AWS OpsWorks User Guide API Version 2013-02-18 AWS OpsWorks User Guide AWS OpsWorks: User Guide Copyright © 2014 Amazon Web Services, Inc. and/or its affiliates. All rights reserved. The following are trademarks of Amazon Web Services, Inc.: Amazon, Amazon Web Services Design, AWS, Amazon CloudFront, Cloudfront, Amazon DevPay, DynamoDB, ElastiCache, Amazon EC2, Amazon Elastic Compute Cloud, Amazon Glacier, Kindle, Kindle Fire, AWS Marketplace Design, Mechanical Turk, Amazon Redshift, Amazon Route 53, Amazon S3, Amazon VPC. In addition, Amazon.com graphics, logos, page headers, button icons, scripts, and service names are trademarks, or trade dress of Amazon in the U.S. and/or other countries. Amazon's trademarks and trade dress may not be used in connection with any product or service that is not Amazon's, in any manner that is likely to cause confusion among customers, or in any manner that disparages or discredits Amazon. All other trademarks not owned by Amazon are the property of their respective owners, who may or may not be affiliated with, connected to, or sponsored by Amazon. AWS OpsWorks User Guide Table of Contents What is AWS OpsWorks? ............................................................................................................... 1 Stacks ................................................................................................................................. 2 Layers ................................................................................................................................. 3 Instances ............................................................................................................................. 3 Apps ................................................................................................................................... 4 Customizing your Stack.......................................................................................................... 4 Resource Management .......................................................................................................... 5 Security and Permissions........................................................................................................ 5 Monitoring and Logging.......................................................................................................... 5 CLI, SDK, and AWS CloudFormation Templates.......................................................................... 6 Where to Start ...................................................................................................................... 6 Documentation Roadmap ............................................................................................................... 7 Getting Started ............................................................................................................................. 9 Step 1: Sign in to the AWS OpsWorks Console......................................................................... 10 Step 2: Create a Simple Application Server Stack...................................................................... 10 Step 1: Create a Stack.................................................................................................. 11 Step 2: Add a PHP App Server Layer.............................................................................. 13 Step 3: Add an Instance to the PHP App Server Layer........................................................ 14 Step 4: Create and Deploy an App.................................................................................. 16 Step 3: Add a Back-end Data Store......................................................................................... 20 Step 1: Add a Back-end Database.................................................................................. 20 Step 2: Update SimplePHPApp ...................................................................................... 21 A Short Digression: Cookbooks, Recipes, and AWS OpsWorks Attributes.............................. 23 Step 3: Add the Custom Cookbooks to MyStack................................................................ 28 Step 4: Run the Recipes............................................................................................... 28 Step 5: Deploy SimplePHPApp, Version 2......................................................................... 29 Step 6: Run SimplePHPApp........................................................................................... 30 Step 4: Scale Out MyStack.................................................................................................... 31 Step 1: Add a Load Balancer......................................................................................... 32 Step 2: Add PHP App Server Instances........................................................................... 35 Step 3: Monitor MyStack............................................................................................... 35 Delete MyStack ................................................................................................................... 37 Stacks ....................................................................................................................................... 40 Create a New Stack ............................................................................................................. 41 Running a Stack in a VPC..................................................................................................... 44 VPC Basics ................................................................................................................ 44 Create a VPC for an AWS OpsWorks Stack...................................................................... 46 Create a Stack in the VPC............................................................................................. 48 Update a Stack ................................................................................................................... 50 Clone a Stack ..................................................................................................................... 51 Run Stack Commands.......................................................................................................... 52 Use Custom JSON to Modify the Stack Configuration JSON........................................................ 53 Shut Down a Stack .............................................................................................................. 55 Layers ....................................................................................................................................... 57 OpsWorks Layer Basics........................................................................................................ 58 How to Create an OpsWorks Layer ................................................................................ 58 How to Edit an OpsWorks Layer..................................................................................... 59 How to Use Auto Healing to Replace a Layer's Failed Instances........................................... 67 How to Delete an OpsWorks Layer................................................................................. 68 Load Balancer Layers........................................................................................................... 69 Elastic Load Balancing ................................................................................................. 70 HAProxy AWS OpsWorks Layer..................................................................................... 72 Database Layers ................................................................................................................. 77 Amazon RDS Service Layer .......................................................................................... 77 MySQL OpsWorks Layer............................................................................................... 80 API Version 2013-02-18 iii AWS OpsWorks User Guide Application Server Layers...................................................................................................... 81 Java App Server AWS OpsWorks Layer........................................................................... 