In my recent post laying out 6 Priorities for Ops in a ‘Serverless’ World, the number one priority was automation—and I suggested that readers, “Study up on DevOps deployment orchestration tools such as AWS CloudFormation.” Well, this post is designed to help you do just that.
Before we get started, though, it may help to know a bit more about CloudFormation. Here’s how AWS describes it:
AWS CloudFormation provides a common language for you to describe and provision all the infrastructure resources in your cloud environment. CloudFormation allows you to use a simple text file to model and provision, in an automated and secure manner, all the resources needed for your applications across all regions and accounts. This file serves as the single source of truth for your cloud environment.
A single file? Sounds too good to be true—but it’s not!
CloudFormation lets you create whole environments of AWS services, including Amazon Virtual Private Cloud (VPC), Amazon EC2, Amazon S3, Amazon EC2 Security Groups, and many more. And these CloudFormation templates can be used over and over again, making it super easy to launch a complex environment with just a few clicks.
Now that you have a sense of what CloudFormation is all about, let’s walk through a simple example of using it to launch an Amazon Linux v1 instance that automatically installs the New Relic Infrastructure agent on it.
Before we get started, though, there’s one thing I need to warn you about. Most of what goes into writing an AWS CloudFormation document is pretty straightforward. However, when you get to the part where you are writing your scripts in either BASH or Windows PowerShell, be aware that you are also wrapping that code within JSON. This means you need to do two levels of debugging: one for JSON and then another for the BASH/PowerShell script.
Another tip: If you can, create the BASH or PowerShell script in a live environment first. Make sure it works, then take that working script and add it to your JSON document. You’ll still need to replace some of the code with parameters where necessary, but at least you’ll reduce the debugging as much as possible.
With that in mind, let’s dive in.
How to use the CloudFormation template
From the AWS Console, open up CloudFormation (located in the Management Tools section). Create a new stack: click either Create Stack or Create New Stack:
Since I’ve already created the template for you, all you need to do is select Specify an Amazon S3 template URL and paste in this URL:
Click Next, and in the Specify Details interface, give this stack a name that makes sense for your needs:
Then enter the AWS Configurations Items for KeyName (your key pair), InstanceType, and SSHLocation.
Note: it’s not mandatory, but it’s a good idea to lock down the SSH location for better security—0.0.0.0/0 is open to the whole world.
After you finish inputting the AWS Configuration Items, add your New Relic Infrastructure license key (required). You can find this license key in the New Relic console under your Account settings.
Next come the New Relic Optional Configuration Items. Set the Agent File Location, Display Name, Proxy, etc. as appropriate for your implementation. Refer to the Infrastructure general attributes documentation for more information about these items:
Finally, set any New Relic Optional Custom Configuration items you want to use. Refer to the Infrastructure custom attributes documentation for more information about these items:
When you finish the configuration section, click Next. You’ll be prompted to set some additional optional settings. These include Tags (name your instance with the Name/[name] key/value pair), Permissions, Rollback Triggers, and other Advanced items. Add or select any items you wish and then click Next.
CloudFormation presents you with a Review screen containing all of the items you’ve entered. Click Create to build your CloudFormation stack. (Note that at this point Amazon will charge you for the AWS resources—an EC2 instance— used when you create a stack from this template.)
Wrap it up
This example launches an Amazon Linux v1 EC2 instance attached to a Security Group that opens up ports 80 (HTTP) and 22 (SSH). This instance will also configure and install the New Relic Infrastructure agent. Head over to your New Relic console to see your new instance appear there in just about a minute!
As you grow your environment, you can expand upon this template; it makes a great foundation. Or utilize parts of my template in your own AWS CloudFormation templates. Just be sure to copy the New Relic-specific items from the Parameters, Metadata, ParameterLabels, and EC2Instance/UserData sections.
Finally, in case you missed it above, the AWS CloudFormation/New Relic Infrastructure template is located at: