├── .travis.yml ├── Berksfile ├── .gitignore ├── .rubocop.yml ├── Gemfile ├── Thorfile ├── test ├── shared │ └── spec_helper.rb └── integration │ └── default │ └── serverspec │ └── ice_spec.rb ├── LICENSE ├── templates └── default │ ├── nginx_ice_site.erb │ └── ice.properties.erb ├── metadata.rb ├── Rakefile ├── TESTING.md ├── recipes ├── nginx.rb └── default.rb ├── chefignore ├── ISSUES.md ├── CHANGELOG.md ├── .kitchen.yml ├── Vagrantfile ├── .kitchen.example.yml ├── CONTRIBUTING.md ├── README.md ├── metadata.json └── attributes └── default.rb /.travis.yml: -------------------------------------------------------------------------------- 1 | language: ruby 2 | cache: bundler 3 | rvm: 4 | - 2.2.0 5 | branches: 6 | only: 7 | - master 8 | -------------------------------------------------------------------------------- /Berksfile: -------------------------------------------------------------------------------- 1 | source 'https://supermarket.chef.io' 2 | 3 | metadata 4 | 5 | cookbook 'nginx', '~> 2.7.4' 6 | cookbook 'minitest-handler' 7 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | .vagrant 2 | Berksfile.lock 3 | *~ 4 | *# 5 | .#* 6 | \#*# 7 | .*.sw[a-z] 8 | *.un~ 9 | /cookbooks 10 | 11 | # Bundler 12 | Gemfile.lock 13 | bin/* 14 | .bundle/* 15 | 16 | .kitchen/ 17 | .kitchen.local.yml 18 | -------------------------------------------------------------------------------- /.rubocop.yml: -------------------------------------------------------------------------------- 1 | AllCops: 2 | Exclude: 3 | - vendor/** 4 | 5 | ClassLength: 6 | Enabled: false 7 | Documentation: 8 | Enabled: false 9 | Encoding: 10 | Enabled: false 11 | LineLength: 12 | Enabled: false 13 | MethodLength: 14 | Enabled: false 15 | NumericLiterals: 16 | Enabled: false 17 | -------------------------------------------------------------------------------- /Gemfile: -------------------------------------------------------------------------------- 1 | source 'https://rubygems.org' 2 | 3 | gem 'berkshelf' 4 | gem 'chef' 5 | gem 'knife-ec2' 6 | 7 | group :integration do 8 | gem 'test-kitchen' 9 | gem 'kitchen-vagrant' 10 | gem 'kitchen-ec2' 11 | gem 'foodcritic' 12 | end 13 | 14 | group :testing do 15 | gem 'rubocop' 16 | end 17 | -------------------------------------------------------------------------------- /Thorfile: -------------------------------------------------------------------------------- 1 | # encoding: utf-8 2 | 3 | require 'bundler' 4 | require 'bundler/setup' 5 | require 'berkshelf/thor' 6 | 7 | begin 8 | require 'kitchen/thor_tasks' 9 | Kitchen::ThorTasks.new 10 | rescue LoadError 11 | puts '>>>>> Kitchen gem not loaded, omitting tasks' unless ENV['CI'] 12 | end 13 | -------------------------------------------------------------------------------- /test/shared/spec_helper.rb: -------------------------------------------------------------------------------- 1 | require 'serverspec' 2 | 3 | # Required by serverspec 4 | set :backend, :exec 5 | 6 | Dir[File.expand_path('../support/**/*.rb', __FILE__)].each { |file| require_relative(file) } 7 | 8 | RSpec.configure do |config| 9 | config.before(:all) do 10 | config.path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin' 11 | end 12 | end 13 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Copyright 2015 Medidata Solutions Worldwide 2 | 3 | Licensed under the Apache License, Version 2.0 (the "License"); 4 | you may not use this file except in compliance with the License. 5 | You may obtain a copy of the License at 6 | 7 | http://www.apache.org/licenses/LICENSE-2.0 8 | 9 | Unless required by applicable law or agreed to in writing, software 10 | distributed under the License is distributed on an "AS IS" BASIS, 11 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | See the License for the specific language governing permissions and 13 | limitations under the License. 14 | -------------------------------------------------------------------------------- /templates/default/nginx_ice_site.erb: -------------------------------------------------------------------------------- 1 | server { 2 | listen <%= node['ice']['nginx_port'] %><%= node['ice']['nginx_default_server'] == true ? " default_server" : '' %>; 3 | 4 | root <%= "#{node['tomcat']['webapp_dir']}/current" %>; 5 | 6 | server_name <%= node['ice']['public_hostname'] %> ice.* ; 7 | 8 | location / { 9 | proxy_set_header X-Forwarded-Host $host; 10 | proxy_set_header X-Forwarded-Server $host; 11 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 12 | 13 | proxy_pass http://127.0.0.1:8080/current/; 14 | } 15 | 16 | location ~ /current/ { 17 | rewrite ^/current/(.*)$ /$1 redirect; 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /metadata.rb: -------------------------------------------------------------------------------- 1 | # rubocop:disable Style/SingleSpaceBeforeFirstArg 2 | name 'ice' 3 | maintainer 'Medidata Solutions' 4 | maintainer_email 'cookbooks@mdsol.com' 5 | license 'Apache 2.0' 6 | description 'Installs/Configures ice' 7 | long_description IO.read(File.join(File.dirname(__FILE__), 'README.md')) 8 | version '0.2.14' 9 | # rubocop:enable Style/SingleSpaceBeforeFirstArg 10 | 11 | %w( ubuntu centos ).each do |os| 12 | supports os 13 | end 14 | 15 | # Cookbook dependencies 16 | %w( java apt nginx openssl logrotate chef-sugar ).each do |cb| 17 | depends cb 18 | end 19 | 20 | depends 'artifact', '>= 1.9.0' 21 | depends 'tomcat', '>= 0.14.0' 22 | -------------------------------------------------------------------------------- /Rakefile: -------------------------------------------------------------------------------- 1 | require 'rubocop/rake_task' 2 | require 'foodcritic' 3 | 4 | desc 'RuboCop compliancy checks' 5 | RuboCop::RakeTask.new(:rubocop) 6 | 7 | FoodCritic::Rake::LintTask.new do |t| 8 | t.options = { 9 | tags: %w( 10 | ~solo 11 | ~FC019 12 | ), 13 | fail_tags: ['any'] 14 | } 15 | end 16 | 17 | desc 'Install berkshelf cookbooks locally' 18 | task :berkshelf do 19 | require 'berkshelf' 20 | require 'berkshelf/berksfile' 21 | current_dir = File.expand_path('../', __FILE__) 22 | berksfile_path = File.join(current_dir, 'Berksfile') 23 | cookbooks_path = File.join(current_dir, 'vendor') 24 | FileUtils.rm_rf(cookbooks_path) 25 | berksfile = Berkshelf::Berksfile.from_file(berksfile_path) 26 | berksfile.vendor(cookbooks_path) 27 | end 28 | 29 | task default: [:foodcritic, :rubocop] 30 | -------------------------------------------------------------------------------- /TESTING.md: -------------------------------------------------------------------------------- 1 | This cookbook includes support for running tests via Test Kitchen (1.0). This has some requirements. 2 | 3 | 1. You must be using the Git repository. 4 | 2. You must have Vagrant 1.1 installed. 5 | 3. You must have a "sane" Ruby 1.9.3 environment. 6 | 7 | Once the above requirements are met, install the additional requirements: 8 | 9 | Install the berkshelf plugin for vagrant, and berkshelf to your local Ruby environment. 