82 Node.js App Server AWS OpsWorks Layer....................................................................... 88 PHP App Server AWS OpsWorks Layer........................................................................... 91 Rails App Server AWS OpsWorks Layer.......................................................................... 92 Static Web Server AWS OpsWorks Layer......................................................................... 95 Custom AWS OpsWorks Layers............................................................................................. 96 Other Layers....................................................................................................................... 98 Ganglia Layer ............................................................................................................. 98 Memcached .............................................................................................................. 100 Instances.................................................................................................................................. 101 Operating Systems............................................................................................................. 101 Amazon Linux ........................................................................................................... 102 Ubuntu LTS............................................................................................................... 103 Adding an Instance to a Layer.............................................................................................. 103 Using Custom AMIs............................................................................................................ 107 Manually Starting, Stopping, and Rebooting 24/7 Instances....................................................... 109 Changing Instance Properties .............................................................................................. 111 Deleting Instances ............................................................................................................. 112 Managing Load with Time-based and Load-based Instances..................................................... 113 How Automatic Time-based Scaling Works..................................................................... 114 How Automatic Load-based Scaling Works..................................................................... 116 How Load-based Scaling Differs from Auto Healing.......................................................... 119 Using SSH to Communicate with an Instance.......................................................................... 119 Using the MindTerm SSH Client.................................................................................... 120 Using a Third-Party Client with Amazon EC2 Key Pairs..................................................... 122 Apps........................................................................................................................................ 125 Adding Apps ..................................................................................................................... 125 Configuring an App .................................................................................................... 126 Deploying Apps ................................................................................................................. 132 Other Deployment Commands ..................................................................................... 134 Editing Apps ..................................................................................................................... 134 Connecting an Application to a Database Server..................................................................... 135 Java App Server ........................................................................................................ 136 Node.js App Server .................................................................................................... 137 PHP App Server ........................................................................................................ 137 Rails App Server........................................................................................................ 138 Using a Custom Recipe .............................................................................................. 139 Using Environment Variables................................................................................................ 141 Java App Server ........................................................................................................ 142 Node.js App Server .................................................................................................... 142 PHP App Server ........................................................................................................ 142 Rails App Server........................................................................................................ 142 Custom App Servers .................................................................................................. 143 Passing Data to Applications................................................................................................ 143 Using Repository SSH Keys................................................................................................. 146 Using Custom Domains ...................................................................................................... 146 Running Multiple Applications on the Same Application Server.......................................... 147 Using SSL ........................................................................................................................ 148 Step 1: Install and Configure OpenSSL.......................................................................... 148 Step 2: Create a Private Key........................................................................................ 149 Step 3: Create a Certificate Signing Request.................................................................. 150 Step 4: Submit the CSR to Certificate Authority............................................................... 150 Step 5: Edit the App.................................................................................................... 151 Cookbooks and Recipes ............................................................................................................. 153 Cookbook Repositories....................................................................................................... 154 Cookbook Components....................................................................................................... 155 Attributes.................................................................................................................. 156 API Version 2013-02-18 iv AWS OpsWorks User Guide Templates................................................................................................................. 158 Recipes.................................................................................................................... 159 Chef Versions.................................................................................................................... 161 Implementing Recipes for Chef 11.4 Stacks.................................................................... 162 Implementing Recipes for Chef 11.10 Stacks.................................................................. 163 Migrating an Existing Stack to a new Chef Version........................................................... 169 Ruby Versions ................................................................................................................... 170 Installing Custom Cookbooks............................................................................................... 171 Specifying a Custom Cookbook Repository.................................................................... 172 Updating Custom Cookbooks............................................................................................... 174 Executing Recipes ............................................................................................................. 