/chef-ebs

Scalarium's EBS cookbook with added magic

Primary LanguageRubyOtherNOASSERTION

chef-ebs

This is a cookbook that makes it easy to create/attach EBS volumes, and create filesystems and RAID arrays on them.

Usage

RAID Array Creation

Add recipe[ebs] to your run list, and configure these attributes:

Create a RAID 10 across four 10GB volumes each with 2000 provisioned iops, make it an lvm logical volume, format it with XFS, and mount it on /data.

{
  :ebs => {
    :raids => {
      '/dev/md0' => {
        :num_disks => 4,
        :disk_size => 10,
        :piops => 2000,
        :raid_level => 10,
        :fstype => 'xfs',
        :mount_point => '/data',
        :uselvm => true,
      }
    }
  }
}

Use Existing Volumes for RAID Array

Add recipe[persistent] to your run list, and configure these attributes:

Create a RAID 10 across the volumes specified in the persistent_volumes array, do not use LVM, format it with XFS, and mount it on /data.

{
  :ebs => {
    :raids => {
      '/dev/md0' => {
        :raid_level => 10,
        :fstype => 'xfs',
        :mount_point => '/data',
        :uselvm => false,
        :persistent_volumes => [
          "vol-xxxxxxxx",
          "vol-xxxxxxxx",
          "vol-xxxxxxxx",
          "vol-xxxxxxxx"
        ]
      }
    }
  }
}

EBS Volume Creation

Create a 10GB EBS General Purpose SSD volume, format it with XFS, and mount it on /data with noatime as an option.

{
  :ebs => {
    :volumes => {
      '/data' => {
        :size => 10,
        :volume_type => 'gp2',
        :fstype => 'xfs',
        :mount_options => 'noatime'
      }
    }
  }
}

mount_options are optional and will default to noatime,nobootwait on all platforms except Amazon linux, where they will default to noatime.

Note: The letter suffix for the /dev/sd<letter> / /dev/xvd<letter> is automatically generated starting at f or after any existing ids.

Volume Encryption

You can provide encrypted: true for an encrypted volume.

Credentials

IAM Role Supplied Credentials

You can use the IAM Role supplied Credentials by setting the ebs[:creds][:iam_role] to true and to be safe ebs[:creds][:encrypted] to false:

{
  :ebs => {
    :creds => {
      :iam_role => true
      :encrypted => false
    }
  }
}

Of course you must have set up the proper IAM Role as describe in the Opscode AWS Cookbook and the AWS Document IAM Roles for Amazon EC2

Explicit Credentials from Databag

Expects a credentials databag with an aws item that contains aws_access_key_id and aws_secret_access_key.

You can override the databag and item names with node[:ebs][:creds][:databag], and node[:ebs][:creds][:item], but the key names are static.

Requirements

Acknowledgments

This code was originally forked from the Scalarium ebs cookbook which has since been taken over by AWS Opsworks.