10 | 11 | vagrant plugin install vagrant-berkshelf 12 | gem install berkshelf 13 | 14 | Install Test Kitchen 1.0 (unreleased yet, use the alpha / prerelease version). 15 | 16 | gem install test-kitchen --pre 17 | 18 | Install the Vagrant driver for Test Kitchen. 19 | 20 | gem install kitchen-vagrant 21 | 22 | Once the above are installed, you should be able to run Test Kitchen: 23 | 24 | kitchen list 25 | kitchen test 26 | -------------------------------------------------------------------------------- /recipes/nginx.rb: -------------------------------------------------------------------------------- 1 | # 2 | # Cookbook Name:: ice 3 | # Recipe:: nginx 4 | # 5 | 6 | node.override['nginx']['default_site_enabled'] = false 7 | 8 | include_recipe 'nginx::default' 9 | 10 | # Configure nginx site reverse proxy 11 | if node['ice']['public_hostname'].nil? 12 | if node.attribute?('ec2') 13 | node.override['ice']['public_hostname'] = node['ec2']['public_hostname'] 14 | elsif node.attribute?('cloud') 15 | node.override['ice']['public_hostname'] = node['cloud']['public_hostname'] 16 | else 17 | node.override['ice']['public_hostname'] = node['fqdn'] 18 | end 19 | 20 | if node['ice']['nginx_port'] != 80 21 | node.override['ice']['public_hostname'] += ":#{node['ice']['nginx_port']}" 22 | end 23 | end 24 | 25 | # Disable default site first 26 | nginx_site 'default' do 27 | enable false 28 | only_if node['ice']['nginx_disable_default_site'] 29 | end 30 | 31 | # Generate nginx ice site 32 | template "#{node['nginx']['dir']}/sites-available/ice" do 33 | cookbook node['ice']['nginx_config_cookbook'] 34 | source node['ice']['nginx_config'] 35 | mode 0644 36 | owner node['nginx']['user'] 37 | group node['nginx']['group'] 38 | end 39 | 40 | # Enable ice site 41 | nginx_site 'ice' 42 | -------------------------------------------------------------------------------- /chefignore: -------------------------------------------------------------------------------- 1 | # Put files/directories that should be ignored in this file when uploading 2 | # or sharing to the community site. 3 | # Lines that start with '# ' are comments. 4 | 5 | # OS generated files # 6 | ###################### 7 | .DS_Store 8 | Icon? 9 | nohup.out 10 | ehthumbs.db 11 | Thumbs.db 12 | 13 | # SASS # 14 | ######## 15 | .sass-cache 16 | 17 | # EDITORS # 18 | ########### 19 | \#* 20 | .#* 21 | *~ 22 | *.sw[a-z] 23 | *.bak 24 | REVISION 25 | TAGS* 26 | tmtags 27 | *_flymake.* 28 | *_flymake 29 | *.tmproj 30 | .project 31 | .settings 32 | mkmf.log 33 | 34 | ## COMPILED ## 35 | ############## 36 | a.out 37 | *.o 38 | *.pyc 39 | *.so 40 | *.com 41 | *.class 42 | *.dll 43 | *.exe 44 | */rdoc/ 45 | 46 | # Testing # 47 | ########### 48 | .watchr 49 | .rspec 50 | spec/* 51 | spec/fixtures/* 52 | test/* 53 | features/* 54 | Guardfile 55 | Procfile 56 | 57 | # SCM # 58 | ####### 59 | .git 60 | */.git 61 | .gitignore 62 | .gitmodules 63 | .gitconfig 64 | .gitattributes 65 | .svn 66 | */.bzr/* 67 | */.hg/* 68 | */.svn/* 69 | 70 | # Berkshelf # 71 | ############# 72 | Berksfile 73 | Berksfile.lock 74 | cookbooks/* 75 | tmp 76 | 77 | # Cookbooks # 78 | ############# 79 | CONTRIBUTING 80 | CHANGELOG* 81 | 82 | # Strainer # 83 | ############ 84 | Colanderfile 85 | Strainerfile 86 | .colander 87 | .strainer 88 | 89 | # Vagrant # 90 | ########### 91 | .vagrant 92 | Vagrantfile 93 | 94 | # Travis # 95 | ########## 96 | .travis.yml 97 | -------------------------------------------------------------------------------- /ISSUES.md: -------------------------------------------------------------------------------- 1 | Ice Cookbook Issues 2 | ============================ 3 | This file documents the steps necessary to report any issue with the ice 4 | cookbook. Following these guidelines will help ensure your issue is resolved in a 5 | timely manner. 6 | 7 | Reporting 8 | --------- 9 | When you report an issue, please include the following information: 10 | 11 | - A high-level overview of what you are trying to accomplish 12 | - An [SSCCE](http://sscce.org/) 13 | - The command you ran 14 | - What you expected to happen 15 | - What actually happened 16 | - The exception backtrace(s), if any 17 | - What operating system and version 18 | - Everything output by running `env` 19 | - What version of the cookbook are you using? 20 | - What version of Ruby you are using (run `ruby -v`) 21 | - What version of Rubygems you are using (run `gem -v`) 22 | - What version of Chef you are using (run `knife -v`) 23 | 24 | Here's a snippet you can copy-paste into the issue and fill out: 25 | 26 | ```text 27 | (What is the issue? What are you trying to do? What happened?) 28 | 29 | - Command: `...` 30 | - OS: 31 | - Cookbook Version: 32 | - Ruby Version: 33 | - Rubygems Version: 34 | - Chef Version: 35 | - env: 36 | ```text 37 | # Paste your env here 38 | ``` 39 | - Backtrace: 40 | ```text 41 | # Paste backtrace here 42 | ``` 43 | ``` 44 | 45 | [Create a ticket](https://github.com/mdsol/ice_cookbook/issues/new) describing your problem and include the information above. 46 | -------------------------------------------------------------------------------- /CHANGELOG.md: -------------------------------------------------------------------------------- 1 | ## v0.2.14 2 | 3 | ### Improvement 4 | 5 | - Updated documentation. [@rayrod2030] 6 | 7 | ## v0.2.13: 8 | 9 | ### Bug Fix 10 | 11 | - Fixed bug just having custom port number broke links on the site. [@akshah123] 12 | 13 | ## v0.2.12: 14 | 15 | ### Feature 16 | 17 | - Added attribute and logic for processing and displaying custom resource tags. [@rayrod2030] 18 | 19 | ## v0.2.11: 20 | 21 | ### Improvement 22 | 23 | - Added attribute for configuring the nginx port. [@akshah123] 24 | 25 | - Upgraded the artifact cookbook to 1.9.0 to avoid issues with librarian. 26 | 27 | ## v0.2.10: 28 | 29 | ### Improvement 30 | 31 | - Nginx site template configuration can now be completely customized by setting the 32 | nginx_config and nginx_config_cookbook attributes to point to a custom cookbook and 33 | configuration template. [@rampire] 34 | 35 | - Added the Ice IAM role attribute which is added to the system properties if an IAM 36 | role is used for authentication. If aws keys and secrets are used instead teh IAM 37 | role defaults to 'ice' and is ignored by Ice. 38 | 39 | - Updated README. 