175 AWS OpsWorks Lifecycle Events.................................................................................. 176 Automatically Running Recipes .................................................................................... 177 Manually Running Recipes .......................................................................................... 178 Cookbooks 101 ................................................................................................................. 179 Vagrant and Test Kitchen............................................................................................. 180 Cookbook Basics ....................................................................................................... 181 Implementing Cookbooks for AWS OpsWorks................................................................. 209 Resource Management............................................................................................................... 218 Registering Resources with a Stack...................................................................................... 219 Registering Amazon EBS Volumes with a Stack.............................................................. 219 Registering Elastic IP Addresses with a Stack................................................................. 220 Registering Amazon RDS Instances with a Stack............................................................ 221 Attaching and Moving Resources.......................................................................................... 222 Assigning Amazon EBS Volumes to an Instance.............................................................. 223 Associating Elastic IP Addresses with an Instance........................................................... 224 Attaching Amazon RDS Instances to an App................................................................... 226 Detaching Resources ......................................................................................................... 226 Unassigning Amazon EBS Volumes .............................................................................. 226 Disassociating Elastic IP Addresses.............................................................................. 227 Detaching Amazon RDS Instances................................................................................ 227 Deregistering Resources..................................................................................................... 228 Deregistering Amazon EBS Volumes............................................................................. 228 Deregistering Elastic IP Addresses ............................................................................... 228 Deregistering Amazon RDS Instances........................................................................... 229 Customizing AWS OpsWorks....................................................................................................... 230 Customizing AWS OpsWorks Configuration by Overriding Attributes........................................... 231 Attribute Precedence .................................................................................................. 232 Overriding Attributes Using Custom JSON...................................................................... 233 Overriding AWS OpsWorks Attributes Using Custom Cookbook Attributes........................... 235 Extending AWS OpsWorks Configuration Files Using Custom Templates..................................... 236 Extending a Built-in Layer.................................................................................................... 237 Using Recipes to Run Scripts....................................................................................... 237 Using Chef Deployment Hooks..................................................................................... 238 Running Cron Jobs .................................................................................................... 239 Installing and Configuring Packages.............................................................................. 240 Creating a Custom Tomcat Server Layer................................................................................ 240 Attributes File ............................................................................................................ 241 Setup Recipes........................................................................................................... 242 Configure Recipes ..................................................................................................... 250 Deploy Recipes ......................................................................................................... 254 Create a Stack and Run an Application.......................................................................... 256 Stack Configuration and Deployment JSON............................................................................ 262 Configure JSON ........................................................................................................ 262 Deploy JSON ............................................................................................................ 265 Using Stack Configuration JSON Values in Custom Recipes.............................................. 267 How to Obtain a Stack Configuration JSON.................................................................... 267 Monitoring ................................................................................................................................ 268 API Version 2013-02-18 v AWS OpsWorks User Guide Monitoring Stacks using Amazon CloudWatch......................................................................... 268 Metrics..................................................................................................................... 269 Stack Metrics ............................................................................................................ 270 Layer Metrics ............................................................................................................ 270 Instance Metrics ........................................................................................................ 271 Logging AWS OpsWorks API Calls By Using AWS CloudTrail.................................................... 272 AWS OpsWorks Information in CloudTrail....................................................................... 273 Understanding AWS OpsWorks Log File Entries.............................................................. 273 Using Amazon CloudWatch Logs with AWS OpsWorks............................................................. 275 Security and Permissions ............................................................................................................ 276 Managing User Permissions ................................................................................................ 277 Managing Users ........................................................................................................ 278 Managing Users' Permissions Using a Stack's Permissions Page....................................... 282 Managing Permissions by Attaching an IAM policy........................................................... 284 Example Policies ....................................................................................................... 286 AWS OpsWorks Permissions Levels.............................................................................. 290 Signing in as an IAM User................................................................................................... 291 Setting an IAM User's Public SSH Key................................................................................... 292 Allowing AWS OpsWorks to Act on Your Behalf....................................................................... 293 Specifying Permissions for Apps Running on EC2 instances...................................................... 296 Using AWS OpsWorks with Other AWS Services............................................................................. 299 Using Other Back-end Data Stores........................................................................................ 