cloud-init (the Ubuntu package for handling early initialization of cloud instances) can be used to provide additional flexibility when configuring Stackato cluster nodes, and can simplify joining a cluster and assigning roles.
cloud-init can be configured at instance launch time via the --user-data or --user-data-file arguments to ec2-run-instances, or by pasting YAML directly into the EC2 or OpenStack Horizon interfaces.
For example, given a core node at IP 10.2.3.4, the following cloud-config would add a new DEA node to the cluster:
#cloud-config
stackato:
nats:
ip: 10.2.3.4
roles: ['dea']
extname: "paas.example.com"
To lock down and secure this new node, you could use standard cloud-config directives for adding any SSH keys, randomizing passwords, and/or disabling password based authentication entirely. An example that creates a data services node, enables passwordless sudo for the admin group, and disables password based authentication:
#cloud-config
stackato:
nats:
ip: 10.2.3.4
roles: ['data-services']
chpasswd:
list: |
stackato:RANDOM
root:RANDOM
ubuntu:RANDOM
expire: false
ssh_pwauth: false
bootcmd:
- - cloud-init-per
- once
- sudo_admin_group_nopasswd
- sed
- -ri
- s|^%admin .*|%admin ALL=\(ALL\) NOPASSWD:ALL|
- /etc/sudoers
On EC2, it is also possible to use a well-known trick to resolve the public DNS name for an elastic IP to a local IP (within EC2). To use the DNS name rather than a specific local IP, your configuration changes slightly:
#cloud-config
stackato:
nats:
elastic_dns: ec2-75-101-137-243.compute-1.amazonaws.com
This configuration will automatically obtain the local IP of whichever node is configured with the public IP 75.101.137.243 and use that when communicating over the message bus.
In addition to the Stackato node configuration tasks described above, cloud-init can be used for a variety of system setup tasks:
For more information on cloud-init, refer to the official CloudInit documentation.