• Support for Previous Chef Versions in AWS OpsWorks Stacks (p. 464)
• Using AWS OpsWorks Stacks with Other AWS Services (p. 723)
• Using the AWS OpsWorks Stacks CLI (p. 785)
• Debugging and Troubleshooting Guide (p. 797)
• AWS OpsWorks Stacks Agent CLI (p. 815)
• AWS OpsWorks Stacks Data Bag Reference (p. 823)
• OpsWorks Agent Changes (p. 838)
Stacks
The stack is the core AWS OpsWorks Stacks component. It is basically a container for AWS resources—
Amazon EC2 instances, Amazon RDS database instances, and so on—that have a common purpose and should be logically managed together. The stack helps you manage these resources as a group and also defines some default configuration settings, such as the instances' operating system and AWS region. If you want to isolate some stack components from direct user interaction, you can run the stack in a VPC.
Layers
You define the stack's constituents by adding one or more layers. A layer represents a set of Amazon EC2 instances that serve a particular purpose, such as serving applications or hosting a database server.
You can customize or extend layers by modifying packages' default configurations, adding Chef recipes to perform tasks such as installing additional packages, and more.
For all stacks, AWS OpsWorks Stacks includes service layers, which represent the following AWS services.
• Amazon Relational Database Service
• Elastic Load Balancing
• Amazon Elastic Container Service
Layers give you complete control over which packages are installed, how they are configured, how applications are deployed, and more.
Recipes and LifeCycle Events
Layers depend on Chef recipes to handle tasks such as installing packages on instances, deploying apps, running scripts, and so on. One of the key AWS OpsWorks Stacks features is a set of lifecycle events—
Instances
Setup, Configure, Deploy, Undeploy, and Shutdown—which automatically run a specified set of recipes at the appropriate time on each instance.
Each layer can have a set of recipes assigned to each lifecycle event, which handle a variety of tasks for that event and layer. For example, after an instance that belongs to a web server layer finishes booting, AWS OpsWorks Stacks does the following.
1. Runs the layer's Setup recipes, which could perform tasks such as installing and configuring a web server.
2. Runs the layer's Deploy recipes, which deploy the layer's applications from a repository to the instance and perform related tasks, such as restarting the service.
3. Runs the Configure recipes on every instance in the stack so each instance can adjust its configuration as needed to accommodate the new instance.
For example, on an instance running a load balancer, a Configure recipe could modify the load balancer's configuration to include the new instance.
If an instance belongs to multiple layers, AWS OpsWorks Stacks runs the recipes for each layer so you can, for example, have an instance that supports a PHP application server and a MySQL database server.
If you have implemented recipes, you can assign each recipe to the appropriate layer and event and AWS OpsWorks Stacks automatically runs them for you at the appropriate time. You can also run recipes manually, at any time.
Instances
An instance represents a single computing resource, such as an Amazon EC2 instance. It defines the resource's basic configuration, such as operating system and size. Other configuration settings, such as Elastic IP addresses or Amazon EBS volumes, are defined by the instance's layers. The layer's recipes complete the configuration by performing tasks such as installing and configuring packages and deploying apps.
You can use AWS OpsWorks Stacks to create instances and add them to a layer. When you start the instance, AWS OpsWorks Stacks launches an Amazon EC2 instance using the configuration settings specified by the instance and its layer. After the Amazon EC2 instance has finished booting, AWS OpsWorks Stacks installs an agent that handles communication between the instance and the service and runs the appropriate recipes in response to lifecycle events.
AWS OpsWorks Stacks supports the following instance types, which are characterized by how they are started and stopped.
• 24/7 instances are started manually and run until you stop them.
• Time-based instances are run by AWS OpsWorks Stacks on a specified daily and weekly schedule.
They allow your stack to automatically adjust the number of instances to accommodate predictable usage patterns.
• Load-based instances are automatically started and stopped by AWS OpsWorks Stacks, based on specified load metrics, such as CPU utilization.
They allow your stack to automatically adjust the number of instances to accommodate variations in incoming traffic. Load-based instances are available only for Linux-based stacks.
AWS OpsWorks Stacks supports instance autohealing. If an agent stops communicating with the service, AWS OpsWorks Stacks automatically stops and restarts the instance.
Apps
You can also incorporate Linux-based computing resources into a stack that was created outside of AWS OpsWorks Stacks.
• Amazon EC2 instances that you created directly by using the Amazon EC2 console, CLI, or API.
• On-premises instances running on your own hardware, including instances running in virtual machines.
After you have registered one of these instances, it becomes an AWS OpsWorks Stacks instance and you can manage it in much the same way as instances that you create with AWS OpsWorks Stacks.
Apps
You store applications and related files in a repository, such as an Amazon S3 bucket. Each application is represented by an app, which specifies the application type and contains the information that is needed to deploy the application from the repository to your instances, such as the repository URL and password. When you deploy an app, AWS OpsWorks Stacks triggers a Deploy event, which runs the Deploy recipes on the stack's instances.
You can deploy apps in the following ways:
• Automatically—When you start instances, AWS OpsWorks Stacks automatically runs the instance's Deploy recipes.
• Manually—If you have a new app or want to update an existing one, you can manually run the online instances' Deploy recipes.
You typically have AWS OpsWorks Stacks run the Deploy recipes on the entire stack, which allows the other layers' instances to modify their configuration appropriately. However, you can limit deployment to a subset of instances if, for example, you want to test a new app before deploying it to every app server instance.
Customizing your Stack
AWS OpsWorks Stacks provides a variety of ways to customize layers to meet your specific requirements:
• You can modify how AWS OpsWorks Stacks configures packages by overriding attributes that represent the various configuration settings, or by even overriding the templates used to create configuration files.
• You can extend an existing layer by providing your own recipes to perform tasks such as running scripts or installing and configuring nonstandard packages.
All stacks can include one or more layers, which start with only a minimal set of recipes. You add
functionality to the layer by implementing recipes to handle tasks such as installing packages, deploying apps, and so on. You package your custom recipes and related files in one or more cookbooks and store the cookbooks in a repository such Amazon S3 or Git.
You can run recipes manually, but AWS OpsWorks Stacks also lets you automate the process by supporting a set of five lifecycle events:
• Setup occurs on a new instance after it successfully boots.
• Configure occurs on all of the stack's instances when an instance enters or leaves the online state.
• Deploy occurs when you deploy an app.
Resource Management
• Undeploy occurs when you delete an app.
• Shutdown occurs when you stop an instance.
Each layer can have any number of recipes assigned to each event. When a lifecycle event occurs on a layer's instance, AWS OpsWorks Stacks runs the associated recipes. For example, when a Deploy event occurs on an app server instance, AWS OpsWorks Stacks runs the layer's Deploy recipes to download the app or perform related tasks.
Resource Management
You can incorporate other AWS resources, such as Elastic IP addresses, into your stack. You can use the AWS OpsWorks Stacks console or API to register resources with a stack, attach registered resources to or detach them from instances, and move resources from one instance to another.
Security and Permissions
AWS OpsWorks Stacks integrates with AWS Identity and Access Management (IAM) to provide robust ways of controlling how users access AWS OpsWorks Stacks, including the following:
• How individual users can interact with each stack, such as whether they can create stack resources such as layers and instances, or whether they can use SSH or RDP to connect to a stack's Amazon EC2 instances.
• How AWS OpsWorks Stacks can act on your behalf to interact with AWS resources such as Amazon EC2 instances.
• How apps that run on AWS OpsWorks Stacks instances can access AWS resources such as Amazon S3 buckets.
• How to manage users' public SSH keys and RDP passwords and connect to an instance.
Monitoring and Logging
AWS OpsWorks Stacks provides several features to help you monitor your stack and troubleshoot issues with your stack and any recipes. For all stacks:
• AWS OpsWorks Stacks provides a set of custom CloudWatch metrics for Linux stacks, which are summarized for your convenience on the Monitoring page.
AWS OpsWorks Stacks supports the standard CloudWatch metrics for Windows stacks. You can monitor them with the CloudWatch console.
• CloudTrail logs, which record API calls made by or on behalf of AWS OpsWorks Stacks in your AWS account.
• An event log, which lists all events in your stack.
• Chef logs that detail what transpired for each lifecycle event on each instance, such as which recipes were run and which errors occurred.
Linux-based stacks can also include a Ganglia master layer, which you can use to collect and display detailed monitoring data for the instances in your stack.
CLI, SDK, and AWS CloudFormation Templates
CLI, SDK, and AWS CloudFormation Templates
In addition to the console, AWS OpsWorks Stacks also supports a command-line interface (CLI) and SDKs for multiple languages that can be used to perform any operation. Consider these features:
• The AWS OpsWorks Stacks CLI is part of the AWS CLI, and can be used to perform any operation from the command-line.