300 How to Set up a Database Connection........................................................................... 300 How to Connect an Application Server Instance to Amazon RDS........................................ 301 Using ElastiCache Redis as an In-Memory Key-Value Store...................................................... 305 Step 1: Create an ElastiCache Redis Cluster.................................................................. 305 Step 2: Set up a Rails Stack......................................................................................... 307 Step 3: Create and Deploy a Custom Cookbook.............................................................. 307 Step 4: Assign the Recipe to a LifeCycle Event................................................................ 310 Step 5: Add Access Information to the Stack Configuration JSON....................................... 311 Step 6: Deploy and run the App.................................................................................... 312 Using an Amazon S3 Bucket................................................................................................ 313 Step 1: Create an Amazon S3 Bucket............................................................................ 313 Step 2: Create a PHP App Server Stack......................................................................... 315 Step 3: Create and Deploy a Custom Cookbook.............................................................. 316 Step 4: Assign the Recipes to LifeCycle Events............................................................... 318 Step 5: Add Access Information to the Stack Configuration JSON....................................... 319 Step 6: Deploy and Run PhotoApp................................................................................ 320 Using the AWS OpsWorks CLI..................................................................................................... 323 Create an Instance (create-instance)..................................................................................... 324 Create an Instance with a Themed Host Name................................................................ 324 Deploy an App (create-deployment) ...................................................................................... 325 Migrate the Rails Database.......................................................................................... 326 Describe a Stack's Apps (describe-apps)............................................................................... 326 Describe a Stack's Commands (describe-commands).............................................................. 327 Describe a Stack's Deployments (describe-deployments).......................................................... 328 Describe a Stack's Elastic IP Addresses (describe-elastic-ips)................................................... 329 Describe a Stack's Instances (describe-instances)................................................................... 329 Describe Stacks (describe-stacks) ........................................................................................ 330 Describe a Stack's Layers (describe-layers)............................................................................ 331 Execute a Recipe (create-deployment)................................................................................... 334 Install Dependencies (create-deployment).............................................................................. 335 Update the Stack Configuration (update-stack)........................................................................ 335 Debugging and Troubleshooting Guide........................................................................................... 337 Debugging Recipes ............................................................................................................ 337 Chef Logs................................................................................................................. 338 Using the Agent CLI ................................................................................................... 344 Running Cookbook Tests............................................................................................. 347 API Version 2013-02-18 vi AWS OpsWorks User Guide Common Debugging and Troubleshooting Issues..................................................................... 347 Debugging Custom Recipes......................................................................................... 348 Troubleshooting AWS OpsWorks ................................................................................. 349 Appendix A: AWS OpsWorks Layer Reference................................................................................ 354 HAProxy Layer Reference ................................................................................................... 354 MySQL Layer Reference ..................................................................................................... 356 Web Server Layers Reference.............................................................................................. 357 Java App Server Layer Reference................................................................................. 357 Node.js App Server Layer Reference............................................................................. 358 PHP App Server Layer Reference................................................................................. 360 Rails App Server Layer Reference................................................................................ 361 Static Web Server Layer Reference............................................................................... 362 Custom Layer Reference..................................................................................................... 363 Other Layers ..................................................................................................................... 364 Ganglia Layer Reference............................................................................................. 364 Memcached Layer Reference....................................................................................... 366 Appendix B: Instance Agent CLI................................................................................................... 368 agent_report .................................................................................................................... 369 get_json ........................................................................................................................... 369 instance_report ................................................................................................................. 372 list_commands .................................................................................................................. 373 run_command ................................................................................................................... 373 show_log ......................................................................................................................... 374 stack_state ...................................................................................................................... 375 Appendix C: AWS OpsWorks Attribute Reference............................................................................ 378 Stack Configuration and Deployment JSON Attributes.............................................................. 379 opsworks Attributes .................................................................................................... 380 opsworks_custom_cookbooks Attributes ........................................................................ 392 dependencies Attributes.............................................................................................. 392 ganglia Attributes ....................................................................................................... 392 mysql Attributes......................................................................................................... 393 passenger Attributes................................................................................................... 393 opsworks_bundler Attributes ........................................................................................ 394 deploy Attributes ........................................................................................................ 394 Other Top-Level Attributes ........................................................................................... 399 Built-in Recipe Attributes ..................................................................................................... 400 apache2 Attributes ..................................................................................................... 400 deploy Attributes ........................................................................................................ 406 haproxy Attributes ...................................................................................................... 407 memached Attributes.................................................................................................. 410 mysql Attributes......................................................................................................... 411 nginx Attributes.......................................................................................................... 415 opsworks_java Attributes............................................................................................. 418 passenger_apache2 Attributes ..................................................................................... 421 ruby Attributes........................................................................................................... 423 unicorn Attributes....................................................................................................... 424 Resources ................................................................................................................................ 427 Reference Guides, Tools, and Support Resources................................................................... 427 AWS Software Development Kits.......................................................................................... 428 History ..................................................................................................................................... 429 API Version 2013-02-18 vii AWS OpsWorks User Guide What is AWS OpsWorks? Cloud-based computing usually involves groups of AWS resources, such as EC2 instances, EBS volumes, and so on, which must be created and managed collectively. For example, a web application typically requires application servers, database servers, load balancers, and so on.This group of instances is typically called a stack; a simple application server stack might look something like the following. In addition to creating the instances and installing the necessary packages, you typically need a way to distribute applications to the application servers, monitor the stack's performance, manage security and permissions, and so on. AWS OpsWorks provides a simple and flexible way to create and manage stacks and applications. It supports a standard set of components—including application servers, database servers, load balancers, and more—that you can use to assemble your stack.These components all come with a standard config- uration and are ready to run. However, you aren't limited to the standard components and configurations. AWS OpsWorks gives you the tools to customize the standard package configurations, install additional packages, and even create your own custom components. AWS OpsWorks also provides a way to manage related AWS resources, such as Elastic IP addresses and Amazon EBS volumes. API Version 2013-02-18 1 AWS OpsWorks User Guide Stacks Here's what a basic PHP application server stack might look with AWS OpsWorks. It consists of a group of PHP application servers running behind an Elastic Load Balancing load balancer, with a backend MySQL database server. Although relatively simple, this stack shows all the key AWS OpsWorks features. Here's how it's put to- gether. Topics • Stacks (p.2) • Layers (p.3) • Instances (p.3) • Apps (p.4) • Customizing your Stack (p.4) • Resource Management (p.5) • Security and Permissions (p.5) • Monitoring and Logging (p.5) • CLI, SDK, and AWS CloudFormation Templates (p.6) • Where to Start (p.6) Stacks The stack is the core AWS OpsWorks component. It is basically a container for AWS resources—Amazon EC2 instances, Amazon EBS volumes, Elastic IP addresses, and so on—that have a common purpose and would be logically managed together.The stack helps you manage these resources as a group and also defines some default configuration settings, such as the instances' operating system and AWS region. If you want to isolate some stack components from direct user interaction, you can run the stack in a VPC. API Version 2013-02-18 2 AWS OpsWorks User Guide Layers Layers You define the stack's components by adding one or more layers. A layer is basically a blueprint that specifies how to configure a set of Amazon EC2 instances for a particular purpose, such as serving ap- plications or hosting a database server.You assign each instance to at least one layer, which determines what packages are to be installed on the instance, how they are configured, whether the instance has an Elastic IP address or Amazon EBS volume, and so on. AWS OpsWorks includes a set of built-in layers that support the following standard scenarios: • Application server: Java App Server, Node.js App Server, PHP App Server, Rails App Server, Static Web Server • Database server: Amazon RDS and MySQL • Load balancer: Elastic Load Balancing, HAProxy • Monitoring server: Ganglia • In-memory key-value store: Memcached If the built-in layers don't quite meet your requirements, you can customize or extend them by modifying packages' default configurations, adding custom Chef recipes to perform tasks such as installing additional packages, and more.You can also customize layers to work with AWS services that are not natively supported, such as using Amazon RDS as a database server. If that's still not enough, you can create a fully custom layer, which gives you complete control over which packages are installed, how they are configured, how applications are deployed, and more. Instances Each layer has at least one instance. An instance represents an Amazon EC2 instance and defines its basic configuration, such as operating system and size. Other configuration settings, such as Elastic IP addresses or Amazon EBS volumes, are defined by the instance's layer. In addition, each layer has an associated set of Chef recipes that AWS OpsWorks runs on the layer's instances at key points in an in- stance's life cycle. A layer's Setup recipes perform tasks such as installing and configuring the layer's packages and starting daemons; the Deploy recipes handle downloading applications; and so on.You can also run recipes manually, at any time. When you start an instance, AWS OpsWorks launches an Amazon EC2 instance using the configuration settings specified by the instance and its layer. After the Amazon EC2 has booted, AWS OpsWorks installs an agent that handles communication between the instance and the service. AWS OpsWorks then runs the layer's Setup recipes to install, configure, and start the layer's software, followed by the Deploy recipes, which install any applications. For example, after you start an instance that belongs to the example's PHP App Server layer, AWS OpsWorks launches an Amazon EC2 instance and then runs a set of recipes that install, configure, and start a PHP application server and install PHP applications. An instance can even belong to multiple layers. In that case, AWS OpsWorks runs the recipes for each layer so you can, for example, have an instance that supports a PHP application server and a MySQL database server. You can start instances in several ways. • 24/7 instances are started manually and run until you stop them. • Load-based instances are automatically started and stopped by AWS OpsWorks, based on specified load metrics, such as CPU utilization.They allow your stack to automatically adjust the number of in- stances to accommodate variations in incoming traffic. API Version 2013-02-18 3