AWS CloudFormation helper scripts with update

AWS CloudFormation helper scripts with update

  09 Oct 2019   , , , , ,

okay so before we get started basically i
apologized for the delay on this turns out pan opto lost its mind with with the recording
from from last class and just won’t render the video so i needed teo i’m just going to
go ahead and recreate this this video basically what we’re gonna look at today is that we’re
kind of continue on from from where we were last time with this cfn simple amazon lennox
webb what i’m going to do first of all i’m just going to kind of copy and paste this
let me go ahead and do a copy pace that back in there i’ll do it quick rename um and we’ll
take out the simple part okay we got that and let me go ahead and load that up art so
the main thing first thing that i want to do actually is is set up a parameters section
here pretty much like what we what we were doing in some of these other ones so i’m actually
i guess it could one would b yeah this one here right so this is the one of the emblem
to one’s somebody grab these parameters like that and i’ll come back over to here and paste
those in um then we’ll actually plugged those in in the appropriate spot right so we have
the the the key named the key pair that we’re using and sssh location so let me just kind
of scroll down through here on dh yeah there’s the user data that’s generally where we’ve
been we’re putting this it is i believe it is key name yes and then we’ll have a ref
teo to the key name parameter then additionally we’ll want to duplicate this our port of course
will be twenty two for for ss h and we’ll do our ref sssh location all right so so that
that should basically get that set up so that we’re capable or able teo able teo log in
all right let’s go let’s go ahead and build a build off of that so i come here tio cfn
amazon lennox web and uh let’s go ahead and click next all right so let’s call this update
test basically so really what the whole what this whole thing is about so maybe zero dot
zero dot zero dot zero slash thirty two heart um and next on da create okay so that should
that should get that created for us i actually just realized i probably messed that up when
you go ahead and delete that since the other one probably is there actually
wanted zero dot zero dot zero dot zero slash zero is what it is there it is okay ah and
we’ll go ahead and click next there go ahead and click next there and go ahead and create
this so well we talked last time about this we were we were making use of c f n in it
right so you’ll recall we we did this stuff inside inside user data to call the the cloud
formation helper script the cfn innit script teo to basically kind of kick stuff off and
that way we use this nice declarative meditate a section for for for installing for installing
packages for setting up files for getting systems running services running all of that
a couple of things about this so first first off what i’m gonna do just for kind of clarity
sake let me actually i’m gonna expand these out to kind of the long names just so that
it’s a little clearer what we’re doing with those okay the other thing that that we haven’t
done that we weren’t doing previously and i’m going to add this in is the ability teo
signal so it’s signaling the status from c f n in it via that okay so just like just
like this other command it is one of the helper commands kind of looks like looks like that
except it’s c f m signal on e and then basically so basically the idea with with signal is
that what it’s going to do it’s going to take in this case the the return code from innit
that’s what that’s how we’re referencing it using this dollar sign question mark and we’re
going to pass that back essentially to the consul toe let it know whether whether the
install has been successful or not okay so i’m just going to kind of grab thes thing
because i still need on all of that information a swell okay like so now what cf one of the
one of the advantages of using thie cloud formacion helper scripts is that it will allow
us to do updates of our stack right so when we have a when we have a stack already created
like i do here notice i have this option for up dating this stack okay so let me actually
just kind of show you show you an example that so first follow me let me log into the
system just so we can see that so i’ll fire up a party and it’s an amazon one and let
me go to outputs here right well double check that yes the web server is in fact running
and so we’ll just case that into there all right so long into ah logged in to to my server
i could do a few things here so for instance i can check to see what services are running
by doing something like this so i can say service status all on dial pipe that into
less and we’ll actually get to see sort of you know the various things that are running
right so kind of moved down through here we should actually see i could do things like
for instance grabbed for a gdp notice that is in fact running so let me go ahead and
just make a slight modification to our to our system here and so let’s say we want to
install my sequel server okay like so onto on onto this system
and so remember in addition just like with just like with when we install the web server
under amazons lennox it turns out that we also have to have a corresponding entry in
services to make sure that that’s running yes that’s fine all right it’s only paste
that in on so it would be my sequel d and we’ll make sure that that’s running as well
okay cool we’ve got that saved let’s go ahead and we’ll do an update stack here and that
i’m just going to browse too to that particular that particular stack that we just updated
leave all of these things the same and let’s we’ll kind of move through on yep so figured
out yes it’s got to do that we’ll go ahead and click update ok now the cool thing about
this is that actually noticed it did figure out it didn’t actually kick me off the certain
actually looks like it did kick off the server huh that’s kind of interesting oh no wait
strangely enough i’m not your white actually apparently does seem to think that it’s going
to meet a restart for some reason that’s fine let’s update uh okay kind of still doing its
thing now this may actually sort of take a little
bit to ah to do this still going um i wonder if it’s still down or not there were update
complete ok now we should be able to log back in let’s double check that i think it actually
change that but let’s stop me up looks like it did okay all right so again let me go on
all right so if i go teo history right let’s go ahead and run that first one and basically
what we’re looking for is my sequel okay and notice my sequel is not running right was
it installed let’s say yum install my sequel server yeah right and basically it isn’t actually
installed ok so the update didn’t work now why didn’t the update work well actually it’s
because we still need to do some additional work okay so the work that we’ve done so far
isn’t going teo isn’t going to get isn’t going to get the updates working okay so let’s look
att how to make that happen all right i’m just gonna kind of undue thes changes for
right now taking those out yes that wasn’t so if we look up the helper scripts what will
actually see right to notice there’s a there’s a handful of ah helper script so we’ve already
sent seen cfn in that we’ve talked about signal cfn hup is the one that were actually really
interested in notice it’s a damon to check for updates to metadata execute custom hooks
when the changes are detected okay this is basically the thing that does the magic if
you will for making sure that updates will will actually happen okay so basically what
we do need to do is to get that set up and to do that we could actually do this kind
of a couple of different ways so one let me show you kind of how i how i sort of figured
out how to do this right basically if i go too our lamp stack the single instance lamps
back here and i opened this up in the template designer let’s see there goes okay and let
me just switch this over to yamma because that’ll be definitely much easier to read
eso if we scroll down through here will actually see a couple of ah couple of things like get
down to the section right there’s where they’re doing the various and stoles there’s they’re
creating index php andi all the way yeah so first is the configuration of off this file
this etc cfn cfn dash hop dot com file basically has to have these contents we also need this
cfn auto freeloader can’t file now a couple of things to uh to note about this so one
i think actually i’ve already downloaded this yeah there it is all right so let me actually
open this up so i already have this i’ve downloaded this into into oh i thought i did apparently
didn’t that’s good fine come over here copy this on dh paste that in all right now we
can actually now we can actually just view this here rather than rather than over there
okay so one of the things i wanted to kind of point out is this section here and actually
probably easiest way let me go ahead and let’s just do that so go over to the template that
i was working on i’ll do a vertical split and then click on this window oops sorry look
on this window then open the file they’re all right there we go so we can kind of get
this side by side view off off things teo get a sense of how to set this up now here’s
what i want to point it out point out with us so i’m gonna go down to my files my section
here is a little bit it’s certainly is certainly considerably less and let me just go ahead
and grab this this header here so there’s the file that that we want to create on just
want to make sure that’s at the sorry it’s that column thirteen that one’s also a column
thirteen okay we’re good now for whatever reason and actually the reason that i suspect
is is that it has to do with the fact that the conversion from jason t amol is has been
automated and so i have a feeling that that when they do that they’re there they’re doing
certain certain things that end up with with a yam alone like this that ends up being a
little more complex than it really needs to be okay let me show you what i mean by that
so in the case of in the case of all this right eye i don’t really need to use all of
this all of this kind of nested lists and various other things we can actually use the
technique that we used for specifying the contents of index dot html right so that is
i can simply say ok i’ll use thie or bar here and then basically just start listing out
on the content right so here we see for instance that that they just have main specified just