40 | 41 | ## v0.2.9: 42 | 43 | ### Improvement 44 | 45 | - Upgraded the ice war version we default to from the default attributes file to 0.0.3. This 46 | build should include all updates to ice master on https://www.github.com/netflix/ice as of 47 | July 11, 2013 and commit: netflix/ice@9c11c8b 48 | 49 | ## v0.2.8: 50 | 51 | ### Improvement 52 | 53 | - Add Apache V2 license to cookbook 54 | 55 | [@akshah123]: https://github.com/akshah123 56 | [@rampire]: https://github.com/rampire 57 | -------------------------------------------------------------------------------- /test/integration/default/serverspec/ice_spec.rb: -------------------------------------------------------------------------------- 1 | require_relative '../../../kitchen/data/spec_helper' 2 | 3 | suffix = node['tomcat']['base_version'].to_i < 7 ? node['tomcat']['base_version'] : '' 4 | 5 | describe 'should be running tomcat6 on port 8080' do 6 | describe service("tomcat#{suffix}") do 7 | it { should be_enabled } 8 | it { should be_running } 9 | end 10 | 11 | describe port(8080) do 12 | it { should be_listening } 13 | end 14 | end 15 | 16 | describe 'should be running nginx on port 80' do 17 | describe service('nginx') do 18 | it { should be_enabled } 19 | it { should be_running } 20 | end 21 | 22 | describe port(80) do 23 | it { should be_listening } 24 | end 25 | end 26 | 27 | describe 'should be configured to run a processer' do 28 | describe file("/var/lib/tomcat#{suffix}/webapps/releases/0.0.4/WEB-INF/classes/ice.properties") do 29 | its(:content) { should match(/ice\.processor=true/) } 30 | end 31 | end 32 | 33 | describe 'should be configured to run a reader' do 34 | describe file("/var/lib/tomcat#{suffix}/webapps/releases/0.0.4/WEB-INF/classes/ice.properties") do 35 | its(:content) { should match(/ice\.reader=true/) } 36 | end 37 | end 38 | 39 | describe 'should be configured to pull billing files from 90 days back' do 40 | describe file("/var/lib/tomcat#{suffix}/webapps/releases/0.0.4/WEB-INF/classes/ice.properties") do 41 | processing_start_millis = (Date.today - 90).strftime('%Q')[0..-6] # drop last 6 digits 42 | its(:content) { should match(/ice\.startmillis=#{processing_start_millis}\d+{5,5}/) } 43 | end 44 | end 45 | -------------------------------------------------------------------------------- /templates/default/ice.properties.erb: -------------------------------------------------------------------------------- 1 | # 2 | ## Ice Configuration File 3 | # 4 | ## Dynamically generated by Chef on <%= node['fqdn'] %> 5 | ## 6 | ## Local modifications will be overwritten by Chef. 7 | ## 8 | 9 | ice.processor=<%= node['ice']['processor']['enabled'] ? 'true' : 'false' %> 10 | ice.processor.localDir=<%= node['ice']['processor']['local_dir'] %> 11 | 12 | ice.billing_s3bucketname=<%= node['ice']['billing_s3_bucket_name'] %> 13 | ice.billing_s3bucketprefix=<%= node['ice']['billing_s3_bucket_prefix'] %> 14 | 15 | <% if node['ice']['billing_payerAccountId'] %> 16 | ice.billing_payerAccountId=<%= node['ice']['billing_payerAccountId'] %> 17 | ice.billing_accessRoleName=<%= node['ice']['billing_accessRoleName'] %> 18 | ice.billing_accessExternalId=<%= node['ice']['billing_accessExternalId'] %> 19 | <% end %> 20 | 21 | ice.reader=<%= node['ice']['reader']['enabled'] ? 'true' : 'false' %> 22 | ice.reader.localDir=<%= node['ice']['reader']['local_dir'] %> 23 | 24 | ice.work_s3bucketname=<%= node['ice']['work_s3_bucket_name'] %> 25 | ice.work_s3bucketprefix=<%= node['ice']['work_s3_bucket_prefix'] %> 26 | 27 | ice.startmillis=<%= node['ice']['start_millis'] %> 28 | 29 | <% node['ice']['accounts'].each do |account| %> 30 | ice.account.<%= account[0] %>=<%= account[1] %> 31 | <% end %> 32 | 33 | <% if node['ice']['owner_account'] && !node['ice']['linked_accounts'].nil? && node['ice']['linked_accounts'].any? %> 34 | ice.owneraccount.<%= node['ice']['owner_account'] %>=<%= node['ice']['linked_accounts'].join(',') %> 35 | <% end %> 36 | 37 | <% 38 | {"reservation_capacity_poller_roles" => "role", "reservation_capacity_poller_external_ids" => "externalId"}.each do |k,v| 39 | if node['ice']['owner_account'] && !node['ice'][k].nil? && node['ice'][k].any? 40 | node['ice'][k].each do |a,b| 41 | %> 42 | ice.owneraccount.<%= a %>.<%= v %>=<%= b %> 43 | <% 44 | end 45 | end 46 | end 47 | %> 48 | 49 | ice.reservationCapacityPoller=<%= node['ice']['reservation_capacity_poller'] %> 50 | ice.reservationPeriod=<%= node['ice']['reservation_period'] %> 51 | ice.reservationUtilization=<%= node['ice']['reservation_utilization'] %> 52 | 53 | ice.companyName=<%= node['ice']['company_name'] %> 54 | 55 | <% if !node['ice']['custom_resource_tags'].nil? && node['ice']['custom_resource_tags'].count > 0 %> 56 | ice.customTags=<%= node['ice']['custom_resource_tags'].join(',') %> 57 | <% end %> 58 | 59 | <% ['currencySign','currencyRate','highstockUrl','monthlycachesize','cost_per_monitormetric_per_hour','urlPrefix','fromEmail','ondemandCostAlertThreshold','ondemandCostAlertEmails','resourceGroupCost','weeklyCostEmails','weeklyCostEmails_fromEmail','weeklyCostEmails_bccEmail','weeklyCostEmails_numWeeks'].each do |prop| 60 | if !node['ice'][prop].nil? %> 61 | ice.<%= prop %>=<%= node['ice'][prop] %> 62 | <% 63 | end 64 | end 65 | %> 66 | -------------------------------------------------------------------------------- /.kitchen.yml: -------------------------------------------------------------------------------- 1 | <% 2 | # To keep the YAML as simple as possible, some values are computed here 3 | AWS_ACCESS_KEY_ID = ENV['ICE_AWS_ACCESS_KEY_ID'] || 'ice_billing_aws_access_key_id' 4 | AWS_ACCESS_KEY_SECRET = ENV['ICE_AWS_ACCESS_KEY_SECRET'] || 'ice_billing_aws_secret_key' 5 | %> 6 | --- 7 | driver: 8 | name: vagrant 9 | customize: 10 | cpus: 2 11 | memory: 2048 12 | 13 | provisioner: 14 | name: chef_zero 15 | require_chef_omnibus: latest 16 | data_path: test/shared 17 | data_bags_path: test/integration/default/data_bags 18 | 19 | platforms: 20 | - name: ubuntu-14.04 21 | - name: ubuntu-12.04 22 | - name: centos-7.1 23 | - name: centos-6.6 24 | 25 | suites: 26 | - name: tomcat6 27 | run_list: 28 | - recipe[minitest-handler] 29 | - recipe[ice] 30 | attributes: 31 | tomcat: 32 | base_version: 6 33 | keytool: /usr/lib/jvm/default-java/bin/keytool 34 | ice: 35 | version: 0.0.4 36 | war_url: https://s3.amazonaws.com/dl.imedidata.net/ice 37 | skip_manifest_check: true 38 | checksum: eb9e7503585553bdebf9d93016bcbe7dc033c21e2b1b2f0df0978ca2968df047 39 | company_name: Your Company 40 | billing_aws_access_key_id: <%= AWS_ACCESS_KEY_ID %> 41 | billing_aws_secret_key: <%= AWS_ACCESS_KEY_SECRET %> 42 | billing_s3_bucket_name: kitchen-tests 43 | work_s3_bucket_name: kitchen-tests 44 | billing_s3_bucket_prefix: ice-cookbook-tests-billing-<%= ENV['USER'] %>/ 45 | work_s3_bucket_prefix: ice-cookbook-tests-work-<%= ENV['USER'] %>/ 46 | includes: 47 | - ubuntu-12.04 48 | - ubuntu-14.04 49 | - name: tomcat6-rhel 50 | run_list: 51 | - recipe[minitest-handler] 52 | - recipe[ice] 53 | attributes: 54 | tomcat: 55 | base_version: 6 56 | keytool: /usr/lib/jvm/java-1.6.0/bin/keytool 57 | ice: 58 | version: 0.0.4 59 | war_url: https://s3.amazonaws.com/dl.imedidata.net/ice 60 | skip_manifest_check: true 61 | checksum: eb9e7503585553bdebf9d93016bcbe7dc033c21e2b1b2f0df0978ca2968df047 62 | company_name: Your Company 63 | billing_aws_access_key_id: <%= AWS_ACCESS_KEY_ID %> 64 | billing_aws_secret_key: <%= AWS_ACCESS_KEY_SECRET %> 65 | billing_s3_bucket_name: kitchen-tests 66 | work_s3_bucket_name: kitchen-tests 67 | billing_s3_bucket_prefix: ice-cookbook-tests-billing-<%= ENV['USER'] %>/ 68 | work_s3_bucket_prefix: ice-cookbook-tests-work-<%= ENV['USER'] %>/ 69 | includes: 70 | - centos-6.6 71 | - name: tomcat7-rhel 72 | run_list: 73 | - recipe[minitest-handler] 74 | - recipe[ice] 75 | attributes: 76 | tomcat: 77 | base_version: 7 78 | keytool: /usr/lib/jvm/java-1.6.0/bin/keytool 79 | ice: 80 | version: 0.0.4 81 | war_url: https://s3.amazonaws.com/dl.imedidata.net/ice 82 | skip_manifest_check: true 83 | checksum: eb9e7503585553bdebf9d93016bcbe7dc033c21e2b1b2f0df0978ca2968df047 84 | company_name: Your Company 85 | billing_aws_access_key_id: <%= AWS_ACCESS_KEY_ID %> 86 | billing_aws_secret_key: <%= AWS_ACCESS_KEY_SECRET %> 87 | billing_s3_bucket_name: kitchen-tests 88 | work_s3_bucket_name: kitchen-tests 89 | billing_s3_bucket_prefix: ice-cookbook-tests-billing-<%= ENV['USER'] %>/ 90 | work_s3_bucket_prefix: ice-cookbook-tests-work-<%= ENV['USER'] %>/ 91 | includes: 92 | - centos-7.1 93 | -------------------------------------------------------------------------------- /Vagrantfile: -------------------------------------------------------------------------------- 1 | # -*- mode: ruby -*- 2 | # vi: set ft=ruby : 3 | 4 | Vagrant.configure('2') do |config| 5 | # All Vagrant configuration is done here. The most common configuration 6 | # options are documented and commented below. For a complete reference, 7 | # please see the online documentation at vagrantup.com. 8 | 9 | config.vm.hostname = 'netflix-ice-berkshelf' 10 | 11 | # Every Vagrant virtual environment requires a box to build off of. 12 | config.vm.box = 'Berkshelf-CentOS-6.3-x86_64-minimal' 13 | # config.vm.box = 'opscode-ubuntu-12.04' 14 | 15 | # The url from where the 'config.vm.box' box will be fetched if it 16 | # doesn't already exist on the user's system. 17 | config.vm.box_url = 'https://dl.dropbox.com/u/31081437/Berkshelf-CentOS-6.3-x86_64-minimal.box' 18 | # config.vm.box_url = "https://opscode-vm.s3.amazonaws.com/vagrant/opscode_ubuntu-12.04_chef-11.2.0.box" 19 | 20 | # Assign this VM to a host-only network IP, allowing you to access it 21 | # via the IP. Host-only networks can talk to the host machine as well as 22 | # any other machines on the same network, but cannot be accessed (through this 23 | # network interface) by any external networks. 24 | config.vm.network :private_network, ip: '33.33.33.10' 25 | 26 | # Create a public network, which generally matched to bridged network. 27 | # Bridged networks make the machine appear as another physical device on 28 | # your network. 29 | 30 | # config.vm.network :public_network 31 | 32 | # Create a forwarded port mapping which allows access to a specific port 33 | # within the machine from a port on the host machine. In the example below, 34 | # accessing "localhost:8080" will access port 80 on the guest machine. 35 | 36 | # Share an additional folder to the guest VM. The first argument is 37 | # the path on the host to the actual folder. The second argument is 38 | # the path on the guest to mount the folder. And the optional third 39 | # argument is a set of non-required options. 40 | # config.vm.synced_folder "../data", "/vagrant_data" 41 | 42 | # Provider-specific configuration so you can fine-tune various 43 | # backing providers for Vagrant. These expose provider-specific options. 44 | # Example for VirtualBox: 45 | # 46 | # config.vm.provider :virtualbox do |vb| 47 | # # Don't boot with headless mode 48 | # vb.gui = true 49 | # 50 | # # Use VBoxManage to customize the VM. For example to change memory: 51 | # vb.customize ["modifyvm", :id, "--memory", "1024"] 52 | # end 53 | # 54 | # View the documentation for the provider you're using for more 55 | # information on available options. 56 | 57 | config.ssh.max_tries = 40 58 | config.ssh.timeout = 120 59 | 60 | # The path to the Berksfile to use with Vagrant Berkshelf 61 | # config.berkshelf.berksfile_path = "./Berksfile" 62 | 63 | # Enabling the Berkshelf plugin. To enable this globally, add this configuration 64 | # option to your ~/.vagrant.d/Vagrantfile file 65 | config.berkshelf.enabled = true 66 | 67 | # An array of symbols representing groups of cookbook described in the Vagrantfile 68 | # to exclusively install and copy to Vagrant's shelf. 69 | # config.berkshelf.only = [] 70 | 71 | # An array of symbols representing groups of cookbook described in the Vagrantfile 72 | # to skip installing and copying to Vagrant's shelf. 73 | # config.berkshelf.except = [] 74 | 75 | config.vm.provision :chef_solo do |chef| 76 | chef.json = {} 77 | 78 | chef.run_list = [ 79 | 'recipe[ice::default]' 80 | ] 81 | end 82 | end 83 | -------------------------------------------------------------------------------- /.kitchen.example.yml: -------------------------------------------------------------------------------- 1 | <% # This file contains ERB-interpreted YAML directives for testkitchen. 2 | # Secrets are read from the local execution ENV into this file, and 3 | # passed to the Chef tests via node attributes applied to the test suites. 4 | 5 | # To keep the YAML as simple as possible, some values are computed here 6 | # Set your primary AWS credentials for accessing your detailed billing files from S3 7 | ICE_AWS_ACCESS_KEY_ID = ENV['ICE_AWS_ACCESS_KEY_ID'] 8 | ICE_AWS_ACCESS_KEY_SECRET = ENV['ICE_AWS_ACCESS_KEY_SECRET'] 9 | 10 | # I set account name=>id mappings in my environment variables as well. 11 | # These variables are used for when you have multiple accounts and want 12 | # to query them with friendly names in ice. 13 | ICE_ACCOUNT1_NAME = ENV['ICE_ACCOUNT1_NAME'] 14 | ICE_ACCOUNT1_NUMBER = ENV['ICE_ACCOUNT1_NUMBER'] 15 | 16 | ICE_ACCOUNT2_NAME = ENV['ICE_ACCOUNT2_NAME'] 17 | ICE_ACCOUNT2_NUMBER = ENV['ICE_ACCOUNT2_NUMBER'] 18 | 19 | %> 20 | --- 21 | driver_plugin: vagrant 22 | driver_config: 23 | require_chef_omnibus: true 24 | 25 | platforms: 26 | - name: ubuntu-12.04 27 | driver_config: 28 | box: opscode-ubuntu-12.04 29 | box_url: https://opscode-vm.s3.amazonaws.com/vagrant/opscode_ubuntu-12.04_provisionerless.box 30 | customize: 31 | memory: 1024 32 | attributes: 33 | ice: 34 | version: 0.0.2 35 | war_url: https://s3.amazonaws.com/ice-app 36 | skip_manifest_check: true 37 | checksum: c5f0c31d8493783814c017a2af575e8d8fa1855359008b868621823381d61d6a 38 | company_name: Your Company 39 | billing_aws_access_key_id: <%= ICE_AWS_ACCESS_KEY_ID %> 40 | billing_aws_secret_key: <%= ICE_AWS_ACCESS_KEY_SECRET %> 41 | billing_s3_bucket_name: billing_bucket_name 42 | billing_s3_bucket_prefix: billing_bucket_prefix_if_any/ 43 | work_s3_bucket_name: work_bucket_name 44 | work_s3_bucket_prefix: work_bucket_prefix_if_any/ 45 | start_millis: 1367380800000 46 | # The following settings are only required for dealing with multiple AWS accounts 47 | accounts: { <%= ICE_ACCOUNT1_NAME %>: <%= ICE_ACCOUNT1_NUMBER %>, 48 | <%= ICE_ACCOUNT2_NAME %>: <%= ICE_ACCOUNT2_NUMBER %>, 49 | <%= ICE_ACCOUNT3_NAME %>: <%= ICE_ACCOUNT3_NUMBER %> 50 | } 51 | owner_account: account1 52 | linked_accounts: [ account2,account3 ] 53 | 54 | - name: centos-6.4 55 | driver_config: 56 | box: opscode-centos-6.4 57 | box_url: https://opscode-vm.s3.amazonaws.com/vagrant/opscode_centos-6.4_provisionerless.box 58 | customize: 59 | memory: 1024 60 | attributes: 61 | ice: 62 | version: 0.0.2 63 | war_url: https://s3.amazonaws.com/ice-app 64 | skip_manifest_check: true 65 | checksum: c5f0c31d8493783814c017a2af575e8d8fa1855359008b868621823381d61d6a 66 | company_name: Your Company 67 | billing_aws_access_key_id: <%= ICE_AWS_ACCESS_KEY_ID %> 68 | billing_aws_secret_key: <%= ICE_AWS_ACCESS_KEY_SECRET %> 69 | billing_s3_bucket_name: billing_bucket_name 70 | billing_s3_bucket_prefix: billing_bucket_prefix_if_any/ 71 | work_s3_bucket_name: work_bucket_name 72 | work_s3_bucket_prefix: work_bucket_prefix_if_any/ 73 | start_millis: 1367380800000 74 | # The following settings are only required for dealing with multiple AWS accounts 75 | accounts: { <%= ICE_ACCOUNT1_NAME %>: <%= ICE_ACCOUNT1_NUMBER %>, 76 | <%= ICE_ACCOUNT2_NAME %>: <%= ICE_ACCOUNT2_NUMBER %>, 77 | <%= ICE_ACCOUNT3_NAME %>: <%= ICE_ACCOUNT3_NUMBER %> 78 | } 79 | owner_account: account1 80 | linked_accounts: [ account2,account3 ] 81 | -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | Contributing to the Ice Cookbook 2 | ==================================== 3 | The Ice cookbook uses GitHub to triage, manage, and track issues and pull 4 | requests to the cookbook. GitHub has excellent documentation on how to 5 | [fork a repository and start contributing](https://help.github.com/articles/fork-a-repo.). 6 | 7 | All contributors are welcome to submit patches, but we ask you keep the 8 | following guidelines in mind: 9 | 10 | - [Coding Standards](#coding-standards) 11 | - [Testing](#testing) 12 | - [Prerequisites](#prerequisites) 13 | 14 | Please also keep in mind: 15 | 16 | - Be patient as not all items will be tested or reviewed immediately by the core 17 | team. 18 | - Be receptive and responsive to feedback about your additions or changes. The 19 | core team and/or other community members may make suggestions or ask questions 20 | about your change. This is part of the review process, and helps everyone to 21 | understand what is happening, why it is happening, and potentially optimizes 22 | your code. 23 | - Be understanding 24 | 25 | If you're looking to contribute but aren't sure where to start, check out the 26 | open issues. 27 | 28 | 29 | Will Not Merge 30 | -------------- 31 | This second details Pull Requests that we will **not** merge. 32 | 33 | 1. New features without accompanying Test Kitchen tests 34 | 1. New features without accompanying usage documentation 35 | 36 | 37 | Coding Standards 38 | ---------------- 39 | The submitted code should be compatible with the standard Ruby coding guidelines. 40 | Here are some additional resources: 41 | 42 | - [Ruby Style Guide](https://github.com/bbatsov/ruby-style-guide) 43 | - [GitHub Styleguide](https://github.com/styleguide/ruby) 44 | 45 | This cookbook is equipped with Rubocop, which will fail the build for violating 46 | these standards. 47 | 48 | 49 | Testing 50 | ------- 51 | Whether your pull request is a bug fix or introduces new classes or methods to the 52 | project, we kindly ask that you include tests for your changes. Even if it's just a 53 | small improvement, a test is necessary to ensure the bug is never re-introduced. 54 | 55 | We understand that not all users are familiar with the testing ecosystem. This cookbook 56 | is fully-tested using [Foodcritic](https://github.com/acrmp/foodcritic), 57 | [Rubocop](https://github.com/bbatsov/rubocop), and 58 | [Test Kitchen](https://github.com/test-kitchen/test-kitchen) with 59 | [Serverspec](https://github.com/serverspec/serverspec) bussers. 60 | 61 | 62 | Prerequisites 63 | ------------- 64 | Developing this cookbook requires a sane Ruby 1.9+ environment with `bundler` installed. 65 | In order to run the Test Kitchen integration suite, you must also have Vagrant and 66 | VirtualBox installed: 67 | 68 | - [Vagrant](https://vagrantup.com) 69 | - [VirtualBox](https://virtualbox.org) 70 | 71 | 72 | Process 73 | ------- 74 | 1. Clone the git repository from GitHub: 75 | 76 | $ git clone git@github.com:mdsol/ice_cookbook.git 77 | 78 | 2. Install the dependencies using bundler: 79 | 80 | $ bundle install 81 | 82 | 3. Create a branch for your changes: 83 | 84 | $ git checkout -b my_bug_fix 85 | 86 | 4. Make any changes 87 | 5. Write tests to support those changes. 88 | 6. Run the tests: 89 | 90 | $ bundle exec rake 91 | 92 | 7. Assuming the tests pass, open a Pull Request on GitHub 93 | 94 | 95 | Do's and Don't's 96 | ---------------- 97 | - **Do** include tests for your contribution 98 | - **Do NOT** break existing behavior (unless intentional) 99 | - **Do NOT** modify the version number in the `metadata.rb` 100 | - **Do NOT** modify the CHANGELOG 101 | -------------------------------------------------------------------------------- /recipes/default.rb: -------------------------------------------------------------------------------- 1 | # 2 | # Cookbook Name:: ice 3 | # Recipe:: default 4 | # 5 | # Copyright 2015 Medidata Solutions Worldwide 6 | # 7 | # Licensed under the Apache License, Version 2.0 (the "License"); 8 | # you may not use this file except in compliance with the License. 9 | # You may obtain a copy of the License at 10 | # 11 | # http://www.apache.org/licenses/LICENSE-2.0 12 | # 13 | # Unless required by applicable law or agreed to in writing, software 14 | # distributed under the License is distributed on an "AS IS" BASIS, 15 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 | # See the License for the specific language governing permissions and 17 | # limitations under the License. 18 | # 19 | 20 | include_recipe 'chef-sugar' 21 | 22 | include_recipe 'apt' if debian? 23 | 24 | include_recipe 'java' 25 | include_recipe 'tomcat' 26 | include_recipe 'logrotate' 27 | 28 | java_options = "#{node['tomcat']['java_options']} -Dice.s3AccessKeyId=#{node['ice']['billing_aws_access_key_id']} -Dice.s3SecretKey=#{node['ice']['billing_aws_secret_key']}" 29 | 30 | node.override['tomcat']['java_options'] = java_options 31 | 32 | artifact_deploy 'ice' do 33 | version node['ice']['version'] 34 | if node['ice']['version'] == 'stable' 35 | artifact_location 'https://netflixoss.ci.cloudbees.com/job/ice-master/lastStableBuild/artifact/target/ice.war' 36 | else 37 | artifact_location "#{node['ice']['war_url']}/ice-#{node['ice']['version']}.war" 38 | artifact_checksum node['ice']['checksum'] 39 | end 40 | deploy_to node['tomcat']['webapp_dir'] 41 | owner node['tomcat']['user'] 42 | group node['tomcat']['group'] 43 | skip_manifest_check true 44 | keep 2 45 | should_migrate false 46 | force node['ice']['force_deploy'] ? true : false 47 | action :deploy 48 | 49 | before_deploy proc { 50 | # Create ice local procesor work directory 51 | directory node['ice']['processor']['local_dir'] do 52 | owner node['tomcat']['user'] 53 | group node['tomcat']['group'] 54 | mode '0755' 55 | only_if { node['ice']['processor']['enabled'] == true } 56 | end 57 | 58 | # Workaround for https://github.com/Netflix/ice/issues/100 59 | %w( tagdb usage_daily usage_monthly usage_weekly cost_daily cost_monthly cost_weekly usage_hourly cost_hourly ).each do |dir| 60 | directory "#{node['ice']['processor']['local_dir']}/#{dir}_AWS Import" do 61 | owner node['tomcat']['user'] 62 | group node['tomcat']['group'] 63 | mode '0755' 64 | only_if { node['ice']['processor']['enabled'] == true && node['ice']['processor']['issue_100_workaround'] == true } 65 | end 66 | end 67 | 68 | # Create ice local reader work directory 69 | directory node['ice']['reader']['local_dir'] do 70 | owner node['tomcat']['user'] 71 | group node['tomcat']['group'] 72 | mode '0755' 73 | only_if { node['ice']['reader']['enabled'] == true } 74 | end 75 | } 76 | 77 | configure proc { 78 | # Create ice.properties file 79 | template "#{release_path}/WEB-INF/classes/ice.properties" do 80 | source 'ice.properties.erb' 81 | owner node['tomcat']['user'] 82 | group node['tomcat']['group'] 83 | mode '0644' 84 | end 85 | } 86 | 87 | restart proc { 88 | service node['tomcat']['base_instance'] do 89 | action :restart 90 | end 91 | } 92 | end 93 | 94 | # Allow httpd to connect to tomcat for proxy 95 | execute 'selinux httpd_can_network_connect' do 96 | command '/usr/sbin/setsebool httpd_can_network_connect true' 97 | only_if { %w(rhel fedora).include?(node['platform_family']) } 98 | end 99 | 100 | # Configure logrotate 101 | logrotate_app node['tomcat']['base_instance'] do 102 | cookbook 'logrotate' 103 | path "#{node['tomcat']['log_dir']}/catalina.out" 104 | frequency node['ice']['logrotate_frequency'] 105 | rotate node['ice']['logrotate_rotate'] 106 | create "640 #{node['tomcat']['base_instance']} adm" 107 | options %w( copytruncate compress missingok ) 108 | end 109 | 110 | include_recipe 'ice::nginx' if node['ice']['reader']['enabled'] == true && node['ice']['nginx_enabled'] 111 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | Ice Cookbook 2 | ============ 3 | 4 | This is an application cookbook for installing the Netflix Ice AWS usage and 5 | cost reporting application. 6 | 7 | Requirements 8 | ------------ 9 | - Chef 11 or higher 10 | - Ruby 1.9.3 or higher 11 | - This cookbook requires attributes be set based on the instructions for 12 | configuring the [Netflix Ice application](https://github.com/Netflix/ice). 13 | - You will also need to enable Amazon's programmatic billing access to 14 | receive detailed billing reports. 15 | 16 | Platform 17 | -------- 18 | Tested on 19 | 20 | * Ubuntu 14.04 21 | * Ubuntu 12.04 22 | * Centos 7.1 23 | * Centos 6.6 24 | 25 | Other Debian and RHEL family distributions are assumed to work but YMMV. 26 | 27 | Attributes 28 | ---------- 29 | In order to keep the README managable and in sync with the attributes, this 30 | cookbook documents attributes inline. The usage instructions and default 31 | values for attributes can be found in the individual attribute files. 32 | 33 | Dependencies 34 | ------------ 35 | 36 | The following cookbooks are dependencies: 37 | 38 | * [apt][] 39 | * [yum][] 40 | * [java][] 41 | * [logrotate][] 42 | * [chef-sugar][] 43 | * [openssl][] 44 | * [nginx][] 45 | * [tomcat][] 46 | * [artifact][] 47 | 48 | ## Usage 49 | 50 | This recipe allows you to deploy Netflix Ice as a standalone node running both the 51 | processor and reader or as seperate nodes running a processor and a reader which is the 52 | deployment layout that the Netflix Ice team recommends. 53 | 54 | Here is a sample role for creating an Ice processor node: 55 | ```YAML 56 | chef_type: role 57 | default_attributes: 58 | description: 59 | env_run_lists: 60 | json_class: Chef::Role 61 | name: ice-processor 62 | override_attributes: 63 | ice: 64 | billing_aws_access_key_id: YOURAWSKEYID 65 | billing_aws_secret_key: YOURAWSSECRETKEY 66 | billing_s3_bucket_name: ice-billing 67 | version: 0.0.4 68 | war_url: https://s3.amazonaws.com/dl.imedidata.net/ice 69 | checksum: eb9e7503585553bdebf9d93016bcbe7dc033c21e2b1b2f0df0978ca2968df047 70 | skip_manifest_check: false 71 | company_name: Company Name 72 | force_deploy: false 73 | processor: 74 | enabled: true 75 | reader: 76 | enabled: false 77 | start_millis: 1357016400000 78 | work_s3_bucket_name: ice-work 79 | tomcat: 80 | catalina_options: -Xmx1024M -Xms1024M 81 | run_list: 82 | recipe[ice] 83 | ``` 84 | 85 | Here is a sample role for creating an Ice reader node: 86 | ```YAML 87 | chef_type: role 88 | default_attributes: 89 | description: 90 | env_run_lists: 91 | json_class: Chef::Role 92 | name: ice-reader 93 | override_attributes: 94 | ice: 95 | billing_aws_access_key_id: YOURAWSKEYID 96 | billing_aws_secret_key: YOURAWSSECRETKEY 97 | billing_s3_bucket_name: ice-billing 98 | version: 0.0.4 99 | war_url: https://s3.amazonaws.com/dl.imedidata.net/ice 100 | checksum: eb9e7503585553bdebf9d93016bcbe7dc033c21e2b1b2f0df0978ca2968df047 101 | skip_manifest_check: false 102 | company_name: Company Name 103 | force_deploy: false 104 | processor: 105 | enabled: false 106 | reader: 107 | enabled: true 108 | start_millis: 1357016400000 109 | work_s3_bucket_name: ice-work 110 | tomcat: 111 | catalina_options: -Xmx1024M -Xms1024M 112 | run_list: 113 | recipe[ice] 114 | ``` 115 | 116 | Development 117 | ----------- 118 | Please see the [Contributing](CONTRIBUTING.md) and [Issue Reporting](ISSUES.md) Guidelines. 119 | 120 | License & Authors 121 | ----------------- 122 | - Author: [Ray Rodriguez](https://github.com/rayrod2030) (rayrod2030@gmail.com) 123 | - Contributor: [akshah123](https://github.com/akshah123) 124 | - Contributor: [Benton Roberts](https://github.com/benton) 125 | - Contributor: [Harry Wilkinson](https://github.com/harryw) 126 | - Contributor: [rampire](https://github.com/rampire) 127 | - Contributor: [Alex Greg](https://github.com/agreg) 128 | 129 | ```text 130 | Copyright 2015 Medidata Solutions Worldwide 131 | 132 | Licensed under the Apache License, Version 2.0 (the “License”); 133 | you may not use this file except in compliance with the License. 134 | You may obtain a copy of the License at 135 | 136 | http://www.apache.org/licenses/LICENSE-2.0 137 | 138 | Unless required by applicable law or agreed to in writing, software 139 | distributed under the License is distributed on an “AS IS” BASIS, 140 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 141 | See the License for the specific language governing permissions and 142 | limitations under the License. 