The AWS CLI supports multiple AWS services and can be installed on Windows, Linux, or OS X systems.
• AWS OpsWorks Stacks is included in AWS Tools for Windows PowerShell and can be used to perform any operation from a Windows PowerShell command line.
• The AWS OpsWorks Stacks SDK is included in the AWS SDKs, which can be used by applications implemented in: Java, JavaScript (browser-based and Node.js), .NET, PHP, Python (boto), or Ruby.
You can also use AWS CloudFormation templates to provision stacks. For some examples, see AWS OpsWorks Snippets.
Getting Started with AWS OpsWorks Stacks
AWS OpsWorks Stacks provides a rich set of customizable components that you can mix and match to create a stack that satisfies your specific purposes. The challenge for new users is understanding how to assemble these components into a working stack and manage it effectively. Here's how you can get started.
If you want to... Complete this walkthrough:
Create a sample stack as quick as possible Getting Started: Sample (p. 164) Experiment with a Linux-based stack Getting Started: Linux (p. 177) Experiment with a Windows-based stack Getting Started: Windows (p. 195) Learn how to create your own Chef cookbooks Getting Started: Cookbooks (p. 215)
If you have existing computing resources—Amazon EC2 instances or even on-premises instances that are running on your own hardware—you can incorporate them into a stack (p. 327), along with instances that you created with AWS OpsWorks Stacks. You can then use AWS OpsWorks Stacks to manage all related instance as a group, regardless of how they were created.
Region Support
You can access AWS OpsWorks Stacks globally; you can also create and manage instances globally. Users can configure AWS OpsWorks Stacks instances to be launched in any AWS region except AWS GovCloud (US-West) and the China (Beijing) Region. To work with AWS OpsWorks Stacks, instances must be able to connect to one of the following AWS OpsWorks Stacks instance service API endpoints.
Resources can be managed only in the region in which they are created. Resources that are created in one regional endpoint are not available, nor can they be cloned to, another regional endpoint. You can launch instances in any of the following regions.
• US East (Ohio) Region
Getting Started: Sample
• US East (N. Virginia) Region
• US West (Oregon) Region
• US West (N. California) Region
• Canada (Central) Region (API only, not available for stacks created in the AWS Management Console.)
• Asia Pacific (Mumbai) Region
• Asia Pacific (Singapore) Region
• Asia Pacific (Sydney) Region
• Asia Pacific (Tokyo) Region
• Asia Pacific (Seoul) Region
• Europe (Frankfurt) Region
• Europe (Ireland) Region
• Europe (London) Region
• Europe (Paris) Region
• South America (São Paulo) Region
Getting Started with a Sample Stack
This walkthrough shows how to use AWS OpsWorks Stacks to quickly create a sample Node.js application environment with just a few mouse clicks and without writing code. When you are done, you have an Amazon Elastic Compute Cloud (Amazon EC2) instance running Chef 12, a Node.js HTTP server, and a web app that you can use to interact with Twitter and leave comments on a web page.
Note
Because completing this walkthrough automatically creates an instance with a type of c3.large, you cannot use this walkthrough, or the Sample Stack creation tool in AWS OpsWorks Stacks, in the AWS Free Tier. Although using the Sample Stack creation tool in a VPC creates a t2.medium instance, VPCs are not currently available in the AWS Free Tier.
Step 1: Complete the Prerequisites
You must complete the following setup steps before you can start the walkthrough. These setup steps include signing up for an AWS account, creating an IAM user in your AWS account, and assigning the IAM user access permissions to AWS OpsWorks Stacks.
Topics
• Step 1.1: Sign up for an AWS Account (p. 164)
• Step 1.2: Create an IAM User in Your AWS Account (p. 165)
• Step 1.3: Assign Service Access Permissions to Your IAM User (p. 165)
Step 1.1: Sign up for an AWS Account
In this step, you will sign up for an AWS account. If you already have an AWS account that you want to use for this walkthrough, you can skip ahead to Step 1.2: Create an IAM User in Your AWS Account (p. 165). You cannot use an AWS Free Tier account for this walkthrough.
If you do not have an AWS account, complete the following steps to create one.
To sign up for an AWS account
1. Open https://portal.aws.amazon.com/billing/signup.
Getting Started: Sample
2. Follow the online instructions.
Part of the sign-up procedure involves receiving a phone call and entering a verification code on the phone keypad.
