Skip to main content

AWS Cloud Formation deployment CLI

Project description

Build Status Code Coverage PyPI Downloads Latest PyPI version License

THIS PROJECT IS NOT ACTIVELY MAINTAINED ANYMORE!

Senza is a command line tool that enables you to generate and execute AWS CloudFormation templates in a sane, simple way. With Senza, you can write YAML documents and reuse common application stack solutions such as load balancing, auto-scaling, IAM role management, and other configurations. Senza also provides base CloudFormation templates for web applications, background applications, PostgreSQL, Redis clusters, and Amazon ElastiCache stack types.

What Senza Solves

AWS CloudFormation is great for managing immutable stacks on AWS. However, writing CloudFormation templates in JSON format is not human-friendly, which hinders developer productivity. Also, many parts of a CloudFormation template are reusable among applications of the same kind and CloudFormation does not provide a way to reuse templates.

Senza addresses these problems by supporting CloudFormation templates as YAML input and adding its own ‘components’ on top. Components are predefined, easily configurable CloudFormation snippets that generate all the boilerplate JSON that CloudFormation requires.

Installation

$ sudo pip3 install --upgrade stups-senza

Command Line Usage

You can easily bootstrap Senza definitions to get started quickly:

$ senza init my-definition.yaml # bootstrap a new app
$ senza create ./my-definition.yaml 1 1.0

Create CloudFormation stacks from Senza definitions with the create command:

$ senza create myapp.yaml 1 0.1-SNAPSHOT

How to disable the automatic CloudFormation rollback-on-failure to do ‘post-mortem’ debugging (e.g. on an EC2 instance):

$ senza create --disable-rollback myerroneous-stack.yaml 1 0.1-SNAPSHOT

To pass parameters from a .yaml file:

$ senza create --parameter-file parameters.yaml myapp.yaml 1 0.1-SNAPSHOT

To list stacks, use the list command:

$ senza list myapp.yaml         # list only active stacks for myapp
$ senza list myapp.yaml --all   # list stacks for myapp (also deleted ones)
$ senza list                    # list all active stacks
$ senza list --all              # list all stacks (including deleted ones)
$ senza list "suite-.*" 1       # list stacks starting with "suite" and with version "1"
$ senza list ".*" 42            # list all stacks  with version "42"
$ senza list mystack ".*test"  # list all stacks for "mystack" with version ending in "test"

If you want more detailed information about your stacks, Senza provides additional commands:

$ senza resources myapp.yaml 1 # list all CF resources
$ senza events myapp.yaml 1    # list all CF events
$ senza instances myapp.yaml 1 # list EC2 instances and IPs
$ senza console myapp.yaml 1   # get EC2 console output for all stack instances
$ senza console 172.31.1.2     # get EC2 console output for single instance

Most commands take so-called STACK_REF arguments. You can either use an existing Senza definition YAML file (as shown above) or use the stack’s name and version. You can also use regular expressions to match multiple applications and versions:

$ senza inst                    # all instances, no STACK_REF argument given
$ senza inst mystack            # list instances for all versions of "mystack"
$ senza inst mystack 1          # only list instances for "mystack" version "1"
$ senza inst "suite-.*" 1       # list instances starting with "suite" and with version "1"
$ senza inst ".*" 42            # list all instances  with version "42"
$ senza inst mystack ".*test"  # list all instances for "mystack" with version ending in "test"

Routing Traffic

Traffic can be routed via Route53 DNS to your new stack:

$ senza traffic myapp.yaml      # show traffic distribution
$ senza traffic myapp.yaml 2 50 # give version 2 50% of traffic

Deleting Old Stacks

To delete stacks that you’re no longer using:

$ senza delete myapp.yaml 1
$ senza del mystack          # shortcut: delete the only version of "mystack"

Bash Completion

Bash’s programmable completion feature permits typing a partial command, then pressing the [Tab] key to autocomplete the command sequence. If multiple completions are possible, then [Tab] lists them all.

