Skip to content
This repository was archived by the owner on Jan 30, 2021. It is now read-only.

Init #1

Merged
merged 8 commits into from
Oct 13, 2017
Merged

Init #1

merged 8 commits into from
Oct 13, 2017

Conversation

@goruha
Copy link
Contributor

@goruha goruha commented Oct 5, 2017

What

  • Allow to aggregate user data scripts and store it on s3
  • Allow fetch this data from s3 and execute as normal user data

Why

  • AWS user data is limited by size. This is workaround to avoid limit.

@goruha goruha requested a review from osterman October 5, 2017 15:38
@osterman
Copy link

osterman commented Oct 5, 2017

Terraform module name does not follow registry imposed naming convention.

Also, I think the better approach may be to use this with gzip turned on. Amazon Linux supports cloud init

https://www.terraform.io/docs/providers/template/d/cloudinit_config.html

@osterman
Copy link

osterman commented Oct 6, 2017

image
https://www.terraform.io/docs/registry/modules/publish.html#requirements

osterman
osterman reviewed Oct 6, 2017
View reviewed changes
main.tf Outdated
namespace = "${var.namespace}"
name = "${var.name}"
stage = "${var.stage}"
attributes = ["s3", "stored"]
Copy link

@osterman osterman Oct 6, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

s/stored/user-data/

Copy link

@osterman osterman Oct 6, 2017
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

drop s3 since I don't think we need that in the bucket name (it's implied)

Aha, I see. I thought it would be used for the bucket name, but it's used for a policy. We can keep it.

osterman
osterman reviewed Oct 6, 2017
View reviewed changes
main.tf Outdated
resource "aws_s3_bucket_object" "default" {
bucket = "${var.bucket}"
key = "${var.path}/user_data.sh"
content = "${join("\n", var.user_data)}"
Copy link

@osterman osterman Oct 6, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Use a local value for the join output?

osterman
osterman reviewed Oct 6, 2017
View reviewed changes
user_data.sh

aws s3 cp s3://${s3_path} /tmp/user_data.sh

eval "$(cat /tmp/user_data.sh)"
Copy link

@osterman osterman Oct 6, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why eval as opposed to just running it? .... eval limits user data to bash.

Copy link
Contributor Author

@goruha goruha Oct 10, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

because user data does not contains
'#/bin/bash' to specifiy shell

osterman
osterman reviewed Oct 6, 2017
View reviewed changes
main.tf Outdated
effect = "Allow"

resources = [
"arn:aws:s3:::*",
Copy link

@osterman osterman Oct 6, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should not be necessary and is too permissive.

osterman
osterman reviewed Oct 6, 2017
View reviewed changes
main.tf Outdated
}

statement {
actions = [ "s3:*" ]
Copy link

@osterman osterman Oct 6, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The instances should only need to be able to retrieve the object, not manipulate it.

osterman
osterman reviewed Oct 6, 2017
View reviewed changes
main.tf Outdated
template = "${file("${path.module}/user_data.sh")}"

vars {
s3_path = "${aws_s3_bucket_object.default.bucket}${aws_s3_bucket_object.default.key}"
Copy link

@osterman osterman Oct 6, 2017
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

s/s3_path/s3_user_data_uri/ and add s3:// to the uri

osterman
osterman reviewed Oct 6, 2017
View reviewed changes
user_data.sh Outdated
# Install AWS Client
pip install --upgrade awscli

aws s3 cp s3://${s3_path} /tmp/user_data.sh
Copy link

@osterman osterman Oct 6, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Drop the s3:// and use s3_user_data_uri

osterman
osterman reviewed Oct 6, 2017
View reviewed changes
user_data.sh Outdated

##############
# Install deps
##############
Copy link

@osterman osterman Oct 6, 2017
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This preamble is disproportionately large to the other comments and there is no "main" section. I think you can drop the #######

@goruha goruha requested a review from const-bon October 12, 2017 10:02
osterman
osterman suggested changes Oct 12, 2017
View reviewed changes
Copy link

@osterman osterman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Rename "stored" to "backend"

@goruha goruha merged commit 4c9a299 into master Oct 13, 2017
@goruha goruha deleted the init branch October 13, 2017 06:07
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@const-bon const-bon Awaiting requested review from const-bon

1 more reviewer

@osterman osterman osterman approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@osterman osterman

@goruha goruha

@const-bon const-bon

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@goruha @osterman @const-bon