Step 1.2: Create an IAM User in Your AWS Account
Use your AWS account to create an AWS Identity and Access Management (IAM) user. You use an IAM user to access the AWS OpsWorks Stacks service. (We don't recommend that you use your AWS account to access AWS OpsWorks Stacks directly. Doing so is generally less secure and can make it more difficult for you to troubleshoot service access issues later.) If you already have an IAM user that you want to use for this walkthrough, you can skip ahead to Step 1.3: Assign Service Access Permissions to Your IAM User (p. 165).
To create an IAM user, see Creating IAM Users (AWS Management Console). For this walkthrough, the user name is OpsWorksDemoUser. However, you can use a different name.
Step 1.3: Assign Service Access Permissions to Your IAM User
Set up your IAM user to enable access to the AWS OpsWorks Stacks service (and related services that AWS OpsWorks Stacks relies on).
To assign service access permissions to your IAM user, see Attaching Managed Policies. Attach the AWSOpsWorks_FullAccess and AmazonS3FullAccess policies to the user you created in the previous step or to the existing IAM user that you want to use.
You have now completed all of the setup steps and can start this walkthrough (p. 165).
Step 2: Create a Stack
In this step, you use the AWS OpsWorks Stacks console to create a stack. A stack is a collection of instances (such as Amazon EC2 instances) and related AWS resources that have a common purpose and that you want to manage together. (For more information, see Stacks (p. 247).) There will be only one instance for this walkthrough.
Before you begin this step, complete the prerequisites (p. 164).
To create the stack
1. Using your IAM user, sign in to the AWS OpsWorks Stacks console at https://
console.aws.amazon.com/opsworks.
2. Do any of the following, if they apply:
• If the Welcome to AWS OpsWorks Stacks page is displayed, choose Add your first stack or Add your first AWS OpsWorks Stacks stack (both choices do the same thing). The Add stack page displays.
• If the OpsWorks Dashboard page is displayed, choose Add stack. The Add stack page displays.
3. With the Add stack page displayed, choose Sample stack, if it is not already chosen for you.
4. With Linux already chosen for Operating system type, choose Create stack:
Getting Started: Sample
5. AWS OpsWorks Stacks creates a stack named My Sample Stack (Linux). AWS OpsWorks Stacks also adds all of the necessary components to deploy the app to the stack:
• A layer, which is a blueprint for a set of instances. It specifies things like the instance's settings, resources, installed packages, and security groups. (For more information, see Layers (p. 268).) The layer is named Node.js App Server.
• An instance, which in this case is an Amazon Linux 2 EC2 instance. (For more information about instances, see Instances (p. 290).) The instance's hostname is nodejs-server1.
• An app, which is code to run on the instance. (For more information about apps, see Apps (p. 359).) The app is named Node.js Sample App.
6. After AWS OpsWorks Stacks creates the stack, choose Explore the sample stack to display the My Sample Stack (Linux) page (if you complete this walkthrough multiple times, My Sample Stack (Linux) may have a sequential number after it, such as 2 or 3):
Getting Started: Sample
In the next step (p. 167), you will start the instance and deploy the app to the instance.
Step 3: Start the Instance and Deploy the App
Now that you have an instance and an app, start the instance and deploy the app to the instance.
To start the instance and deploy the app 1. Do one of the following:
• In the service navigation pane, choose Instances:
Getting Started: Sample
• On the My Sample Stack (Linux) page, choose Instances:
2. On the Instances page, for Node.js App Server, for nodejs-server1, choose start:
Getting Started: Sample
3. Do not proceed until the online circle is bright green. (If you see a failure message, consult the Debugging and Troubleshooting Guide (p. 797).)
4. As the instance is setting up, AWS OpsWorks Stacks deploys the app to the instance.
5. Your results should resemble the following screenshot before you continue (if you receive a failure message, you may want to consult the Debugging and Troubleshooting Guide (p. 797).):
You now have an instance with an app that has been deployed to the instance.
In the next step (p. 169), you test the app on the instance.
Step 4: Test the Deployed App on the Instance
Test the results of the app deployment on the instance.
To test the deployment on the instance
1. With the Instances page displayed from the previous step, for Node.js App Server, for nodejs-server1, for Public IP, choose the IP address.
Getting Started: Sample
2. On the congratulatory web page, in the Leave a comment text box, type a comment, and then
2. On the congratulatory web page, in the Leave a comment text box, type a comment, and then