Using bash script in AWS infrastructure to install packages from Autoscalling Group tags

1
votes

I'm trying to write script in bash, for AWS Autoscaling Group. That means even if instance is terminated, Autoscaling Group reinstall instance and all packages from tags by Package name and Value Package number. Here is LaunchConfiguration group from AWS Cloudformation template:

"WorkerLC": {
  "Type" : "AWS::AutoScaling::LaunchConfiguration",
  "Properties" : {
    "ImageId": {"Ref" : "SomeAMI"},
    "InstanceType" : "m3.medium",
    "SecurityGroups" : [{"Ref": "SecurityGroup"}],
    "UserData" : {
      "Fn::Base64": {
        "Fn::Join": [ "", [
          {"Fn::Join": ["", ["Engine=", {"Ref": "Env"},".app.net"," \n"]]},
          {"Fn::Join": ["", [
            "#!/bin/bash\n",
            "cd /app/\n",
            "./worker-install-package.sh"
          ]]}
        ]]
      }
    }
  }
}

And I want to take from tags of AutoscalingGroup like that:

"Worker": {
        "Type" : "AWS::AutoScaling::AutoScalingGroup",
        "Properties": {
            "LaunchConfigurationName": {"Ref": "Worker"},
            "LoadBalancerNames": [{"Ref": "WorkerELB"}],
            "AvailabilityZones": {"Ref": "AZs"},
            "MinSize" : "1",
            "MaxSize" : "1",
            "HealthCheckGracePeriod": 300,
            "Tags" : [
                {"Key": "WorkersScalingGroup", "Value": {"Fn::Join": ["", ["Offering-", {"Ref": "Env"} "-Worker-1"]]}, "PropagateAtLaunch": true},
                {"Key": "EIP", "Value": {"Ref": "WorkerIP"}, "PropagateAtLaunch": true},
                {"Key": "Environment", "Value": {"Ref": "Env"}, "PropagateAtLaunch": true}
            ]
        }
    }

So, now is hard part. Now I tried to find in Userdata tags with text "worker". Because I have couple types of instances and each one comes with other couple packages.

It first time when I wrote something in bash. Here is worker-install-package.sh:

#read tag for the installed package
EC2_REGION='us-east-1'
AWS_ACCESS_KEY='xxxxx'
AWS_SECRET_ACCESS_KEY='xxxxxxxxxxxxxxxxxx'
InstanceID=`/usr/bin/curl -s http://169.254.169.254/latest/meta-data/instance-id`

PackageName=`/opt/aws/apitools/ec2/bin/ec2-describe-tags -O $AWS_ACCESS_KEY -W $AWS_SECRET_ACCESS_KEY --filter resource-id=$InstanceID --filter key='worker' | cut -f5`

while read line
  if [ "$PackageNmae" = "worker" ]; then
     sudo -- sh -c "./install-package.sh ${PackageName} ${Value}"
     /opt/aws/apitools/ec2/bin/ec2-create-tags $InstanceID -O $AWS_ACCESS_KEY -W $AWS_SECRET_ACCESS_KEY --tag "worker-${PackageName}"=$Value
  fi
done

I have two questions. First, if I'm doing that in right way. And second, is How I can take value of package name value(it some number of package version)?

Thanks!

1
linuxbashshellamazon-web-servicesaws-cli

1 Answers

1
votes

First of all, as a best practice don't include your AWS keys in your script. Instead attach a role to your instance at launch (this can be done in the launch configuration of your autoscaling group).

Secondly, what you do is one way to go, and it can definitely work. Another way (proper but slightly more complex) to achieve this would be to use a tool like puppet or AWS opsworks.

However, I don't really get what you are doing in your script, which seem overcomplicated for this purpose: why don't you include your package name in your userdata script? If this is only a matter of agility when it comes to change/update the script, you can outsource this script to an S3 bucket and have the instances download / execute it at creation time. This way you don't need to read from the tags.

That been said, and more as a comment, if you do want to remain reading tags, then I don't really understand you script. If you do need help on the script, please provide more details in that sense (e.g debug samples etc):

when you evaluate PackageName, does this work?

PackageName=`/opt/aws/apitools/ec2/bin/ec2-describe-tags -O $AWS_ACCESS_KEY -W $AWS_SECRET_ACCESS_KEY --filter resource-id=$InstanceID --filter key='worker' | cut -f5`

not sure why you filter with "key=worker", and not "WorkersScalingGroup"

Then you call the below if condition:

if [ "$PackageNmae" = "worker" ]; then

(I assume there is typo here, and should be PackageName) and right below you call:

"worker-${PackageName}"

which would give "worker-worker"?