added packer and build script

infra/custom_ami/packer/.gitignore

@@ -0,0 +1,2 @@
+manifest-*.json
+manifest-*.json.lock

infra/custom_ami/packer/catherine-fc.json

@@ -0,0 +1,67 @@
+{
+	"variables": {
+		"vpc": "{{env `BUILD_VPC_ID`}}",
+		"subnet": "{{env `BUILD_SUBNET_ID`}}",
+		"PROFILE": "{{env `AWS_PROFILE`}}",
+		"STAGE": "{{env `STAGE`}}",
+		"AMI_BASENAME": "{{env `AMI_BASENAME`}}"
+	},
+	"builders": [
+		{
+			"type": "amazon-ebs",
+			"name": "Custom AMI builder",
+			"region": "ap-northeast-1",
+      "source_ami": "ami-0cc75a8978fbbc969",
+			"instance_type": "t3.small",
+			"ssh_username": "ec2-user",
+			"ami_name": "{{user `AMI_BASENAME`}}-{{user `STAGE`}}-{{timestamp}}",
+			"tags": {
+				"Name": "{{user `AMI_BASENAME`}}-{{user `STAGE`}}",
+				"Base_AMI_ID": "{{ .SourceAMI }}",
+				"Base_AMI_NAME": "{{ .SourceAMIName }}",
+                "PROJECT": "CATHERINE_FC"
+			},
+			"run_tags": {
+				"Name": "{{user `AMI_BASENAME`}}-{{user `STAGE`}}-packer",
+				"PROJECT": "CATHERINE_FC"
+			},
+			"run_volume_tags": {
+				"Name": "{{user `AMI_BASENAME`}}-{{user `STAGE`}}-packer",
+				"PROJECT": "CATHERINE_FC"
+			},
+			"ami_description": "Amazon Linux 2 with NodeJS",
+			"vpc_id": "{{user `vpc`}}",
+			"subnet_id": "{{user `subnet`}}"
+		}
+	],
+	"provisioners": [
+		{
+			"type": "shell",
+			"inline": [
+				"sudo yum update",
+				"sudo yum -y install unzip",
+				"sudo yum -y install nano",
+				"sudo yum -y install dos2unix",
+				"wget -qO- https://raw.githubusercontent.com/nvm-sh/nvm/v0.35.3/install.sh | bash",
+				". ~/.nvm/nvm.sh",
+				"nvm install 12"
+			]
+		},
+		{
+			"type": "file",
+			"source": "../platform-uploads",
+			"destination": "/tmp"
+		},
+		{
+			"type": "shell",
+			"inline": [
+				"sudo chown -R root:root /tmp/platform-uploads",
+				"sudo dos2unix /tmp/platform-uploads/opt/web-init/web-init.sh",
+				"sudo cp -rf /tmp/platform-uploads/etc/* /etc/",
+				"sudo cp -rf /tmp/platform-uploads/opt/* /opt/",
+				"sudo systemctl enable web-init",
+				"sudo rm -rf /tmp/platform-uploads"
+			]
+		}
+	]
+}

infra/custom_ami/packer/vars/prod/vars.json

@@ -0,0 +1,6 @@
+{
+	"vpc": "vpc-c54553a2",
+	"subnet": "subnet-0d0fdf45",
+	"STAGE": "prod",
+	"AMI_BASENAME": "catherine-fc"
+}

infra/custom_ami/platform-uploads/etc/systemd/system/web-init.service

@@ -0,0 +1,11 @@
+[Unit]
+Description=Web Init
+Wants=network-online.target
+After=network-online.target
+
+[Service]
+ExecStart=/opt/web-init/web-init.sh
+Restart=always
+
+[Install]
+WantedBy=multi-user.target

infra/custom_ami/platform-uploads/opt/web-init/web-init.sh

@@ -0,0 +1,6 @@
+#!/bin/sh
+
+aws s3 cp s3://catherine-fc-infra/build.tar.gz .
+tar zxf build.tar.gz
+rm build.tar.gz
+node build/server/index.js