like that on dh then they have the word stack and equal sign and then they’re using this
this reference to up to this to this pseudo element right so recall the way that we that
we would do this is like follows okay but as soon as i’m using this in the content that’s
where that sub function comes in right so we talked about this before originally when
i had when i had index dot html i had a sub in front of here and i pointed out later that
i actually don’t need the sub there because i wasn’t making use of any parameters or pseudo
pseudo elements or anything like that here i actually need thio need to have that in
to get this back i’d dumped in there so that’s why we’re doing that all right then we need
a region section and again that’s also going to notice you it’s referencing something namely
the ws region okay just like so alright on dh then the one other thing that i’m going
to add that it doesn’t appear here i’m going to actually add this so interval for the for
the conference defines the number of minutes that have to elapse before the damon will
go and check that the meta data has changed okay so basically remember user data on lee
gets executed once when the when the stack basically first get started up however we
can change the metadata and that’s the stuff that that basically the cfn hup will will
handle for for doing the updates if we leave this off the default interval is fifteen minutes
now that might be fine for a production system but in our case i don’t want to wait fifteen
minutes to see whether the update actually worked so so i’m just going to bump this down
teo to one minute okay then i’ll just grab the rest of these here mode and so forth and
paste those in a swell groups that is off now we’re surks that’s got bumped in one okay
there we are so we have the modes that basically read only its owner and and group our route
okay so that’s one of the files that we need to we need to configure you notice there’s
also this other file here and so again just going to make use of some copy and paste too
be able teo to be able to get that in there he keeps throwing them in a rural area all
right so this is the other file for um for configuring the update damon okay and so once
again i mean you can see basically this con file just knows about the stack in the region
and the interval here is kind of where the where the the real magic happens if you will
right so again you know we kind of have one of these little blocks for notice saying cfn
auto freeloader hook okay again we’re gonna have triggers post update just copy and paste
that over then we have this stuff and i’m gonna have to make one small change to that
right so basically the change that i oops what happened there there is there were think
it’s a line breaking issue sorry just double check yeah that’s all it is just a line break
issue okay the main thing that the thing that we do have to change so notice path says resource
is basically resource is and then we need then basically we need an instance so now
in this case here of where we’re doing the copy and paste from you’ll notice if i scroll
back let’s see where it is right the eec two instances referred to by the name web server
instance in my case that is that’s not what it’s called right so again let me scroll back
down to there right so instead of ah web server instance you’ll notice that that ours we were
calling easy to instance right so let’s just make sure to ah to make that change their
ok so now we have the path set properly and finally the action to take and basically the
action is just going to be essentially the cfn and it stuff that we that we had run previously
right so this stuff here is what we also need to do in the case that in the case that we’re
doing an update okay like so so we put all of that stuff into there and now this is almost
set right so again eh so we have that stuff and one more we have the run as route that
we want to add in and then of course setting our our modes and so forth there’s that okay again read only owner route
group route so that is those are the configuration files that we need for the fourth e cfn hup
damon then we need to also make sure that that gets run right and again we see we see
that being done basically right here ok so all i’m going to do is just basically come
back come over on dh we will drop that in a swell
okay so um just like just like our our web server right well make sure that’s enabled
ensure that it’s running additionally we’re specifying the location of its of its configuration
files okay so that should make sure or should allow us to be able to update our uh a running
stack okay so let’s actually try this out okay so again i’m gonna come over here to
a close let’s create a new stack okay and just like before i’m going to use thie cfn
amazon clinics like that and we’ll click next ah line sixty columns seventeen okay so that
is right here doesn’t like something right there okay let’s try that maybe they’re maybe
somehow as i was copying and pasting it might have been a might have been a tab that actually
got got stuck in there all right let’s try this again so we’ll grab our template
line sixty column seventeen again huh oh sorry once again i need the or bar to list out toe
list out all of that and again since i’m making use of ah of these references i’m going to
