Bootstrapping AWS

Exploring User Space


About Me

  • Developer at JumpCloud
  • Developing professionally for 2 years
  • Love all things Web-oriented

The Problem

Configuration management tools often require servers to be configured prior to actually working

Some Solutions

  • Manual: SSH in to the machine each time
  • Heavy: Maintain your own AMIs/Snapshots

Enter the User Space

  • Amazon's implementation of Cloud-Init
  • aws ec2 run-instances --user-data file://script

User Space

  • Only runs on the first launch of an instance
  • Must start with #!
  • Runs as root
  • Does not run interactively
  • Output is by default logged to:

Cloud Directives

  • Define certain things in a human readable form
  • Begins with #cloud-config
  • YAML syntax

Cloud Directives

  • Add Users and Groups
  • Write out files
  • Add Repos and Packages
  • Configure Trusted Certs
  • Configure DNS
  • Install and run Chef/Puppet
  • Adjust Mount Points
  • Call a URL when finished

Setup Puppet

	server: ""
	# instanceid.fqdn
	certname: "%i.%f"
      ca_cert: |

Setting up a yum repo

        enabled: false
        failovermethod: priority
        gpgcheck: true
        gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL
        name: Extra Packages for Enterprise Linux 5 - Testing

Limitations of User Space

  • Not all directives listed in the Cloud-Init Docs work on all flavors of Linux
  • User-Data is limited to 16KB
  • Security

    No way to change instance user-data after initialization. Anyone with access to can read it.



    [email protected]