infra/custom_ami/platform-uploads/stationlink-agent-monitor.json

@@ -0,0 +1,180 @@
+{
+	"variables": {
+		"vpc": "{{env `BUILD_VPC_ID`}}",
+		"subnet": "{{env `BUILD_SUBNET_ID`}}",
+		"PROFILE": "{{env `AWS_PROFILE`}}",
+		"STAGE": "{{env `STAGE`}}",
+		"AMI_BASENAME": "{{env `AMI_BASENAME`}}"
+	},
+	"builders": [
+		{
+			"type": "amazon-ebs",
+			"name": "Custom AMI builder",
+			"region": "ap-northeast-1",
+			"source_ami_filter": {
+				"filters": {
+					"name": "RHEL-7.*"
+				},
+				"owners": [
+					"309956199498"
+				],
+				"most_recent": true
+			},
+			"instance_type": "t2.small",
+			"ssh_username": "ec2-user",
+			"ami_name": "{{user `AMI_BASENAME`}}-{{user `STAGE`}}-{{timestamp}}",
+			"tags": {
+				"Name": "{{user `AMI_BASENAME`}}-{{user `STAGE`}}",
+				"Base_AMI_ID": "{{ .SourceAMI }}",
+				"Base_AMI_NAME": "{{ .SourceAMIName }}",
+                "BUSINESS_REGION": "ACYAN",
+                "BUSINESS_UNIT": "MOBILITY",
+                "CLIENT": "KDDI",
+                "PLATFORM": "JAPAN_HORIZON_CTI"
+			},
+			"run_tags": {
+				"Name": "{{user `AMI_BASENAME`}}-{{user `STAGE`}}-packer",
+                "BUSINESS_REGION": "ACYAN",
+                "BUSINESS_UNIT": "MOBILITY",
+                "CLIENT": "KDDI",
+                "PLATFORM": "JAPAN_HORIZON_CTI",
+                "SCHEDULER:SLEEP": "INACTIVE"
+			},
+			"run_volume_tags": {
+				"Name": "{{user `AMI_BASENAME`}}-{{user `STAGE`}}-packer",
+                "BUSINESS_REGION": "ACYAN",
+                "BUSINESS_UNIT": "MOBILITY",
+                "CLIENT": "KDDI",
+                "PLATFORM": "JAPAN_HORIZON_CTI"
+			},
+			"snapshot_tags": {
+				"Name": "{{user `AMI_BASENAME`}}-{{user `STAGE`}}",
+                "BUSINESS_REGION": "ACYAN",
+                "BUSINESS_UNIT": "MOBILITY",
+                "CLIENT": "KDDI",
+                "PLATFORM": "JAPAN_HORIZON_CTI"
+			},
+			"ami_description": "RHEL7 with Java/Filebeat",
+			"vpc_id": "{{user `vpc`}}",
+			"subnet_id": "{{user `subnet`}}",
+			"encrypt_boot": "true"
+		}
+	],
+
+	"provisioners": [
+		{
+			"type": "shell",
+			"inline": [
+				"sudo yum -y install java-1.8.0-openjdk.i686 java-1.8.0-openjdk-debug.i686",
+				"sudo yum -y install java-1.8.0-openjdk-devel.i686 java-1.8.0-openjdk-devel-debug.i686",
+				"sudo yum -y install unzip",
+				"sudo yum -y install nano",
+				"sudo yum -y install dos2unix",
+				"sudo curl 'https://s3.amazonaws.com/aws-cli/awscli-bundle.zip' -o 'awscli-bundle.zip'",
+				"sudo unzip awscli-bundle.zip",
+				"sudo ./awscli-bundle/install -i /usr/local/aws -b /usr/local/bin/aws",
+				"sudo rm -rf awscli-bundle",
+				"sudo rm -f awscli-bundle.zip",
+				"sudo yum -y install https://s3.amazonaws.com/amazoncloudwatch-agent/redhat/amd64/latest/amazon-cloudwatch-agent.rpm",
+				"sudo yum -y install https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_amd64/amazon-ssm-agent.rpm"
+			]
+		},
+		{
+			"type": "shell",
+			"inline": [
+				"mkdir -p /tmp/platform-uploads/etc/cron.d",
+				"mkdir -p /tmp/platform-uploads/etc/gov-ad-auth",
+				"mkdir -p /tmp/platform-uploads/etc/metricbeat/conf.d",
+				"mkdir -p /tmp/platform-uploads/etc/metricbeat/shell",
+				"mkdir -p /tmp/platform-uploads/etc/systemd/system",
+				"mkdir -p /tmp/platform-uploads/etc/yum.repos.d",
+				"mkdir -p /tmp/platform-uploads/opt/asurion",
+				"mkdir -p /tmp/platform-uploads/opt/aws/amazon-cloudwatch-agent/etc",
+				"mkdir -p /tmp/platform-uploads/opt/gov-ad-auth/bin",
+				"mkdir -p /tmp/platform-uploads/opt/mvap/tsapi/client/certs/CA",
+				"mkdir -p /tmp/platform-uploads/usr/lib"
+			]
+		},
+		{
+			"type": "file",
+			"source": "../platform-uploads",
+			"destination": "/tmp"
+		},
+		{
+			"type": "shell",
+			"inline": [
+				"sudo chown -R root:root /tmp/platform-uploads",
+				"sudo mv -f /tmp/platform-uploads/etc/yum.repos.d/* /etc/yum.repos.d/",
+				"sudo yum -y install metricbeat",
+				"sudo mv /tmp/platform-uploads/opt/cti-agent-monitor/{{user `STAGE`}}.sh /tmp/platform-uploads/opt/cti-agent-monitor/startup.sh",
+				"sudo dos2unix /tmp/platform-uploads/opt/cti-agent-monitor/startup.sh",
+				"sudo dos2unix /tmp/platform-uploads/opt/log-tailer/log-tail.sh",
+				"sudo mv /tmp/platform-uploads/opt/aws/amazon-cloudwatch-agent/etc/json/{{user `STAGE`}}.json /tmp/platform-uploads/opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.json",
+				"sudo rm -rf /tmp/platform-uploads/opt/aws/amazon-cloudwatch-agent/etc/json/",
+				"sudo mv /tmp/platform-uploads/etc/metricbeat/shell/{{user `STAGE`}}.sh /tmp/platform-uploads/etc/metricbeat/start-metricbeat.sh",
+				"sudo rm -rf /tmp/platform-uploads/etc/metricbeat/shell/",
+				"sudo yum -y install filebeat",
+				"sudo mv /tmp/platform-uploads/etc/filebeat/shell/{{user `STAGE`}}.sh /tmp/platform-uploads/etc/filebeat/start-filebeat.sh",
+				"sudo rm -rf /tmp/platform-uploads/etc/filebeat/shell/",
+				"sudo cp -rf /tmp/platform-uploads/etc/* /etc/",
+				"sudo cp -rf /tmp/platform-uploads/usr/* /usr/",
+				"sudo cp -rf /tmp/platform-uploads/opt/* /opt/",
+				"sudo yum -y install /opt/asurion/tsapi-client-linux-8.0.1-132.i386.rpm",
+				"sudo chmod 644 /etc/metricbeat/metricbeat.yml /etc/metricbeat/conf.d/*",
+				"sudo chmod 755 /etc/metricbeat",
+				"sudo chmod 755 /etc/metricbeat/conf.d",
+				"sudo chmod 755 /etc/metricbeat/start-metricbeat.sh",
+				"sudo chmod 644 /etc/filebeat/filebeat.yml /etc/filebeat/conf.d/* /etc/filebeat/modules.d/*",
+				"sudo chmod 755 /etc/filebeat",
+				"sudo chmod 755 /etc/filebeat/conf.d",
+				"sudo chmod 755 /etc/filebeat/modules.d",
+				"sudo chmod 755 /etc/filebeat/start-filebeat.sh",
+				"sudo chmod 775 /opt/cti-agent-monitor",
+				"sudo chmod 755 /opt/cti-agent-monitor/startup.sh",
+				"sudo chmod 775 /opt/log-tailer",
+				"sudo chmod 755 /opt/log-tailer/log-tail.sh",
+				"sudo chmod 755 /opt/gov-ad-auth/bin/startup.sh",
+				"sudo chmod 755 /usr/lib/libTsapiJava.so",
+				"sudo chmod 644 /usr/lib/tslibrc",
+				"sudo chmod 755 /etc/yum.repos.d",
+				"sudo systemctl enable gov-ad-auth",
+				"sudo systemctl enable cti-agent-monitor",
+				"sudo systemctl enable cti-log-tailer",
+				"sudo systemctl enable metricbeat",
+				"sudo systemctl enable amazon-cloudwatch-agent",
+				"sudo rm -rf /tmp/platform-uploads"
+			]
+		},
+		{
+			"type": "shell",
+			"inline": [
+				"sudo yum -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm",
+				"sudo yum -y install ansible"
+			]
+		},
+		{
+			"type": "ansible-local",
+			"playbook_files": [
+				"../ansible/updatepackages.yml",
+				"../ansible/user-creation.yml",
+				"../ansible/beats.yml",
+				"../ansible/post-install-cleanup.yml"
+			],
+			"playbook_dir": "../ansible",
+			"galaxy_file": "../ansible/requirements.yml",
+			"extra_arguments": [
+				"--extra-vars \"STAGE={{user `STAGE`}}\""
+			]
+		}
+	],
+	"post-processors": [
+		{
+			"type": "manifest",
+			"output": "manifest-stationlink-agent-monitor-{{user `STAGE`}}.json",
+			"strip_path": true,
+			"custom_data": {
+				"ami_name": "{{user `AMI_BASENAME`}}-{{user `STAGE`}}"
+			}
+		}
+	]
+}

infra/custom_ami/readme.md

@@ -0,0 +1,11 @@
+## Infrastructure scripting tools
+
+* Packer
+    - create AMI
+
+1. Create AMI
+    1. assume $env is one of ~~nonprod, uat,~~ prod
+    1. $ cd packer
+    1. $ packer build -var-file=vars/${env}/vars.json catherine-fc.json
+
+