folder you: created above as specified here i.e. /backup-conf/sshd_config

file '/backup-conf/sshd_config' do
  content IO.read('/etc/ssh/sshd_config')
  action :create
end

file '/backup-conf/rsyslog.conf' do
  content IO.read('/etc/rsyslog.conf')
  action :create
end

file '/backup-conf/login.defs' do
  content IO.read('/etc/login.defs')
  action :create
end

file '/backup-conf/audit.rules' do
  content IO.read('/etc/audit/audit.rules')
  action :create
end

file '/backup-conf/sudoers' do
  content IO.read('/etc/sudoers')
  action :create
end

file '/backup-conf/system-auth' do
  content IO.read('/etc/pam.d/system-auth')
  action :create
end

file '/backup-conf/cloud-init' do
  content IO.read('/etc/sudoers.d/cloud-init')
  action :create
end

file '/backup-conf/hosts' do
  content IO.read('/etc/hosts')
  action :create
end

file '/backup-conf/network' do
  content IO.read('/etc/sysconfig/network')
  action :create
end

21
You can see the list of executed command in history and those can be run straight away from there also:
22

Leave a Reply

Your email address will not be published. Required fields are marked *