To activate bash completion for the Senza CLI, just run:

$ eval "$(_SENZA_COMPLETE=source senza)"

Put the eval line into your .bashrc:

$ echo 'eval "$(_SENZA_COMPLETE=source senza)"' >> ~/.bashrc

Controlling Command Output

The Senza CLI supports three different output formats:

text

Default ANSI-colored output for human users.

json

JSON output of tables for scripting.

tsv

Print tables as tab-separated values (TSV).

JSON is best for handling the output programmatically via various languages or with jq (a command-line JSON processor). The text format is easy for humans to read, and “tsv” format works well with traditional Unix text processing tools like sed, grep, and awk:

$ senza list --output json | jq .
$ senza instances my-stack --output tsv | awk -F\\t '{ print $6 }'

Senza Definition

A minimal Senza definition without any Senza components would look like:

Description: "A minimal Cloud Formation stack creating a SQS queue"
SenzaInfo:
  StackName: example
Resources:
  MyQueue:
    Type: AWS::SQS::Queue

Tip: Use senza init to quickly bootstrap a new Senza definition YAML for most common use cases (e.g. a web application).

The SenzaInfo Key

The SenzaInfo key configures global Senza behavior and must always be present in the definition YAML. Available properties for the SenzaInfo section:

StackName

The stack name (required).

OperatorTopicId

Optional SNS topic name or ARN for CloudFormation notifications. As an example: You can use this to send notifications about deployments to a mailing list.

Parameters

Custom Senza definition parameters. Use to dynamically substitute variables in the CloudFormation template.

# basic information for generating and executing this definition
SenzaInfo:
  StackName: kio
  OperatorTopicId: kio-operators
  Parameters:
      - ImageVersion:
          Description: "Docker image version of Kio."

# a list of Senza components to apply to the definition
SenzaComponents:
  - Configuration:
      Type: Senza::StupsAutoConfiguration # auto-detect network setup
  # will create a launch configuration and auto scaling group with min/max=1
  - AppServer:
      Type: Senza::TaupageAutoScalingGroup
      InstanceType: t2.micro
      SecurityGroups: [app-kio] # can be either name or id ("sg-..")
      ElasticLoadBalancer: AppLoadBalancer
      TaupageConfig:
        runtime: Docker
        source: stups/kio:{{Arguments.ImageVersion}}
        ports:
          8080: 8080
        environment:
          PGSSLMODE: verify-full
          DB_SUBNAME: "//kio.example.eu-west-1.rds.amazonaws.com:5432/kio?ssl=true"
          DB_USER: kio
          DB_PASSWORD: aws:kms:abcdef1234567890abcdef=
  # creates an ELB entry and Route53 domains to this ELB
  - AppLoadBalancer:
      Type: Senza::WeightedDnsElasticLoadBalancer
      HTTPPort: 8080
      HealthCheckPath: /ui/
      SecurityGroups: [app-kio-lb]
      Scheme: internet-facing

# Plain CloudFormation definitions are fully supported:
Outputs:
  URL:
    Description: "The ELB URL of the new Kio deployment."
    Value:
      "Fn::Join":
        - ""
        -
          - "http://"
          - "Fn::GetAtt":
              - AppLoadBalancer
              - DNSName

During evaluation, you can do mustache templating with access to the rendered definition, including the SenzaInfo, SenzaComponents and Arguments keys (containing all given arguments).

You can also specify the parameters by name, which makes the Senza CLI more readable. This might come handy in complex scenarios with sizeable number of parameters:

$ senza create example.yaml 3 example MintBucket=<mint-bucket> ImageVersion=latest

Here, the ApplicationId is given as a positional parameter. The two other parameters follow, specified by their names. The named parameters on the command line can be given in any order, but no positional parameter is allowed to follow the named ones.

You can pass any of the supported CloudFormation Properties such as AllowedPattern, AllowedValues, MinLength, MaxLength, etc. Senza itself will not enforce these, but CloudFormation will evaluate the generated template and raise an exception if any of the properties are not met. For example:

$ senza create example.yaml 3 example latest mint-bucket "Way too long greeting"
Generating Cloud Formation template.. OK
Creating Cloud Formation stack hello-world-3.. EXCEPTION OCCURRED: An error occurred (ValidationError) when calling the CreateStack operation: Parameter 'GreetingText' must contain at most 15 characters
Traceback (most recent call last):
[...]