need tio have a sub there as well yes all right let’s give this shot again so we’ll
load that up next yeah there we go so update test make sure to grab mikey pair and zero
dot teo civil zeros and uh go ahead and click create
now as that’s as that’s loading running at all let me go ahead and make another copy
of of this script so i’ll say copy and i’m going to go ahead and put a paste in here
so i’ll rename so this is going to be update test diana okay so that’s still still doing
its loading and all of that let me come back over here and uh and i can on i can come in
and add my updates just so that we can again and i could have done this in the same file
but this way then when when you refer back to the repo you’ll have you’ll have the two
different files to uh to look at okay so we want my sequel server get it from the default
location uh and then let’s see what else do we want to do we are going to make sure that
that is also running on dh again i’ll just kind of duplicate this for us on uh those
things right there okay so by now let’s yep it is in fact running let’s go ahead and do
our checks first of all web server is still running that’s good
all right let’s try let’s try logging into this then some go ahead and copy that and
will come over to ah putti load this up uh okay so um now should be able to see a few
things so again like before sudo service status all way already know that it’s running because
because we get a little test for but nevertheless it’s not bad to see how about cfn right notice
cfn hup is in fact running okay so the update service is actually running and and so we
should be able tio we should be able to to get that to work let me just go ahead and
so go too far log and i’m gonna check a couple of things right so notice i have few different
files in here there’s for instance the cfn hop log we could actually check out that thing’s
contents just to make sure right so there’s an info but notice there’s no errors listed
there so that looks good i’m also just going to double check the cfn innit log and again
let me go to the end right and yeah we have the signaling so yep everything looks good
here notice we don’t really have any errors and all that so basically it started up and
is running just fine ok let’s actually try to get this to update now so as i said you
know we’ve created this this secondary script um i created secondary script but then i did
not edit that one uh let’s see what we got here
yes my okay that’s this is easy enough to fix let me do this so okay now i have the file names where i uh
where i actually want that right so our let’s let’s just double check this right so the
cfn amazon lennox right yes that only has h t t p d and the update test one yes it is
running both that and my sequel server okay try to keep these things are organized so
let’s do an update stack and again i’ll go browse and i’ll just grab that um that particular
oh that particular file so notice it sort of comes up says okay to want change and these
things are just going to kind of leave those as they were set i don’t need to do anything
here and then it should compute the change set there we go it’s computed to change that
let me go ahead and and run update okay and our update is ah is running noticed does say
update is complete so let’s check this out right again and again notice it actually didn’t
it did not disconnect me so if i run history here let me go ahead and run one right so
notice http is running but really what i’m interested in is my sequel actually running
turns out it isn’t all right let’s take a look att what might be going on there are
so far log um okay nothing really there let’s check and that log uh yes okay so looks like
maybe i got the pack yes i did my sequel sever okay yes the my sequel sever package does
not exist because it is my sequel server so there’s that let me double check okay so that’s
just my sequel d so that shouldn’t be an issue all right let’s try updating again okay so again updates running says update
is in fact complete where did i happen to shut that down curious and notice my sequel
server is in fact running aiken verify this by running my sequel notice that right so
show databases um so that is in fact running all right so that’s pretty cool right notice
we were in fact able to ah to update on the system now the downside of this for instance
if i later decided you know what actually i don’t really want my sequel in there if
i came in and actually deleted this out a swell is the other part and then re ran the
update it would not uninstall that pack for me okay so in that case i’m gonna have to
bring down the server on dh or decide to decide to modify the server using other means okay
let’s do one more thing let’s take this actually a little further so i’m going to again make
another copy of a copy of this one here rename really wait so one of things that i would
actually like to be able to do with this is to is to do some configuration off my sequel
okay namely what i want to be able to do is actually set a password for logging into ah
logging into my sequel okay so the manner in which the manner in which we do that we’ll
actually that’s sort of the question is well how do you actually set the the password for
that so let me actually do this when you go back again one of the one of the one of the
things in terms of developing your scripts is is kind of playing around and testing out
