AWS Automation

This page describes the functionality of a bash script that automates the setup of SAP Sailing Analytics instances.

Importance

  • Avoiding misconfiguration of instances due to human mistakes
  • Allowing fast reaction times to external needs (e.g. horizontal scaling)
  • Saving time

Scenarios

  • SAP instance on a dedicated EC2 instance
  • SAP instance on a shared EC2 instance
  • SAP instance on a dedicated EC2 instance as a master
  • SAP instance on a dedicated EC2 instance as a replica

Basics

1. Example setup: SAP instance on a dedicated EC2 instance

Login to the https://aws.amazon.com/console/. Account number: 017363970217.

Parameters necessary for EC2 instance:

  • Keypair
  • Instance type (e.g. t2.medium)
  • Security group
  • Image
  • User Data

Example of content for parameter User Data:

MONGODB_HOST=123.123.123.123
MONGODB_PORT=27017
MONGODB_NAME=wcsantander2017 
SERVER_NAME=wcsantander2017
USE_ENVIRONMENT=live-server
INSTALL_FROM_RELEASE=build-201803302246
SERVER_STARTUP_NOTIFY=leon.radeck@sap.com

2. SAP instance configuration

[image1]

Necessary configuration steps:

  • Create event in admin console
  • Create new user account with permissions for that event
  • Change admin password

If instance home page or event page should be reachable by a specific URL:

Add one of the following lines to /etc/httpd/conf.d/001-events.conf:

Use Home-SSL [instance name].sapsailing.com 127.0.0.1 8888" 

Use Event-SSL [instance name].sapsailing.com “[event id]“ 127.0.0.1 8888

Then check and reload apache configuration by entering the commands:

apachectl configtest
sudo service httpd reload

3. Load Balancer configuration

To reach the SAP instance by a specific URL (e.g. wcsantander2017.sapsailing.com), follow these steps:

  • Create target group with name "S-dedicated-wcsantander2017"
  • Create rule within HTTPS listener of load balancer. Enter "wcsantander2017.sapsailing.com" as a host name matching rule. Choose target group created in step one.
  • Configure the health check of the target group
  • Register instance within the target group

[image2]

AWS Command Line Interface (AWS CLI)

Information about installation and configuration of the AWS CLI can be found here https://aws.amazon.com/de/cli/.

Example command and response of the AWS CLI to get information about all existing EC2 instances of a region:

Command: aws –region eu-west-2 ec2 describe-instances

Response:

{
“Reservations”: [
 {
“Instances”: [
 {
“Monitoring”: {
“State”: “disabled”
 },
“PublicDnsName”: “ec2-35-178-117-16.eu-west-2.compute.amazonaws.com”,
“State”: {
“Code”: 16,
“Name”: “running”
 },
“EbsOptimized”: false,
“LaunchTime”: “2018-04-06T04:09:29.000Z”,
“PublicIpAddress”: “35.178.117.16”,
“PrivateIpAddress”: “172.31.38.162”,
“ProductCodes”: [],
“VpcId”: “vpc-e5ba568c”,
“StateTransitionReason”: “”,
“InstanceId”: “i-066952116fe71fa65”,
“ImageId”: “ami-39f3e25d”,
“PrivateDnsName”: “ip-172-31-38-162.eu-west-2.compute.internal”,
“KeyName”: “leonradeck-keypair”,
[...]
Filtering

Limit instances that are returned by passing a parameter:

aws ec2 describe-instances –instance-ids i-066952116fe71fa65

Querying

Get value of specific attribute:

aws ec2 describe-instances –instance-ids i-066952116fe71fa65 –query ‘Reservations[*].Instances[*]. PublicDnsName’

aws ec2 describe-vpcs –query ‘Vpcs[?IsDefault==true].VpcId’

More syntax information can be found here http://jmespath.org/.

Formatting

Use text as output format:

public_dns_name=$(aws ec2 describe-instances –instance-ids i-066952116fe71fa65 –query ‘Reservations[]. Instances[].PublicDnsName’ –output text)

Script

Files

aws-setup.sh:

  • Parameter processing
  • Sourcing of utils.sh, ~/aws-automation/confi g, ~/aws-automation/confi g-[region].sh
  • Start of scenarios
  • Helper methods

lib/build-config.sh:

  • GitHub script to write and read user configuration variables

lib/functions_app.sh:

  • Functions that relate to SAP instance configuration

lib/functions_ec2.sh:

  • Functions that relate to EC2 instance configuration

lib/functions_elb.sh:

  • Functions that relate to Elastic Load Balancing

lib/functions_io.sh:

  • Input processing (optional input, passwords, value proposals, default initialization)
  • Creation of user configuration files

lib/functions_wrapper.sh:

  • Wrapper functions with error handling logic

lib/require_variables.sh:

  • Declare input variable attributes (optional, required, password, default value, user question)

lib/scenario_associate_alb.sh:

  • Associate instance with load balancer (target group, health check, rule, apache configuration)

lib/scenario_instance.sh:

  • Create event
  • Change admin password
  • Associate with load balancer (target group, health check, rule, apache configuration)

lib/scenario_master_instance.sh:

  • Create instance with correct user data to be used as master
  • Create launch template for replica with matching user data to master

lib/scenario_replica_instance.sh:

  • Starting of a launch template

lib/scenario_shared_instance.sh:

  • Creation of a SAP instance on an existing EC2 instance
  • Check preconditions
  • Associate SAP instance with load balancer

lib/util_functions.sh:

  • Helper functions

lib/utils.sh:

  • Sourcing logic

lib/validation.sh:

  • Validation functions

lib/variables.sh:

  • Variables

Preconditions

  • AWS CLI (configured)
  • Cygwin with following packages: jq, openssh, wget, curl

User input

Every scenario requires user input for specific variables. For example the setup of a dedicated SAP instance on an EC2 instance requires the following variables:

  • region
  • load balancer
  • instance type (e.g. t2.medium)
  • security group
  • image
  • instance name
  • instanz short name (e.g. for subdomains)
  • mongodb host and port
  • alternative SSH user (default: root)
  • build version
  • keypair name
  • keypair path
  • event name (optional)
  • new admin password (optional)