Uploaded byMessageMedia
PDF, PPTX857 views

Infrastructure as code deployed using Stacker

This document discusses using Stacker to deploy infrastructure as code using CloudFormation templates. Stacker allows defining CloudFormation stacks in a YAML configuration file and handles dependencies between stacks. It uses Troposphere to generate templates in Python code for reusability and testing. Stacker supports features like lookups, environments, outputs from other stacks, and stack orchestration for deploying infrastructure in AWS.

Embed presentation

Download as PDF, PPTX
STRICTLY CONFIDENTIAL INFRASTRUCTURE AS CODE DEPLOYED USING STACKER
MessageMedia provides a high performance two way messaging platform for developers to build robust and highly scalable applications. Every year more than 25,000 customers send over 1.8 billion messages, enriching their applications with business messaging.
AWS CloudFormation • JSON template to create resources • Simple infrastructure ended up with large JSON templates • Large chunks of repeated code for similar resources • Nested templates • YAML support • Import/Export values • Infrastructure templates could get split up into smaller chunks • Wiring stacks up and understanding smaller templates is an issue
Stacker • Open source project started by remind101 • Companies like Remind, AltoStack, Strurdy Networks, Colbi use stacker • Easily Create/Update/Destroy many stacks in parallel for easy orchestration • Easy to manage large environments in a single config while still maintaining different stacks. • Manages dependencies between stacks • Only updates stacks that have changed and that have not been explicitly locked or disabled. • Easily pass Outputs from one stack and in as Variables to another • Use Environments to manage slightly different configuration in different environments. • Use Lookups to allow dynamic fetching or altering of data used in Variables. • Can create blueprints of stacks using Troposphere
Troposphere • Troposphere is an open source project started by Cloudtools • Troposphere allows for CloudFormation to be written in Python • Each AWS resource is represented by a Python class • Allows for resource code to be reused in loops • Reduces errors when creating resources • Has inbuilt type checking • Can build in unit tests to test template output • Keeps infrastructure code consistent • PR process becomes easier
alb api-app web-app Security group Target Group
Stacker Commands Build CloudFormation stacks using stacker stacker build --interactive conf/prod.env stacker.yaml Build CloudFormation template stacks using stacker. No deploy stacker build conf/prod.env stacker.yaml -d . Build CloudFormation template for specific stack within stacker config. No deploy stacker build conf/prod.env stacker.yaml --stacks alb -d . Destroy build infrastructure stacker destroy conf/prod.env stacker.yaml Get info about stacker config stacker info conf/prod.env stacker.yaml Perform a diff between deployed stacks and local stacks stacker diff conf/prod.env stacker.yaml
Stacker Config File stacker makes use of a YAML formatted config file to define the different CloudFormation stacks that make up a given environment. • namespace: A namespace to create all stacks within. Also gets prefixed for the fully qualified name of each resource. • stacker_bucket: Stacker, by default, pushes your CloudFormation templates into an S3 bucket and points CloudFormation at the template. All versions are stores in this bucket. • sys_path: This sets the classpath to the stacker blueprints that will be used. • service_role: This is the role arn for for stacker when executing the CloudFormation changes. By default this is not set. • package_sources: This is a remote source for your stacker blueprints. This could be somewhere external like git or s3. You can also specify remote config files. • pre_build, post_build, pre_detroy, post_detroy: Allows for pre and post hooks to be actioned. • tags: Can define tags for all stack resources. By default the stacker_namespace tag is applied • mappings: Just like CloudFormation mappings • lookups: This is where we can create and register custom lookups • stacks: Defines each stack within the stacker config and is the main part of the stacker config file
Stacker Config File - Stacks The stacks element in the stacker config is the main section which defines which stacks and there specific variable values are defined. • name: Name of the stack • class_path: Path to the stacker blueprint • variables: A dictionary of Variables that can be passed into stacks which are used by the Blueprint • description: Description for the CloudFormation stack • locked: Locked stacks will not update unless run with the force flag • enabled: This can be used to disable stacks • protected: If stack changes are done in non interactive mode and this option is set to true it will switch you to interactive mode. • requires: A list of other stacks prior to doing changes to this stack • tags: Can define tags for resources in this stack • stack_name: Define a name for the stack • region: Specified the region explicitly for the stack • profile: Specifies the profile to be used for the AWS API calls • stack_policy_path: Can set policies for CloudFormation create and update paths and set restrictions for protected resources like RDS instances.
