Bootstrapping with AWS CloudFormation - PowerShell DSC on the AWS Cloud

Bootstrapping with AWS CloudFormation

AWS CloudFormation allows you to define a set of resources needed to run an application in the form of a declarative JSON (JavaScript Object Notation) template. The resources within the template can include Amazon EC2 instances, Elastic Load Balancers, and more. AWS CloudFormation takes care of provisioning all of your AWS resources, and there are a number of techniques that can be used to bootstrap applications running on your Amazon EC2 instances. The instances in this Quick Start Reference Deployment are partially bootstrapped using the AWS CloudFormation helper process called cfn-init, which allows us to download scripts and define initialization commands. Once the instance is up and running, we'll rely on PowerShell DSC for the Windows and application-specific configuration.

AWS CloudFormation Metadata and cfn-init

You can attach metadata to any resource in your AWS CloudFormation template. The cfn-init helper script retrieves and interprets the resource metadata to create and download files, start services, and define commands that should be executed on the instance. Figure 4 shows a simple example of the techniques used in this Quick Start Reference Deployment to bootstrap instances using AWS CloudFormation.

        Simplified Example of Bootstrapping a DSC Client Instance using AWS CloudFormation

Figure 4: Simplified Example of Bootstrapping a DSC Client Instance using AWS CloudFormation

When cfn-init runs on the instance, it looks for resource metadata rooted in the AWS::CloudFormation::Init metadata key. The metadata is organized into config keys, which you can optionally group into configsets. Using configsets allows you to organize a sequence of commands into individual groups, and cfn-init will process each configset in order. Please note the following aspects of this process as depicted in Figure 4:

  • Lines 41 and 42 – Two configsets are defined: one that will rename and reboot the computer, and another to bootstrap the DSC client upon rebooting.

  • Line 47 – The single PowerShell command in the rename configset which renames and reboots the computer. Keep in mind that we can have numerous sections within each configset. Each can create its own set of files, start services, or run commands.

  • Line 48 – The waitAfterCompletion key specifies how long to wait (in seconds) after a command has finished in case the command causes a reboot. The default value is 60 seconds and a value of forever directs cfn-init to exit and resume only after the reboot is complete.

  • Line 53 – The SetPullMode.ps1 script runs after the reboot to bootstrap the PowerShell DSC client.