From eaee579129f3511ca8f6277ca066516ece60c6da Mon Sep 17 00:00:00 2001
From: George Thomas <george@iheartblank.co.uk>
Date: Tue, 15 Nov 2016 15:31:03 +0000
Subject: [PATCH 1/5] Revert "fixed description for external ELB security
group"
This reverts commit e602fc37aff7caf504703740a551b2f54ef68842.
---
security-groups/main.tf | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/security-groups/main.tf b/security-groups/main.tf
index a3b6a7eb..9bee46b8 100644
--- a/security-groups/main.tf
+++ b/security-groups/main.tf
@@ -50,7 +50,7 @@ resource "aws_security_group" "internal_elb" {
resource "aws_security_group" "external_elb" {
name = "${format("%s-%s-external-elb", var.name, var.environment)}"
vpc_id = "${var.vpc_id}"
- description = "Allows external ELB traffic"
+ description = "Allows internal ELB traffic"
ingress {
from_port = 80
From 78c4ac94bfb932cb5553ec9257e3cbf04d3430ab Mon Sep 17 00:00:00 2001
From: Miguel Aragao <miguelaragao91@gmail.com>
Date: Wed, 22 Feb 2017 16:18:55 +0000
Subject: [PATCH 2/5] feat(bastion ami): fixed bastion ami config to specific
commit
---
bastion/main.tf | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/bastion/main.tf b/bastion/main.tf
index d5fe9a68..4aa9ae68 100644
--- a/bastion/main.tf
+++ b/bastion/main.tf
@@ -51,7 +51,7 @@ variable "environment" {
}
module "ami" {
- source = "github.com/terraform-community-modules/tf_aws_ubuntu_ami/ebs"
+ source = "git::https://github.com/terraform-community-modules/tf_aws_ubuntu_ami.git?ref=e6614d7ce66a9a59db1787c8f695d70034b865db"
region = "${var.region}"
distribution = "trusty"
instance_type = "${var.instance_type}"
From fe3ce1d18acd03d80ae1151193e9f5848d3e7fc4 Mon Sep 17 00:00:00 2001
From: Miguel Aragao <miguelaragao91@gmail.com>
Date: Wed, 22 Feb 2017 16:51:38 +0000
Subject: [PATCH 3/5] feat(bastion ami): fixed bastion ami config to specific
commit
---
bastion/main.tf | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/bastion/main.tf b/bastion/main.tf
index 4aa9ae68..6cd53ac6 100644
--- a/bastion/main.tf
+++ b/bastion/main.tf
@@ -51,7 +51,7 @@ variable "environment" {
}
module "ami" {
- source = "git::https://github.com/terraform-community-modules/tf_aws_ubuntu_ami.git?ref=e6614d7ce66a9a59db1787c8f695d70034b865db"
+ source = "git::https://github.com/terraform-community-modules/tf_aws_ubuntu_ami.git//ebs?ref=e6614d7ce66a9a59db1787c8f695d70034b865db"
region = "${var.region}"
distribution = "trusty"
instance_type = "${var.instance_type}"
From 36373a114525ffceb44e2807003f37a4ebaf57cd Mon Sep 17 00:00:00 2001
From: Miguel Aragao <miguelaragao91@gmail.com>
Date: Thu, 2 Mar 2017 10:42:08 +0000
Subject: [PATCH 4/5] feat(ecs agent): upgraded the machines to have a more
recent base version and a more recent ecs agent
---
bastion/main.tf | 2 +-
defaults/main.tf | 2 +-
packer/base/packer.yml | 2 +-
packer/ecs/root/etc/systemd/system/ecs-agent.service | 4 ++--
4 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/bastion/main.tf b/bastion/main.tf
index d5fe9a68..6cd53ac6 100644
--- a/bastion/main.tf
+++ b/bastion/main.tf
@@ -51,7 +51,7 @@ variable "environment" {
}
module "ami" {
- source = "github.com/terraform-community-modules/tf_aws_ubuntu_ami/ebs"
+ source = "git::https://github.com/terraform-community-modules/tf_aws_ubuntu_ami.git//ebs?ref=e6614d7ce66a9a59db1787c8f695d70034b865db"
region = "${var.region}"
distribution = "trusty"
instance_type = "${var.instance_type}"
diff --git a/defaults/main.tf b/defaults/main.tf
index bd0d6892..70a0a7e1 100644
--- a/defaults/main.tf
+++ b/defaults/main.tf
@@ -27,7 +27,7 @@ variable "default_ecs_ami" {
us-east-1 = "ami-5f3ff932"
us-west-1 = "ami-31c08551"
us-west-2 = "ami-f3985d93"
- eu-west-1 = "ami-ab4bd5d8"
+ eu-west-1 = "ami-063f1a60"
eu-central-1 = "ami-6c58b103"
ap-northeast-1 = "ami-a69d68c7"
ap-northeast-2 = "ami-7b2de615"