Stacker Environment File Environments allow you to use your existing stacker config, but provide different values based on the environment file chosen on the command line Stacker Blueprints A python class that is responsible for creating a CloudFormation template built using troposphere • Requires the Blueprint is a subclass of stacker.blueprints.base class • A Variables property needs to be defined that accepts values from the stack-variable sections in the config file. This acts much like the parameters for a CloudFormation template • Variables have different types. • Native python types • Troposphere resource types • Resource resource types (AWS Recourses) • Property resource types (AWS Recourses Properties) • CFNType: To pass in as a CloudFormation Parameter • Tests can be built in
Lookup Types • output lookup • xref lookup • rxref lookup • kms lookup • ssmstore lookup • file lookup • dynamodb lookup • envvar lookup • ami lookup • hook_data lookup • custom lookup
Output Lookup Used to reference CloudFormation output values in the stacker config file. Note for the output value to work it needs to be in the same namespace stacker config. Troposphere/Stacker Blueprint: Output(
 "User",
 Description="User Unencrypted from SSM",
 Value=user,
 ) Stacker Yaml Config File: ConfVariable: ${outputsomeStack::SomeOutput}
Xref Lookup xref lookups resolve output values from stacks that are not contained within the current stacker namespace. These outputs would belong to stacks that are not in the same account but not in the stacker config file. Stacker Yaml Config File: ConfVariable: ${xref MyNamespace-my-stack::SomeOutput} Rxref Lookup rxref lookups resolve output values from stacks that are not contained within the current stacker conf file but are relative to the same namespace. Stacker Yaml Config File: ConfVariable: ${rxref my-stack::SomeOutput}
KMS Lookup Can use a KMS key to encrypt a string and place this as a variable. Should use separate IAM permissions for users to manage and encrypt keys while only the resource using the value should have IAM permissions to decrypt. To encrypt value: aws --region us-east-1 kms encrypt --key-id alias/myStackerKey --plaintext "PASSWORD" --output text --query CiphertextBlob CiD6bC8t2Y<...encrypted blob...> Stacker Yaml Config File: DBPassword: ${kms us-east-1@CiD6bC8t2Y<...encrypted blob...>} Value that will get used in the template: PASSWORD
SSMStore Lookup Can use a SSM Parameter Store to save a string and place this as a variable. If using encrypted SecureStrings should use separate IAM permissions for users to manage and encrypt values using keys while only the resource using the value should have IAM permissions to decrypt. To create an SSM Stored value: aws ssm put-parameter –name “MyDBUser” –type “String” / –value “root” To create an SSM Stored value: aws ssm put-parameter –name “MyDBUser” –type “String” / –value “root” / --key-id alias/myStackerKey Stacker Yaml Config File: DBUser: ${ssmstore us-east-1@MyDBUser} Value that will get used in the template: PASSWORD
File Lookup Can specify a file with data that can be retrieved via a variable into the troposphere CloudFormation template # We've written a file to /some/path: echo "hello there" > /some/path # In stacker we would reference the contents of this file with the following conf_key: ${file plain:file://some/path} # The above would resolve to conf_key: hello there • Can also use S3. • Can apply Base64 encoding. • Main use case is for userdata
DynamoDB Lookup Can a value within a DynamoDB table as a stacker variable value. The syntax also allows you to traverse through the item map # We can reference that dynamo value: BucketName: ${dynamodb us-east-1:TestTable@TestKey:TestVal.BucketName} # Which would resolve to: DBUser: stacker-test-bucket # Valid type values are: “S”(String), “N”(Number), “M”(Map), “L”(List). # We can reference keys within a DynamoDB item map ServerCount: ${dynamodb us-east-1:TestTable@TestKey:TestVal.ServerInfo[M] .ServerCount[N]}
Shell Environment Lookup # Set an environment variable in the current shell. export DATABASE_USER=root # In the stacker config we could reference the value: DBUser: ${envvar DATABASE_UER} # Which would resolve to: DBUser: root
EC2 AMI Lookup # In the stacker config we could reference the latest ami of the following region, owner, name_regex and other filter values: ImageId: ${ami [<region>@]owners:self,888888888888,amazon name_regex:server[0-9]+ architecture:i386} Hook Data Lookup # When using hooks, you can have the hook store results in the hook_data dictionary on the context by setting data_key in the hook config. This allows you to lookup the data_key values. Code: ${hook_data myfunction::TheCode} Custom Lookup # This allows you to create and register your custom lookup.
Resource Stacker Documentation: • http://stacker.readthedocs.io/en/latest/ Stacker GitHub Repositories: • https://github.com/remind101/stacker • https://github.com/remind101/stacker_blueprints • https://github.com/remind101/stacker_cookiecutter Troposphere GitHub Repository: • https://github.com/cloudtools/troposphere
Stay in touch!!
 