these ideas right so real simply what i’m going to do actually could do this a couple
of different ways we just go ahead and really recreate the script will recreate this pack
without without my sequel that’s fine um cfn amazon yes i don’t really care what the name
is right now i’m going to end up dumping it anyways okay so that’s firing up okay so that is started again yeah it’s not quite
there yet that’s fine by the time i log in those changes should be should be all set
let’s wait alright um so as i said status soul grip notice it is not in awe of my sequel
is not installed not running on this machine let me go ahead and do this manually sauce
a pseudo yum install my sequel surfer okay so goes through this yes we want to do all
that doesn’t take very long okay once again notice it’s not running right because generally
by default under under amazons lennox when we install it that does not get the that does
not have the have the server running by default whereas under a boon to we see sort of the
opposite behaviour we do the install and it does in fact automatically run it now let
me go ahead and run this all say pseudo service my sequel d on dh start and when i run this
when i when i won my sequel for the first time notice i actually get a bunch of kind
of helpful information here right so any kind of make this bigger susan got to see this
right so yeah there around the commands is okay it’s installing blah blah blah running
with this right to start in a boot time you want to do this remember so please remember
set a password for the mice equal route user do so start the server than issue the following
command okay so we need to run the my sequel and men command dash you basically then we
specify the user that we’re setting the that we’re setting the password for the key word
password and so in reality the way that you attendee so so i could actually write this
whole command out like this and then and then basically we would in fact we would in fact
set the password directly i don’t generally want to do that at the at the command line
though because then i would have the raw new password listed there so typically when we’re
using this we would actually use it something like this on then i could say okay here’s
my password and there it is again right so now when i try to log in as root notice that
says you can’t log in as root without a without a password however if i do the dash p option
it will ask me for the password like so okay now one of the things this hasn’t totally
locked this down because for instance if i run my sequel without a user noticed it allows
me to get access to the database in fact actually on your current homework that’s one of the
things that you’re going to fix okay but this thing here the my sequel ad men dash you root
password that’s the thing that we want to basically we want to build into aa to our
system here all right so ah couple of things basically so what i’ll do let me go over to
teo the amazon thing i’m going to create a parameter like like they’re actually doing
here for the database password right so or actually will call it database root password
all right so there’s the d b root password or the that parameter let me go over teo to
the script that i’ma that i’m editing i’m going to actually put this up above all of
these things right so that’ll be the first thing that we enter in one of the things i
want you to note is this option here right no echo true means when i’m typing in that
password on the on the web form it won’t actually be echoed out so that so that someone could
shoulder surf us and kind of see exactly what’s what’s going on are so basically steel our
steel our password okay now this gives me the opportunity to also kind of split up on
and to show you sort of another feature so there’s this there’s this notion within for
cloud formation called config sets ok so with khun fix that’s basically you give it a name
so for instance i can i’m going to call this install and and run where did i get that name
actually again if you refer back over to the to the amazon one i’m pretty much stealing
it from there and here’s the idea behind config sets so i can actually give it kind of two
sets of rules so for instance i can say okay there’s going to be a rule called called install
and that’s actually just going to be the things that that we just did right so that is all
of this stuff here i’m going to call install now there’s nothing magical about the word
install i could’ve called it food right in the same way that when we name our easy to
instance you know i could call here i’m calling a tc two instance i could have called it whatever
i want right but again then i want to match that up okay so backto install so i’m going
to have one for install and then i’m gonna have a separate one for configure okay and
again if we take a quick look here for just peek over at at this you’ll see the same type
of setup going on here so scroll down past all of this on dh yeah right so they create
a configuration set on dso notice we have one for install we have one for they have
one for configure okay say i’m going to use basically to say it that same pattern now
what’s nice about this is this allows us to basically also also define exactly the order