diff --git a/packer/base/packer.yml b/packer/base/packer.yml
index 0b2b78a4..f0fde64a 100644
--- a/packer/base/packer.yml
+++ b/packer/base/packer.yml
@@ -1,7 +1,7 @@
---
# https://www.packer.io/docs/builders/amazon-ebs.html
ami:
- source_ami: ami-fa82739a
+ source_ami: ami-d8f4deab
instance_type: c4.2xlarge
ssh_username: ubuntu
ssh_timeout: 10m
diff --git a/packer/ecs/root/etc/systemd/system/ecs-agent.service b/packer/ecs/root/etc/systemd/system/ecs-agent.service
index 135da611..9ec14044 100644
--- a/packer/ecs/root/etc/systemd/system/ecs-agent.service
+++ b/packer/ecs/root/etc/systemd/system/ecs-agent.service
@@ -14,7 +14,7 @@ ExecStartPre=/bin/mkdir -p /var/lib/ecs/data
ExecStartPre=/bin/mkdir -p /var/log/ecs
ExecStartPre=-/usr/bin/docker kill ecs-agent
ExecStartPre=-/usr/bin/docker rm ecs-agent
-ExecStartPre=-/usr/bin/docker pull amazon/amazon-ecs-agent:v1.9.0
+ExecStartPre=-/usr/bin/docker pull amazon/amazon-ecs-agent:v1.13.1
ExecStart=/usr/bin/docker run \
--name=ecs-agent \
--restart=on-failure:10 \
@@ -26,7 +26,7 @@ ExecStart=/usr/bin/docker run \
--publish=127.0.0.1:51678:51678 \
--env-file=/etc/ecs/ecs.config \
--env=ECS_CLUSTER=${SERVER_GROUP} \
- amazon/amazon-ecs-agent:v1.9.0
+ amazon/amazon-ecs-agent:v1.13.1
ExecStop=-/usr/bin/docker stop ecs-agent
[Install]
From 83f3d0f3e38542b8eadf550c3fe6ac10d877e9f5 Mon Sep 17 00:00:00 2001
From: Miguel Aragao <miguelaragao91@gmail.com>
Date: Wed, 10 May 2017 01:25:22 +0100
Subject: [PATCH 5/5] feat(packer): added 2 new scritps to create amis with
dynatrace installed (different amis for production and staging)
---
packer/ecs/packer.yml | 1 +
packer/ecs/scripts/dynatrace-production.sh | 15 +++++++++++++++
packer/ecs/scripts/dynatrace-staging.sh | 15 +++++++++++++++
3 files changed, 31 insertions(+)
create mode 100644 packer/ecs/scripts/dynatrace-production.sh
create mode 100644 packer/ecs/scripts/dynatrace-staging.sh
diff --git a/packer/ecs/packer.yml b/packer/ecs/packer.yml
index 846c0897..fcc5d7ae 100644
--- a/packer/ecs/packer.yml
+++ b/packer/ecs/packer.yml
@@ -3,3 +3,4 @@ base: base
scripts:
- ecs.sh
+ - dynatrace-staging.sh
diff --git a/packer/ecs/scripts/dynatrace-production.sh b/packer/ecs/scripts/dynatrace-production.sh
new file mode 100644
index 00000000..8bdfb85e
--- /dev/null
+++ b/packer/ecs/scripts/dynatrace-production.sh
@@ -0,0 +1,15 @@
+#!/bin/bash
+set -e
+
+openssl version
+
+# Use this command on the target host:
+wget -O Dynatrace-OneAgent-Linux-1.117.255.sh \
+ https://hek37999.live.dynatrace.com/installer/oneagent/unix/latest/QSSP55KtStY9rzBN
+
+# Verify signature:
+wget https://ca.dynatrace.com/dt-root.cert.pem
+( echo 'Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha-256"; boundary="--SIGNED-INSTALLER"\n\n----SIGNED-INSTALLER' ; cat Dynatrace-OneAgent-Linux-1.117.255.sh ) | openssl cms -verify -CAfile dt-root.cert.pem > /dev/null
+
+# And run the installer with root rights:
+/bin/sh Dynatrace-OneAgent-Linux-1.117.255.sh APP_LOG_CONTENT_ACCESS=1
diff --git a/packer/ecs/scripts/dynatrace-staging.sh b/packer/ecs/scripts/dynatrace-staging.sh
new file mode 100644
index 00000000..64843d53
--- /dev/null
+++ b/packer/ecs/scripts/dynatrace-staging.sh
@@ -0,0 +1,15 @@
+#!/bin/bash
+set -e
+
+openssl version
+
+# Use this command on the target host:
+wget -O Dynatrace-OneAgent-Linux-1.117.255.sh \
+ https://sff67693.live.dynatrace.com/installer/oneagent/unix/latest/z6ieyk1fQSf2HzeN
+
+# Verify signature:
+wget https://ca.dynatrace.com/dt-root.cert.pem
+( echo 'Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha-256"; boundary="--SIGNED-INSTALLER"\n\n----SIGNED-INSTALLER' ; cat Dynatrace-OneAgent-Linux-1.117.255.sh ) | openssl cms -verify -CAfile dt-root.cert.pem > /dev/null
+
+# And run the installer with root rights:
+/bin/sh Dynatrace-OneAgent-Linux-1.117.255.sh APP_LOG_CONTENT_ACCESS=1