Fix/issue 893 - Add optional user-data to Rsyslog config (#902)

rjjaegeraws · hickeydh-aws · web-flow · commit d3df8499dba5 · 2022-03-03T08:52:58.000-06:00
* update rsyslog to support custom user data

* update rsyslog to support custom user data

* add other regex replacements

Co-authored-by: hickeydh-aws &lt;hickeydh@amazon.com&gt;
diff --git a/src/deployments/cdk/src/deployments/rsyslog/step-2.ts b/src/deployments/cdk/src/deployments/rsyslog/step-2.ts
@@ -226,6 +226,7 @@ export function createAsg(
     maxInstanceHosts: rsyslogConfig['max-rsyslog-hosts'],
     maxInstanceAge: rsyslogConfig['rsyslog-max-instance-age'],
     enforceImdsv2: rsyslogConfig['rsyslog-enforce-imdsv2'],
+    userData: rsyslogConfig['user-data'],
   });
 }
 
diff --git a/src/lib/cdk-constructs/src/vpc/asg.ts b/src/lib/cdk-constructs/src/vpc/asg.ts
@@ -32,6 +32,7 @@ export interface RsysLogAutoScalingGroupProps extends cdk.StackProps {
   maxInstanceHosts: number;
   maxInstanceAge: number;
   enforceImdsv2: boolean;
+  userData?: string;
 }
 
 export class RsysLogAutoScalingGroup extends cdk.Construct {
@@ -82,9 +83,23 @@ export class RsysLogAutoScalingGroup extends cdk.Construct {
       ],
     });
 
-    launchConfig.userData = cdk.Fn.base64(
-      `#!/bin/bash\necho "[v8-stable]\nname=Adiscon CentOS-6 - local packages for \\$basearch\nbaseurl=http://rpms.adiscon.com/v8-stable/epel-6/\\$basearch\nenabled=0\ngpgcheck=0\ngpgkey=http://rpms.adiscon.com/RPM-GPG-KEY-Adiscon\nprotect=1" >> /etc/yum.repos.d/rsyslog.repo\nyum update -y\nyum install -y rsyslog --enablerepo=v8-stable --setopt=v8-stable.priority=1\nchkconfig rsyslog on\naws s3 cp s3://${props.centralBucketName}/rsyslog/rsyslog.conf /etc/rsyslog.conf\nservice rsyslog restart\nwget https://s3.${cdk.Aws.REGION}.amazonaws.com/amazoncloudwatch-agent-${cdk.Aws.REGION}/amazon_linux/amd64/latest/amazon-cloudwatch-agent.rpm\nrpm -U ./amazon-cloudwatch-agent.rpm\ninstanceid=$(curl http://169.254.169.254/latest/meta-data/instance-id)\necho "{\\"logs\\": {\\"logs_collected\\": {\\"files\\": {\\"collect_list\\": [{\\"file_path\\": \\"/var/log/messages\\",\\"log_group_name\\": \\"${props.logGroupName}\\",\\"log_stream_name\\": \\"$instanceid\\"}]}}}}" >> /opt/aws/amazon-cloudwatch-agent/bin/config.json\n/opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -s -a fetch-config -m ec2 -c file:/opt/aws/amazon-cloudwatch-agent/bin/config.json`,
-    );
+    let launchConfigUserData = `#!/bin/bash\necho "[v8-stable]\nname=Adiscon CentOS-6 - local packages for \\$basearch\nbaseurl=http://rpms.adiscon.com/v8-stable/epel-6/\\$basearch\nenabled=0\ngpgcheck=0\ngpgkey=http://rpms.adiscon.com/RPM-GPG-KEY-Adiscon\nprotect=1" >> /etc/yum.repos.d/rsyslog.repo\nyum update -y\nyum install -y rsyslog --enablerepo=v8-stable --setopt=v8-stable.priority=1\nchkconfig rsyslog on\naws s3 cp s3://${props.centralBucketName}/rsyslog/rsyslog.conf /etc/rsyslog.conf\nservice rsyslog restart\nwget https://s3.${cdk.Aws.REGION}.amazonaws.com/amazoncloudwatch-agent-${cdk.Aws.REGION}/amazon_linux/amd64/latest/amazon-cloudwatch-agent.rpm\nrpm -U ./amazon-cloudwatch-agent.rpm\ninstanceid=$(curl http://169.254.169.254/latest/meta-data/instance-id)\necho "{\\"logs\\": {\\"logs_collected\\": {\\"files\\": {\\"collect_list\\": [{\\"file_path\\": \\"/var/log/messages\\",\\"log_group_name\\": \\"${props.logGroupName}\\",\\"log_stream_name\\": \\"$instanceid\\"}]}}}}" >> /opt/aws/amazon-cloudwatch-agent/bin/config.json\n/opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -s -a fetch-config -m ec2 -c file:/opt/aws/amazon-cloudwatch-agent/bin/config.json`;
+
+    if (props.userData) {
+      /* eslint-disable no-template-curly-in-string */
+      const replaceTokens = new Map([
+        ['\\${SEA:CUSTOM::RsyslogLogGroupName}', props.logGroupName],
+        ['\\${SEA:CUSTOM::Region}', cdk.Aws.REGION],
+        ['\\${SEA:CUSTOM::CentralBucket}', props.centralBucketName],
+      ]);
+
+      launchConfigUserData = props.userData;
+      for (const replaceToken of replaceTokens.entries()) {
+        launchConfigUserData = launchConfigUserData.replace(new RegExp(replaceToken[0], 'g'), replaceToken[1]);
+      }
+    }
+
+    launchConfig.userData = cdk.Fn.base64(launchConfigUserData);
   }
 }
 
diff --git a/src/lib/config-i18n/src/en.ts b/src/lib/config-i18n/src/en.ts
@@ -1540,6 +1540,10 @@ translate(c.RsyslogConfig, {
       description:
         'The number of days before the auto-scaling group replaces any instance. This ensures a clean image is always deployed and if the state machine has been executed, will deploy the most recent patch release of the AMI.',
     },
+    'user-data': {
+      title: 'user data',
+      description: 'Override the default user data EC2 init script.',
+    },
   },
 });
 
diff --git a/src/lib/config-i18n/src/fr.ts b/src/lib/config-i18n/src/fr.ts
@@ -1417,6 +1417,10 @@ translate(c.RsyslogConfig, {
       title: '',
       description: '',
     },
+    'user-data': {
+      title: '',
+      description: '',
+    },
   },
 });
 
diff --git a/src/lib/config/src/config.v2.ts b/src/lib/config/src/config.v2.ts
@@ -474,6 +474,7 @@ export const RsyslogConfig = t.interface({
   'rsyslog-enforce-imdsv2': t.defaulted(t.boolean, false),
   'rsyslog-root-volume-size': t.number,
   'rsyslog-max-instance-age': t.number,
+  'user-data': t.optional(t.nonEmptyString),
 });
 
 export type RsyslogConfig = t.TypeOf<typeof RsyslogConfig>;

Original file line number	Diff line number	Diff line change
`@@ -226,6 +226,7 @@ export function createAsg(`
`226`	`226`	`maxInstanceHosts: rsyslogConfig['max-rsyslog-hosts'],`
`227`	`227`	`maxInstanceAge: rsyslogConfig['rsyslog-max-instance-age'],`
`228`	`228`	`enforceImdsv2: rsyslogConfig['rsyslog-enforce-imdsv2'],`
	`229`	`+ userData: rsyslogConfig['user-data'],`
`229`	`230`	`});`
`230`	`231`	`}`
`231`	`232`