 LinkedIn: linkedin.com/in/dilanka-dharmawardena
 
 Slack: https://messagemediadevs.slack.com
 Developer Portal: https://developers.messagemedia.com
 Twitter: https://twitter.com/messagemedia1

More Related Content

PDF
Cassandra 2.1 boot camp, Read/Write path
byJoshua McKenzie
 
PDF
SQL to Hive Cheat Sheet
byHortonworks
 
PPTX
Hive commands
byGanesh Sanap
 
PPTX
Using existing language skillsets to create large-scale, cloud-based analytics
byMicrosoft Tech Community
 
PDF
Apache Con NA 2013 - Cassandra Internals
byaaronmorton
 
PDF
Impala 2.0 Update #impalajp
byCloudera Japan
 
PDF
Hive Anatomy
bynzhang
 
PPTX
Databases on aws part 1
byParag Patil
 
Cassandra 2.1 boot camp, Read/Write path
byJoshua McKenzie
 
SQL to Hive Cheat Sheet
byHortonworks
 
Hive commands
byGanesh Sanap
 
Using existing language skillsets to create large-scale, cloud-based analytics
byMicrosoft Tech Community
 
Apache Con NA 2013 - Cassandra Internals
byaaronmorton
 
Impala 2.0 Update #impalajp
byCloudera Japan
 
Hive Anatomy
bynzhang
 
Databases on aws part 1
byParag Patil
 

What's hot

PPTX
Advanced Sqoop
byYogesh Kulkarni
 
PPTX
Hadoop & HDFS for Beginners
byRahul Jain
 
PPTX
SQLIO - measuring storage performance
byvalerian_ceaus
 
PPTX
NoSql Database
bySuresh Parmar
 
PDF
Sqoop
byPrashant Gupta
 
PPTX
Native Code, Off-Heap Data & JSON Facet API for Solr (Heliosearch)
byYonik Seeley
 
PDF
Oak / Solr integration
byTommaso Teofili
 
PDF
Kafka zero to hero
byAvi Levi
 
PDF
The First Class Integration of Solr with Hadoop
bylucenerevolution
 
PPTX
Big data, just an introduction to Hadoop and Scripting Languages
byCorley S.r.l.
 
