- Overview
- Usage - Configuration options and additional functionality
- Limitations - OS compatibility, etc.
This module provides allows to manage EBS volumes (attach, format, mount). Volumes should be created outside of puppet, for example, using CloudFormation. The module performs a lookup searching for a volume in question by a 'name' tag's value.
All the interactions with AWS API are performed with aws commandline utilities.
Be sure to create a volume beforehand. E.g., here is a snippet for CloudFormation:
"JenkinsMasterStorageVolume": {
"Type": "AWS::EC2::Volume",
"Properties": {
"Encrypted": true,
"AvailabilityZone": "eu-west-1a",
"Size": 100,
"Tags": [
{
"Key": "name",
"Value": "jenkins"
}
]
}
},
Or awscli:
aws ec2 create-volume --availability-zone $${AWS_DEFAULT_REGION}a \
--size 1 --encrypted --volume-type standard \
--query '{id:VolumeId}' \
| grep '"id"' | awk '{print $$2}' \
| tr -d '"' | perl -pe chomp > .volume_id
aws ec2 create-tags --resources `cat .volume_id` \
--tags Key=name,Value=jenkins
And then in your puppet code you can create resources like this:
ebs::volume { 'jenkins': # so we look for an EBS volume that has name:jenkins tag set
device => '/dev/sdz', # it is safer to begin with sdz and go backwards alphabetically
device_attached => '/dev/xvdad' # hard to guess -- see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/device_naming.html
format => 'ext4', # ext3 by default
format_options => '-L jenkins', # this will be passed to mkfs.ext3 AS IS, string format
mount_dir => '/mnt/jenkins', # /mnt by default
mount_options => 'nodev, noatime' # single string, fstab format, 'noatime' by default
}
mount_dir
directory will be created if it doesn't exist (so manage it
outside of this module to ensure custom owner/group/mode parameters).
Also, please be very careful with format
option: if a volume was already formatted with,
say, 'ext4' and you set this parameter to something else ( ext3 ) -- a volume will
be reformatted and you will lose your data.
This module was tested on CentOS 6.x and Ubuntu so far. For the AWS API authorization to work, you have to assign a proper IAM role to an ec2 instance you're running this code on. Example policy (tune Resource parameter to your liking):
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1444046341000",
"Effect": "Allow",
"Action": [
"ec2:DescribeVolumes",
"ec2:AttachVolume"
],
"Resource": [
"*"
]
}
]
}