143 | ``` 144 | 145 | [apt]: https://github.com/opscode-cookbooks/apt 146 | [yum]: https://github.com/chef-cookbooks/yum 147 | [java]: https://github.com/agileorbit-cookbooks/java 148 | [logrotate]: https://github.com/stevendanna/logrotate 149 | [chef-sugar]: https://github.com/sethvargo/chef-sugar 150 | [openssl]: https://github.com/opscode-cookbooks/openssl 151 | [nginx]: https://github.com/miketheman/nginx 152 | [tomcat]: https://github.com/opscode-cookbooks/tomcat 153 | [artifact]: https://github.com/RiotGamesCookbooks/artifact-cookbook 154 | -------------------------------------------------------------------------------- /metadata.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "ice", 3 | "description": "Installs/Configures ice", 4 | "long_description": "Description\n===========\n\nApplication cookbook for installing the Netflix Ice AWS usage\nand cost reporting application.\n\nRequirements\n============\n\nChef 11.4.0+ and Ohai 6.10+ for platform_family use.\n\nThis cookbook requires attributes be set based on the instructions for \nconfiguring the [Netflix Ice application](https://github.com/Netflix/ice).\n\nYou will also need to enable Amazon's programmatic billing access to \nreceive detailed billing reports.\n\nThe following cookbooks are dependencies:\n\n* apt (on ubuntu)\n* openssl\n* java\n* tomcat\n* nginx\n* artifact (Riot Games)\n\n## Platform:\n\nTested on \n\n* Ubuntu 12.04\n* Centos 6.4\n\nOther Debian and RHEL family distributions are assumed to work.\n\nAttributes\n==========\n\n* `node['ice']['version']` - Ice version to download and install. These \nversions are packaged and hosted by Medidata Solutions until we can get the \nNetflix Ice team to package and host official ice releases.\n* `node['ice']['checksum']` - Checksum for Ice WAR file.\n* `node['ice']['war_url']` - HTTP URL for Ice WAR file.\n* `node['ice']['force_redeploy']` - Will force a redeploy of the Ice WAR file.\n* `node['ice']['company_name']` - Organization name that is displayed in the \nUI header.\n* `node['ice']['processor']['enabled']` - Enables the Ice processor.\n* `node['ice']['processor']['local_dir']` - Local work directory for the Ice\nprocessor.\n* `node['ice']['billing_aws_access_key_id']` - AWS access key id used for\naccessing AWS detailed billing files from S3.\n* `node['ice']['billing_secret_key']` - AWS secret key used for\naccessing AWS detailed billing files from S3.\n* `node['ice']['billing_s3_bucket_name']` - Name of the S3 bucket containing\nthe AWS detailed billing files.\n* `node['ice']['billing_s3_bucket_prefix']` - Directory in the S3 billing bucket \ncontaining AWS detailed billing files.\n* `node['ice']['work_s3_bucket_name']` - Name of the S3 bucket that Ice uses \nfor processed AWS detailed billing files. This bucket is shared between the Ice\nprocessor and reader.\n* `node['ice']['work_s3_bucket_prefix']` - Directory in the S3 work bucket \ncontaining the processed AWS detailed billing files.\n* `node['ice']['reader']['enabled']` - Enables the Ice reader and installs the\nNginx reverse proxy.\n* `node['ice']['reader']['local_dir']` - Local work directory for the Ice reader.\n* `node['ice']['start_millis']` - Specify the start time in milliseconds for the \nprocessor to start processing billing files.\n* `node['ice']['public_hostname']` - Optional. Fully qualified domain name used for \nconfiguring the Nginx reverse proxy on Ice readers/UI nodes.\n* `node['ice']['accounts']` - Optional. Hash mapping of AWS account names to \naccount numbers. This is used within Ice to give accounts human readable names \nin the UI.\n\n## Usage\n\nThis recipe allows you to deploy Netflix Ice as a standalone node running both the\nprocessor and reader or as seperate nodes running a processor and a reader which is the\ndeployment layout that the Netflix Ice team recommends.\n\nHere is a sample role for creating an Ice processor node:\n```YAML\nchef_type: role\ndefault_attributes:\ndescription: \nenv_run_lists:\njson_class: Chef::Role\nname: ice-processor\noverride_attributes:\n ice:\n billing_aws_access_key_id: YOURAWSKEYID\n billing_aws_secret_key: YOURAWSSECRETKEY\n billing_s3_bucket_name: ice-billing\n version: 0.0.2\n war_url: https://s3.amazonaws.com/ice-app\n checksum: c5f0c31d8493783814c017a2af575e8d8fa1855359008b868621823381d61d6a \n skip_manifest_check: false\n company_name: Company Name\n force_deploy: false\n processor:\n enabled: true\n reader:\n enabled: false\n start_millis: 1357016400000\n work_s3_bucket_name: ice-work\n tomcat:\n catalina_options: -Xmx1024M -Xms1024M\nrun_list:\n recipe[ice]\n```\n\nHere is a sample role for creating an Ice reader node:\n```YAML\nchef_type: role\ndefault_attributes:\ndescription: \nenv_run_lists:\njson_class: Chef::Role\nname: ice-reader\noverride_attributes:\n ice:\n billing_aws_access_key_id: YOURAWSKEYID\n billing_aws_secret_key: YOURAWSSECRETKEY\n billing_s3_bucket_name: ice-billing\n version: 0.0.2\n war_url: https://s3.amazonaws.com/ice-app\n checksum: c5f0c31d8493783814c017a2af575e8d8fa1855359008b868621823381d61d6a \n skip_manifest_check: false\n company_name: Company Name\n force_deploy: false\n processor:\n enabled: false\n reader:\n enabled: true\n start_millis: 1357016400000\n work_s3_bucket_name: ice-work\n tomcat:\n catalina_options: -Xmx1024M -Xms1024M\nrun_list:\n recipe[ice]\n```\n\n## Author\n\n* Author: [Ray Rodriguez](https://github.com/rayrod2030)\n* Author: [Benton Roberts](https://github.com/benton)\n", 5 | "maintainer": "Medidata Solutions", 6 | "maintainer_email": "rarodriguez@mdsol.com", 7 | "license": "Apache 2.0", 8 | "platforms": { 9 | "ubuntu": ">= 0.0.0", 10 | "centos": ">= 0.0.0" 11 | }, 12 | "dependencies": { 13 | "java": ">= 0.0.0", 14 | "apt": ">= 0.0.0", 15 | "tomcat": ">= 0.0.0", 16 | "nginx": ">= 0.0.0", 17 | "openssl": ">= 0.0.0", 18 | "artifact": ">= 0.0.0", 19 | "logrotate": ">= 0.0.0" 20 | }, 21 | "recommendations": { 22 | }, 23 | "suggestions": { 24 | }, 25 | "conflicting": { 26 | }, 27 | "providing": { 28 | }, 29 | "replacing": { 30 | }, 31 | "attributes": { 32 | }, 33 | "groupings": { 34 | }, 35 | "recipes": { 36 | }, 37 | "version": "0.2.11" 38 | } 39 | -------------------------------------------------------------------------------- /attributes/default.rb: -------------------------------------------------------------------------------- 1 | # Ice version to download and install. These versions are packaged and hosted 2 | # by Medidata Solutions until we can get the Netflix Ice team to package and 3 | # host official ice releases. If you wish to install the latest stable version 4 | # from [Netflix](https://github.com/netflix/ice#download-snapshot-builds) 5 | # directly, provide `stable`. Note: this option will always install the latest 6 | # version even if its not backwards compatible. 7 | node.default['ice']['version'] = '0.0.4' 8 | 9 | # Checksum for Ice WAR file. 10 | node.default['ice']['checksum'] = 'eb9e7503585553bdebf9d93016bcbe7dc033c21e2b1b2f0df0978ca2968df047' 11 | 12 | # HTTP URL for Ice WAR file. 13 | node.default['ice']['war_url'] = 'https://s3.amazonaws.com/dl.imedidata.net/ice' 14 | 15 | # Will force a redeploy of the Ice WAR file. 16 | node.default['ice']['force_redeploy'] = false 17 | 18 | # Organization name that is displayed in the UI header. 