PDF
Performance evaluation of cloudera impala (with Comparison to Hive)
byYukinori Suda
 
PPT
11. From Hadoop to Spark 2/2
byFabio Fumarola
 
PDF
Cloudera Impala Source Code Explanation and Analysis
byYue Chen
 
PPT
8a. How To Setup HBase with Docker
byFabio Fumarola
 
PDF
An Introduction to Basics of Search and Relevancy with Apache Solr
byLucidworks (Archived)
 
PDF
CQL performance with Apache Cassandra 3.0 (Aaron Morton, The Last Pickle) | C...
byDataStax
 
PDF
Cassandra by example - the path of read and write requests
bygrro
 
PPTX
Data analysis scala_spark
byYiguang Hu
 
PPTX
HBase In Action - Chapter 04: HBase table design
byphanleson
 
PPT
Solr Performance Monitoring with SPM
bySematext Group, Inc.
 
Advanced Sqoop
byYogesh Kulkarni
 
Hadoop & HDFS for Beginners
byRahul Jain
 
SQLIO - measuring storage performance
byvalerian_ceaus
 
NoSql Database
bySuresh Parmar
 
Sqoop
byPrashant Gupta
 
Native Code, Off-Heap Data & JSON Facet API for Solr (Heliosearch)
byYonik Seeley
 
Oak / Solr integration
byTommaso Teofili
 
Kafka zero to hero
byAvi Levi
 
The First Class Integration of Solr with Hadoop
bylucenerevolution
 
Big data, just an introduction to Hadoop and Scripting Languages
byCorley S.r.l.
 
Performance evaluation of cloudera impala (with Comparison to Hive)
byYukinori Suda
 
11. From Hadoop to Spark 2/2
byFabio Fumarola
 
Cloudera Impala Source Code Explanation and Analysis
byYue Chen
 
8a. How To Setup HBase with Docker
byFabio Fumarola
 
An Introduction to Basics of Search and Relevancy with Apache Solr
byLucidworks (Archived)
 
CQL performance with Apache Cassandra 3.0 (Aaron Morton, The Last Pickle) | C...
byDataStax
 
Cassandra by example - the path of read and write requests
bygrro
 
Data analysis scala_spark
byYiguang Hu
 
HBase In Action - Chapter 04: HBase table design
byphanleson
 
Solr Performance Monitoring with SPM
bySematext Group, Inc.
 

Similar to Infrastructure as code deployed using Stacker

PDF
Infrastructure as code with Amazon Web Services
byJulien SIMON
 
PPTX
Stack kicker devopsdays-london-2013
bySimon McCartney
 
PPTX
Continuous Deployment with Amazon Web Services by Carlos Conde
byCodemotion
 
PDF
Deployment and Management on AWS:
 A Deep Dive on Options and Tools
byDanilo Poccia
 
PPT
AWS Devops
bySivakumar Ramar
 
PPTX
Dev & Test on AWS - Hebrew Webinar
byBoaz Ziniman
 
PPTX
Devops on AWS
byAWS Riyadh User Group
 
PPTX
Introduction to aws cloud formation
byAniruddha jawanjal
 
PDF
CloudStack Tooling Ecosystem – Kiran Chavala, ShapeBlue
byShapeBlue
 
PDF
GitHub to Lambda: Developing, testing and deploying serverless apps::Faten He...
byAmazon Web Services Korea
 
PPTX
Introduction to DevOps on AWS
byShiva Narayanaswamy
 
PDF
AWS CDK introduction
byleo lapworth
 
PPTX
AWS SSA Webinar 28 - Getting Started with AWS - Infrastructure as Code
byCobus Bernard
 
PDF
MJ Berends talk - Women & Non-Binary Focused Intro to AWS
byAWS Chicago
 
PDF
Devops continuousintegration and deployment onaws puttingmoneybackintoyourmis...
byEmerson Eduardo Rodrigues Von Staffen
 
PPTX
MJ Berends talk from AWS Chicago Summit
byAWS Chicago
 
PPTX
Efficient way to manage environments in AWS
byamii894
 
DOCX
DevOps.docx
bySmritiSingh439780
 
PDF
Hybrid cloud wiskyweb2012
byCombell NV
 
PDF
IaC: Tools of the trade
byMichael Pearce
 
Infrastructure as code with Amazon Web Services
byJulien SIMON
 
Stack kicker devopsdays-london-2013
bySimon McCartney
 
Continuous Deployment with Amazon Web Services by Carlos Conde
byCodemotion
 
Deployment and Management on AWS:
 A Deep Dive on Options and Tools
byDanilo Poccia
 
AWS Devops
bySivakumar Ramar
 
Dev & Test on AWS - Hebrew Webinar
byBoaz Ziniman
 
Devops on AWS
byAWS Riyadh User Group
 
Introduction to aws cloud formation
byAniruddha jawanjal
 
CloudStack Tooling Ecosystem – Kiran Chavala, ShapeBlue
byShapeBlue
 
GitHub to Lambda: Developing, testing and deploying serverless apps::Faten He...
byAmazon Web Services Korea
 
Introduction to DevOps on AWS
byShiva Narayanaswamy
 
AWS CDK introduction
byleo lapworth
 
AWS SSA Webinar 28 - Getting Started with AWS - Infrastructure as Code
byCobus Bernard
 
MJ Berends talk - Women & Non-Binary Focused Intro to AWS
byAWS Chicago
 
Devops continuousintegration and deployment onaws puttingmoneybackintoyourmis...
byEmerson Eduardo Rodrigues Von Staffen
 
MJ Berends talk from AWS Chicago Summit
byAWS Chicago
 
Efficient way to manage environments in AWS
byamii894
 
DevOps.docx
bySmritiSingh439780
 
Hybrid cloud wiskyweb2012
byCombell NV
 
IaC: Tools of the trade
byMichael Pearce
 

Recently uploaded

PDF
HOW TO OVERCOME THE THREATS OF ARTIFICIAL INTELLIGENCE AGAINST HUMANITY.pdf
byFaga1939
 
PDF
Chapter 5 Security Mechanisms iin computer security.pdf
byGetnet Tigabie Askale -(GM)
 
PDF
AI TOOLS FOR PRODUCTIVITY IN MODERN TIMES.pdf
bySantunu
 
PDF
How AI Can Help Platform Engineers Build Better Platforms
byAll Things Open
 
PPTX
Introducing VisualSim 2610 The Next Leap in System Level Modeling
byDeepak Shankar
 
PDF
Odoo Implementation Checklist: A Strategic ERP Blueprint for Business-Ready D...
byBANIBRO IT SOLUTION
 
PDF
Oracle Cloud Infrastructure 2025 Architect Professional (1Z0-1127-25) Master ...
byExamCert App
 
PDF
Agent Factory -AIOUG Multicloud - Feb 2026
bySandesh Rao
 
PDF
From Artificial Intelligence to African Intelligence: Transforming Research &...
byMoses Kemibaro
 
PPTX
Real-Time KPI Dashboard Playbook: What to Track Live and What Not To
byvictorworkvebo
 
PDF
February 2026 Patch Tuesday hosted by Chris Goettl and Todd Schell
byIvanti
 
PPTX
Microsoft Azure News - February 2026 - BAUG
byDaniel Toomey
 
PDF
apidays New York 2025 | AI in Application Security
byapidays
 
PDF
20260212 Security-JAWS activity results for 2025 and activity goals for 2026
byTyphon 666
 
PDF
apidays Paris 2025 | API Layer7 Security: Real-World Use Cases (BBVA & Nexi)
byapidays
 
PDF
Automated Governance for FME Flow: Smarter Admin at Scale
bySafe Software
 
PDF
GenerationAI_Paris_2025_Architecting_Intelligence.pdf
byapidays
 
PDF
Transcript: Escape from the Forbidden Zone: Smuggling green and inclusive tec...
byBookNet Canada
 
PDF
GDG Cloud Southlake #49: Pradeep R Kumar: Implications of Agentic AI for Iden...
byJames Anderson
 
PDF
shayk.online - Anonymous chat with Sinatra and WebSockets
byEleanor McHugh
 
HOW TO OVERCOME THE THREATS OF ARTIFICIAL INTELLIGENCE AGAINST HUMANITY.pdf
byFaga1939
 
Chapter 5 Security Mechanisms iin computer security.pdf
byGetnet Tigabie Askale -(GM)
 
AI TOOLS FOR PRODUCTIVITY IN MODERN TIMES.pdf
bySantunu
 
How AI Can Help Platform Engineers Build Better Platforms
byAll Things Open
 
Introducing VisualSim 2610 The Next Leap in System Level Modeling
byDeepak Shankar
 
Odoo Implementation Checklist: A Strategic ERP Blueprint for Business-Ready D...
byBANIBRO IT SOLUTION
 
Oracle Cloud Infrastructure 2025 Architect Professional (1Z0-1127-25) Master ...
byExamCert App
 
Agent Factory -AIOUG Multicloud - Feb 2026
bySandesh Rao
 
From Artificial Intelligence to African Intelligence: Transforming Research &...
byMoses Kemibaro
 
Real-Time KPI Dashboard Playbook: What to Track Live and What Not To
byvictorworkvebo
 
February 2026 Patch Tuesday hosted by Chris Goettl and Todd Schell
byIvanti
 
Microsoft Azure News - February 2026 - BAUG
byDaniel Toomey
 
apidays New York 2025 | AI in Application Security
byapidays
 
20260212 Security-JAWS activity results for 2025 and activity goals for 2026
byTyphon 666
 
apidays Paris 2025 | API Layer7 Security: Real-World Use Cases (BBVA & Nexi)
byapidays
 
Automated Governance for FME Flow: Smarter Admin at Scale
bySafe Software
 
GenerationAI_Paris_2025_Architecting_Intelligence.pdf
byapidays
 
Transcript: Escape from the Forbidden Zone: Smuggling green and inclusive tec...
byBookNet Canada
 
GDG Cloud Southlake #49: Pradeep R Kumar: Implications of Agentic AI for Iden...
byJames Anderson
 
shayk.online - Anonymous chat with Sinatra and WebSockets
byEleanor McHugh
 

Infrastructure as code deployed using Stacker

  • 1.
  • 2.
    MessageMedia provides ahigh performance two way messaging platform for developers to build robust and highly scalable applications. Every year more than 25,000 customers send over 1.8 billion messages, enriching their applications with business messaging.
  • 3.
    AWS CloudFormation • JSONtemplate to create resources • Simple infrastructure ended up with large JSON templates • Large chunks of repeated code for similar resources • Nested templates • YAML support • Import/Export values • Infrastructure templates could get split up into smaller chunks • Wiring stacks up and understanding smaller templates is an issue
  • 4.
    Stacker • Open sourceproject started by remind101 • Companies like Remind, AltoStack, Strurdy Networks, Colbi use stacker • Easily Create/Update/Destroy many stacks in parallel for easy orchestration • Easy to manage large environments in a single config while still maintaining different stacks. • Manages dependencies between stacks • Only updates stacks that have changed and that have not been explicitly locked or disabled. • Easily pass Outputs from one stack and in as Variables to another • Use Environments to manage slightly different configuration in different environments. • Use Lookups to allow dynamic fetching or altering of data used in Variables. • Can create blueprints of stacks using Troposphere
  • 5.
    Troposphere • Troposphere isan open source project started by Cloudtools • Troposphere allows for CloudFormation to be written in Python • Each AWS resource is represented by a Python class • Allows for resource code to be reused in loops • Reduces errors when creating resources • Has inbuilt type checking • Can build in unit tests to test template output • Keeps infrastructure code consistent • PR process becomes easier
  • 6.
  • 7.
    Stacker Commands Build CloudFormationstacks using stacker stacker build --interactive conf/prod.env stacker.yaml Build CloudFormation template stacks using stacker. No deploy stacker build conf/prod.env stacker.yaml -d . Build CloudFormation template for specific stack within stacker config. No deploy stacker build conf/prod.env stacker.yaml --stacks alb -d . Destroy build infrastructure stacker destroy conf/prod.env stacker.yaml Get info about stacker config stacker info conf/prod.env stacker.yaml Perform a diff between deployed stacks and local stacks stacker diff conf/prod.env stacker.yaml
  • 8.
    Stacker Config File stackermakes use of a YAML formatted config file to define the different CloudFormation stacks that make up a given environment. • namespace: A namespace to create all stacks within. Also gets prefixed for the fully qualified name of each resource. • stacker_bucket: Stacker, by default, pushes your CloudFormation templates into an S3 bucket and points CloudFormation at the template. All versions are stores in this bucket. • sys_path: This sets the classpath to the stacker blueprints that will be used. • service_role: This is the role arn for for stacker when executing the CloudFormation changes. By default this is not set. • package_sources: This is a remote source for your stacker blueprints. This could be somewhere external like git or s3. You can also specify remote config files. • pre_build, post_build, pre_detroy, post_detroy: Allows for pre and post hooks to be actioned. • tags: Can define tags for all stack resources. By default the stacker_namespace tag is applied • mappings: Just like CloudFormation mappings • lookups: This is where we can create and register custom lookups • stacks: Defines each stack within the stacker config and is the main part of the stacker config file
  • 9.
    Stacker Config File- Stacks The stacks element in the stacker config is the main section which defines which stacks and there specific variable values are defined. • name: Name of the stack • class_path: Path to the stacker blueprint • variables: A dictionary of Variables that can be passed into stacks which are used by the Blueprint • description: Description for the CloudFormation stack • locked: Locked stacks will not update unless run with the force flag • enabled: This can be used to disable stacks • protected: If stack changes are done in non interactive mode and this option is set to true it will switch you to interactive mode. • requires: A list of other stacks prior to doing changes to this stack • tags: Can define tags for resources in this stack • stack_name: Define a name for the stack • region: Specified the region explicitly for the stack • profile: Specifies the profile to be used for the AWS API calls • stack_policy_path: Can set policies for CloudFormation create and update paths and set restrictions for protected resources like RDS instances.
  • 10.