that he’s going to run so first we’ll do the install rules then we’ll do the configure
rules okay so what are configured rules going to be well our configure rules we’re gonna
keep it very simple again if you look at the configuration in the and the amazon sample
script they’re doing a lot more okay but i’m not going to do quite that much all right
let me think this is at want to make sure that’s a column night okay so let me come
down to hear pass the services goto go over here and let’s get back out to column nine
and here’s my rules for configure right now for configure i have access to all the same
stuff so i could do packages again i could do files i could do services if i needed to
all of that but at this stage there’s really only one thing that i’m interested in and
that is commands okay so commands allows us to basically define certain commands that
need to be run okay so in our case it’s going to be set thee my sequel password to that
specified in the parameters okay then we basically give a name for our command so i’ll just give
it something like this at my seat cool root password okay then command okay and since
we’re going to be referring teo referring to that parameter i’m going to need a sub
and so we want my sequel at men attack you root password and then pby groot password
okay so that’s the command that gets run now again just for completeness sake let me let
me just point out if you take a look at if you take a look at the sample script for all
of their commands they actually show let’s sit down a little farther there where right
so for each of their commands they have command and then they have test right and so you notice
this in the first one i looked at this before reading the documentation i was a little confused
and i sort of thought well okay maybe it’s the case that you know test coming kind of
from that coming coming coming from a unit testing kind of background figured okay maybe
test is actually checking to see that the command has in fact has in fact worked it’s
actually the opposite okay so the way this works is that the test is the thing that runs
first and if the test basically returns true then we know that we’re supposed to run the
command okay so that’s essentially that’s essentially the idea behind test you don’t
have to put in a test it’s optional so if you always want that that command to run then
then you basically just set it up just like we have here okay now i’m not quite done because
we’re using a config except that means that that means that i have to actually make a
slight change teo to my call tio two cfn innit okay so down in the user data section here
where were making our call to cfn and it okay what i do need is just some place in here
and i guess i’m just gonna throw this i’m here i’ll say cunt fig set capitalists know
lower case us config set on and then basically the name of the config set that i’m running
install and run okay and remember that we also have one other place where we’re calling
cfn in it and that’s basically up in the auto reload er cunt so if i come up to here right
again we see what where did i have put it right after yeah i put it right after resource
that’s what i thought okay there’s the resource and again let me paste that in ok so now this
is set to use to use basically our our updated to use to use thie config sets all right let’s
make sure this is saved let’s go ahead and give this a try alright i don’t need this
i don’t need that one anymore so let me go ahead and dump that that should also kill
this look dario and create stack then there will use our update test click next okay i’ll
still call it update test that’s fine all right so now i can pass in my my super secret
password one two three four how about that um and uh i said arrest us h location so we
have those things no don’t say that uh yes go ahead and continue on right again so we’re
seeing the benefits of no echo and uh we’ll go ahead and click create and it’s running
no okay so it says creation is complete that’s good we didn’t seem too we don’t didn’t do
a roll back so that’s encouraging yeah it’s probably still finishing up that that’s okay
uh let me go ahead and copy our public d n s and i’m going to grab this paste in the
new public de ns and opened that up okay so we’re logged in good let’s do our pseudo services
status all and was going to put that looks pseudo sorry service um yes cfn hop is running
that’s good h e p d is running that’s good notice my sequel d is running okay and furthermore
if i do my sequel um tack you for root noticed says i can’t log in teo too as the route user
for from ice equal without a pass work right if i if i do the dac p then it asked for my
password one two three four and now i’m in right again as i said we’re not technically
totally done because we can still do things like this and so forth so now you basically
have a really clear or complete picture off of the different parts of cloud formation
including the helper scripts including including being able to get get update working and all
of that hopefully that helps if you have questions you’re in the class shoot him shoot him to
me in piazza if you happen to find this on the web than just poster questions down in
the comments

1 thought on “AWS CloudFormation helper scripts with update

Leave a Reply

Your email address will not be published. Required fields are marked *