19 | node.default['ice']['company_name'] = nil 20 | 21 | # Enables the ice processor. 22 | node.default['ice']['processor']['enabled'] = true 23 | 24 | # Local work directory for the Ice processor. 25 | node.default['ice']['processor']['local_dir'] = '/var/ice_processor' 26 | 27 | # Optional. Work around https://github.com/Netflix/ice/issues/100 by pre-creating 28 | # the directories it expects to find. Default: false 29 | node.default['ice']['processor']['issue_100_workaround'] = false 30 | 31 | # AWS access key id used for accessing AWS detailed billing files from S3. 32 | node.default['ice']['billing_aws_access_key_id'] = nil 33 | 34 | # AWS secret key used for accessing AWS detailed billing files from S3. 35 | node.default['ice']['billing_aws_secret_key'] = nil 36 | 37 | # Name of the S3 bucket containing the AWS detailed billing files. 38 | node.default['ice']['billing_s3_bucket_name'] = nil 39 | 40 | # Directory in the S3 billing bucket containing AWS detailed billing files. 41 | node.default['ice']['billing_s3_bucket_prefix'] = nil 42 | 43 | # Specify your payer account id here if across-accounts IAM role access is used. 44 | # See Netflix Ice README section 1.6 for more details. 45 | node.default['ice']['billing_payerAccountId'] = nil 46 | 47 | # Specify your access IAM role name here if across-accounts IAM role access is used. 48 | # See Netflix Ice README section 1.6 for more details. 49 | node.default['ice']['billing_accessRoleName'] = nil 50 | 51 | # Specify external id here if it is used. See Netflix Ice README section 1.6 52 | # for more details. 53 | node.default['ice']['billing_accessExternalId'] = nil 54 | 55 | # Name of the S3 bucket that Ice uses for processed AWS detailed billing files. 56 | # This bucket is shared between the Ice processor and reader. 57 | node.default['ice']['work_s3_bucket_name'] = nil 58 | 59 | # Directory in the S3 work bucket containing the processed AWS detailed billing files. 60 | node.default['ice']['work_s3_bucket_prefix'] = nil 61 | 62 | # Enables the Ice reader and installs the Nginx reverse proxy. 63 | node.default['ice']['reader']['enabled'] = true 64 | # Local work directory for the Ice reader. 65 | node.default['ice']['reader']['local_dir'] = '/var/ice_reader' 66 | 67 | # Specify the start time in milliseconds for the processor to start processing billing files. 68 | # Value is number of milliseconds since unix epoch time. Default: 90 days ago 69 | node.default['ice']['start_millis'] = (Date.today - 90).strftime('%Q') 70 | 71 | # Optional. Hash mapping of AWS account names to account numbers. This is used 72 | # within Ice to give accounts human readable names in the UI. 73 | node.default['ice']['accounts'] = {} 74 | 75 | # To use BasicReservationService, you should also run reservation capacity 76 | # poller, which will call EC2 API (describeReservedInstances) to poll 77 | # reservation capacities for each reservation owner account defined in 78 | # ice.properties. See Netflix Ice README Advanced Options section 2. 79 | node.default['ice']['reservation_capacity_poller'] = false 80 | 81 | # Reservation period, possible values are oneyear, threeyear 82 | node.default['ice']['reservation_period'] = 'threeyear' 83 | 84 | # Reservation utilization, possible values are LIGHT, MEDIUM, HEAVY, FIXED 85 | node.default['ice']['reservation_utilization'] = 'HEAVY' 86 | 87 | # Array of custom resource tags to have ice process. As described in the ice 88 | # README you must explicitly enable these custom tags in your billing statements. 89 | node.default['ice']['custom_resource_tags'] = [] 90 | 91 | # Currency sign to use in place of $ 92 | node.default['ice']['currencySign'] = nil 93 | 94 | # Conversion rate of USD to the above currency. For example, if 1 pound = 1.5 95 | # dollar, then the rate is 0.6666667. 96 | node.default['ice']['currencyRate'] = nil 97 | 98 | # URL to highstock.js if you need to serve this over HTTPS (which the default 99 | # Highstock CDN does not currently support) 100 | node.default['ice']['highstockUrl'] = nil 101 | 102 | # Monthly cache size. 103 | node.default['ice']['monthlycachesize'] = nil 104 | 105 | # Cost per monitor metric per hour. 106 | node.default['ice']['cost_per_monitormetric_per_hour'] = nil 107 | 108 | # URL of Ice installation, used to create links in alert emails. 109 | node.default['ice']['urlPrefix'] = nil 110 | 111 | # Email address from which Ice email alerts are sent (must be registered in SES). 112 | node.default['ice']['fromEmail'] = nil 113 | 114 | # EC2 On-Demand hourly cost threshold at which an alert email should be sent. 115 | node.default['ice']['ondemandCostAlertThreshold'] = nil 116 | 117 | # Comma-separated list of recipients for the On-Demand cost alert emails. 118 | node.default['ice']['ondemandCostAlertEmails'] = nil 119 | 120 | # If set to `original`, Ice will use the original costs from the billing file 121 | # for Resource Groups. 122 | node.default['ice']['resourceGroupCost'] = nil 123 | 124 | # Set to `true` to enable weekly cost emails. 125 | node.default['ice']['weeklyCostEmails'] = nil 126 | 127 | # Email address from which weekly cost emails are sent (must be registered in SES). 128 | node.default['ice']['weeklyCostEmails_fromEmail'] = nil 129 | 130 | # Email address to which weekly cost emails will be BCCed. 131 | node.default['ice']['weeklyCostEmails_bccEmail'] = nil 132 | 133 | # How many weeks to include in the weekly cost emails. 134 | node.default['ice']['weeklyCostEmails_numWeeks'] = nil 135 | 136 | # Optional. Fully qualified domain name used for configuring the Nginx reverse 137 | # proxy on Ice readers/UI nodes. 138 | node.default['ice']['public_hostname'] = nil 139 | 140 | # Setup Nginx. 141 | node.default['ice']['nginx_enabled'] = true 142 | 143 | # Disable Nginx default site. 144 | node.default['ice']['nginx_disable_default_site'] = true 145 | 146 | # Nginx port configuration. 147 | node.default['ice']['nginx_port'] = 80 148 | 149 | # Nginx site configuration chef template name. 150 | node.default['ice']['nginx_config'] = 'nginx_ice_site.erb' 151 | 152 | # Nginx custom configuration cookbook. Use this if you'd like to bypass the 153 | # default ice cookbook nginx configuration and implement your own templates 154 | # and recipes to configure Nginx for ice. 155 | node.default['ice']['nginx_config_cookbook'] = 'ice' 156 | 157 | # Whether nginx should route all requests to Tomcat, regardless of Host: header. Default: false. 158 | node.default['ice']['nginx_default_server'] = false 159 | 160 | # How often to rotate catalina.out. 161 | node.default['ice']['logrotate_frequency'] = 'weekly' 162 | 163 | # How many rotated copies of catalina.out to keep. 164 | node.default['ice']['logrotate_rotate'] = 52 165 | --------------------------------------------------------------------------------