Defined Type: doatools::environment

Defined in:
manifests/environment.pp

Overview

Parameters:

  • ensure (Any) (defaults to: present)
  • region (Any) (defaults to: 'us-east-1')
  • vpc (Any) (defaults to: $name)
  • network (Any) (defaults to: { cidr => '192.168.0.0/24', # The CIDR for the VPC availability => [ 'a', 'b', 'c'], # The availability zones to use routes => [ ], # Any non standard routes in format "{cidr}|{target type}|{target-name}" dns_hostnames => false, # Can be set to true, to enable DNS hostnames dns_resolution => true, # Can be set to false, to disable DNS resolution })
  • zones (Any) (defaults to: { # We can have up to 3 zones defined. Zones define the routing to the outside world. # Isolation between servers is handled by security groups and not zones. # Public zone subnets have public ip addresses and route traffic via the internet gateway 'public' => { # ipaddr_weighting => 1, # format => '%{vpc}%{az}pub', # This zone will then use these routes for this nat, instead of the routes in the network routes. # routes => [], # This grants extra routes to this zones routing table in addition to the network routes. # extra_routes => [ ], }, # NAT zone subnets only have private ip addresses, and route traffic via nat gateways. There will be one nat # gateway per IP address provided. nat subnets without their own nat gateway will be routed via another subnet # EC2 instances in a nat zone cannot be given a public IP address # 'nat' => { # ipaddr_weighting => 1, # format => '%{vpc}%{az}nat', # nat_ipaddr => [ ], # This zone will then use these routes for this nat, instead of the routes in the network routes. # routes => [], # This grants extra routes to this zones routing table in addition to the network routes. # extra_routes => [ ], #}, # Private zone subnets do not route traffic to the internet. However, it is possible to add routing to the internet # gateway and then attach an elastic IP address to a server to gain access for a temporary fix. #'private' => { # ipaddr_weighting => 1, # format => '%{vpc}%{az}pri', # This zone will then use these routes for this nat, instead of the routes in the network routes. # routes => [], # This grants extra routes to this zones routing table in addition to the network routes. # extra_routes => [ ], #}, })
  • server_roles (Any) (defaults to: { })
  • services (Any) (defaults to: { })
  • db_servers (Any) (defaults to: { })
  • s3 (Any) (defaults to: { })
  • tags (Any) (defaults to: { })
  • policies (Any) (defaults to: { })


17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
# File 'manifests/environment.pp', line 17

define doatools::environment (
  $ensure = present,
  $region = 'us-east-1',
  $vpc = $name,

  $network = {
    cidr => '192.168.0.0/24',              #  The CIDR for the VPC
    availability => [ 'a', 'b', 'c'],      #  The availability zones to use
    routes => [ ],                         #  Any non standard routes in format "{cidr}|{target type}|{target-name}"
    dns_hostnames => false,                #  Can be set to true, to enable DNS hostnames
    dns_resolution => true,                #  Can be set to false, to disable DNS resolution
  },

  $zones = {
    # We can have up to 3 zones defined. Zones define the routing to the outside world.
    # Isolation between servers is handled by security groups and not zones.

    # Public zone subnets have public ip addresses and route traffic via the internet gateway
    'public' => {
      # ipaddr_weighting => 1,
      # format => '%{vpc}%{az}pub',
      # This zone will then use these routes for this nat, instead of the routes in the network routes.
      # routes => [],
      # This grants extra routes to this zones routing table in addition to the network routes.
      # extra_routes => [ ],
    },
    # NAT zone subnets only have private ip addresses, and route traffic via nat gateways.  There will be one nat
    # gateway per IP address provided. nat subnets without their own nat gateway will be routed via another subnet
    # EC2 instances in a nat zone cannot be given a public IP address
    # 'nat' => {
    #  ipaddr_weighting => 1,
    #  format => '%{vpc}%{az}nat',
    #  nat_ipaddr => [ ],
    # This zone will then use these routes for this nat, instead of the routes in the network routes.
    # routes => [],
    # This grants extra routes to this zones routing table in addition to the network routes.
    # extra_routes => [ ],
    #},

    # Private zone subnets do not route traffic to the internet. However, it is possible to add routing to the internet
    # gateway and then attach an elastic IP address to a server to gain access for a temporary fix.
    #'private' => {
    #  ipaddr_weighting => 1,
    #  format => '%{vpc}%{az}pri',
    # This zone will then use these routes for this nat, instead of the routes in the network routes.
    # routes => [],
    # This grants extra routes to this zones routing table in addition to the network routes.
    # extra_routes => [ ],
    #},
  },

  $server_roles = {

  },

  $services = {

  },

  $db_servers = {

  },

  $s3 = {

  },

  $tags = {

  },

  $policies = {

  }




#  $region=lookup('environment::region', Data, 'first', 'us-east-1'),
#  $network=lookup('environment::network', Data, 'first', { }),
#  $roles=lookup('environment::roles', Data, 'first', {}),
#  $ensure=lookup('environment::ensure', Data, 'first', present)
)  {

  define_environment_resources(
    $name,
    $ensure,
    $region,
    $network,
    $zones,
    $server_roles,
    $services,
    $db_servers,
    $s3,
    $tags,
    $policies,
  ).each |$r| {
    $rt = $r['resource_type']
    $rts = $r['resources'].keys
    info("declaring resources: ${rt} ${rts}")
    debug($r['resources'])
    create_resources($r['resource_type'], $r['resources'], {})
  }
}