    Stacker Environment File Environmentsallow you to use your existing stacker config, but provide different values based on the environment file chosen on the command line Stacker Blueprints A python class that is responsible for creating a CloudFormation template built using troposphere • Requires the Blueprint is a subclass of stacker.blueprints.base class • A Variables property needs to be defined that accepts values from the stack-variable sections in the config file. This acts much like the parameters for a CloudFormation template • Variables have different types. • Native python types • Troposphere resource types • Resource resource types (AWS Recourses) • Property resource types (AWS Recourses Properties) • CFNType: To pass in as a CloudFormation Parameter • Tests can be built in
  • 11.
    Lookup Types • outputlookup • xref lookup • rxref lookup • kms lookup • ssmstore lookup • file lookup • dynamodb lookup • envvar lookup • ami lookup • hook_data lookup • custom lookup
  • 12.
    Output Lookup Used toreference CloudFormation output values in the stacker config file. Note for the output value to work it needs to be in the same namespace stacker config. Troposphere/Stacker Blueprint: Output(
 "User",
 Description="User Unencrypted from SSM",
 Value=user,
 ) Stacker Yaml Config File: ConfVariable: ${outputsomeStack::SomeOutput}
  • 13.
    Xref Lookup xref lookupsresolve output values from stacks that are not contained within the current stacker namespace. These outputs would belong to stacks that are not in the same account but not in the stacker config file. Stacker Yaml Config File: ConfVariable: ${xref MyNamespace-my-stack::SomeOutput} Rxref Lookup rxref lookups resolve output values from stacks that are not contained within the current stacker conf file but are relative to the same namespace. Stacker Yaml Config File: ConfVariable: ${rxref my-stack::SomeOutput}
  • 14.
    KMS Lookup Can usea KMS key to encrypt a string and place this as a variable. Should use separate IAM permissions for users to manage and encrypt keys while only the resource using the value should have IAM permissions to decrypt. To encrypt value: aws --region us-east-1 kms encrypt --key-id alias/myStackerKey --plaintext "PASSWORD" --output text --query CiphertextBlob CiD6bC8t2Y<...encrypted blob...> Stacker Yaml Config File: DBPassword: ${kms us-east-1@CiD6bC8t2Y<...encrypted blob...>} Value that will get used in the template: PASSWORD
  • 15.
    SSMStore Lookup Can usea SSM Parameter Store to save a string and place this as a variable. If using encrypted SecureStrings should use separate IAM permissions for users to manage and encrypt values using keys while only the resource using the value should have IAM permissions to decrypt. To create an SSM Stored value: aws ssm put-parameter –name “MyDBUser” –type “String” / –value “root” To create an SSM Stored value: aws ssm put-parameter –name “MyDBUser” –type “String” / –value “root” / --key-id alias/myStackerKey Stacker Yaml Config File: DBUser: ${ssmstore us-east-1@MyDBUser} Value that will get used in the template: PASSWORD
  • 16.
    File Lookup Can specifya file with data that can be retrieved via a variable into the troposphere CloudFormation template # We've written a file to /some/path: echo "hello there" > /some/path # In stacker we would reference the contents of this file with the following conf_key: ${file plain:file://some/path} # The above would resolve to conf_key: hello there • Can also use S3. • Can apply Base64 encoding. • Main use case is for userdata
  • 17.
    DynamoDB Lookup Can avalue within a DynamoDB table as a stacker variable value. The syntax also allows you to traverse through the item map # We can reference that dynamo value: BucketName: ${dynamodb us-east-1:TestTable@TestKey:TestVal.BucketName} # Which would resolve to: DBUser: stacker-test-bucket # Valid type values are: “S”(String), “N”(Number), “M”(Map), “L”(List). # We can reference keys within a DynamoDB item map ServerCount: ${dynamodb us-east-1:TestTable@TestKey:TestVal.ServerInfo[M] .ServerCount[N]}
  • 18.
    Shell Environment Lookup #Set an environment variable in the current shell. export DATABASE_USER=root # In the stacker config we could reference the value: DBUser: ${envvar DATABASE_UER} # Which would resolve to: DBUser: root
  • 19.
    EC2 AMI Lookup #In the stacker config we could reference the latest ami of the following region, owner, name_regex and other filter values: ImageId: ${ami [<region>@]owners:self,888888888888,amazon name_regex:server[0-9]+ architecture:i386} Hook Data Lookup # When using hooks, you can have the hook store results in the hook_data dictionary on the context by setting data_key in the hook config. This allows you to lookup the data_key values. Code: ${hook_data myfunction::TheCode} Custom Lookup # This allows you to create and register your custom lookup.
  • 20.
    Resource Stacker Documentation: • http://stacker.readthedocs.io/en/latest/ StackerGitHub Repositories: • https://github.com/remind101/stacker • https://github.com/remind101/stacker_blueprints • https://github.com/remind101/stacker_cookiecutter Troposphere GitHub Repository: • https://github.com/cloudtools/troposphere
  • 21.
    Stay in touch!!
 
 LinkedIn:linkedin.com/in/dilanka-dharmawardena
 
 Slack: https://messagemediadevs.slack.com
 Developer Portal: https://developers.messagemedia.com
 Twitter: https://twitter.com/messagemedia1