Using the Default attribute, you can give any parameter a default value. If a parameter was not specified on the command line (either as positional or named), the default value is used. We suggest putting all default-value parameters at the bottom of your parameter definition list. Otherwise, there will be no way to map them to proper positions, and you’ll have to specify all the following parameters using a name=value.

There is an option to pass parameters from a file (the file needs to be formatted in .yaml):

$ senza create --parameter-file parameters.yaml example.yaml 3 1.0-SNAPSHOT

An example of a parameter file:

ApplicationId: example-app-id
MintBucket: your-mint-bucket

You can also combine parameter files and parameters from the command line, but you can’t name the same parameter twice. Also, the parameter can’t exist both in a file and on the command line:

$ senza create --parameter-file parameters.yaml example.yaml 3 1.0-SNAPSHOT Param=Example1

AccountInfo

Senza templates offer the following properties:

{{AccountInfo.Region}}: the AWS region where the stack is created. Ex: ‘eu-central-1’. In many parts of a template, you can also use {“Ref” : “AWS::Region”}.

{{AccountInfo.AccountAlias}}: the alias name of the AWS account. Ex: ‘super-team1-account’.

{{AccountInfo.AccountID}}: the AWS account id. Ex: ‘353272323354’.

{{AccountInfo.TeamID}}: the team ID. Ex: ‘super-team1’.

{{AccountInfo.Domain}}: the AWS account domain. Ex: ‘super-team1.net’.

Mappings

Senza mappings are essentially key-value pairs, and behave just like CloudFormation mappings. Use mappings for Images, ServerSubnets or LoadBalancerSubnets.

An example:

Mappings:
   Images:
      eu-west-1:
         MyImage: "ami-123123"
# (..)
Image: MyImage

Senza Components

Configure all your Senza components in a list below the top-level SenzaComponents key. The structure is as follows:

SenzaComponents:
  - ComponentName1:
      Type: ComponentType1
      SomeComponentProperty: "some value"
  - ComponentName2:
      Type: ComponentType2

AutoScaling

AutoScaling properties include:

Minimum

Minimum number of instances to spawn.

Maximum

Maximum number of instances to spawn.

SuccessRequires:

During startup of the stack, it defines when CloudFormation considers your ASG healthy. Defaults to one healthy instance/15 minutes. You can change settings — for example, “four healthy instances/1:20:30” would look like “4 within 1h20m30s”. You can omit hours/minutes/seconds as you please. Values that look like integers will be counted as healthy instances: for example, “2” is interpreted as two healthy instances within the default timeout of 15 minutes.

MetricType

Metric for doing auto-scaling that creates automatic alarms in CloudWatch for you. Must be either CPU, NetworkIn or NetworkOut. If you don’t supply any info, your auto-scaling group will not dynamically scale and you’ll have to define your own alerts.

ScaleUpThreshold

The upper scaling threshold of the metric value. For the “CPU” metric: a value of 70 means 70% CPU usage. For network metrics, a value of 100 means 100 bytes. You can pass the unit (KB/GB/TB), e.g. “100 GB”.

ScaleDownThreshold

The lower scaling threshold of the metric value. For the “CPU” metric: a value of 40 means 40% CPU usage. For network metrics, a value of 2 means 2 bytes. You can pass the unit (KB/GB/TB), e.g. “2 GB”.

ScalingAdjustment

Number of instances added/removed per scaling action. Defaults to 1.

Cooldown:

After a scaling action occurs, do not scale again for this amount of time (in seconds). Defaults to 60 (one minute).

Statistic

Which statistic to track when deciding your scaling thresholds are met. Defaults to “Average”, but can also be “SampleCount”, “Sum”, “Minimum”, “Maximum”.

Period

Period (in seconds) over which statistic is calculated. Defaults to 300 (five minutes).

EvaluationPeriods

The number of periods over which data is compared to the specified threshold. Defaults to 2.

BlockDeviceMappings & Ebs Properties

BlockDeviceMappings properties are DeviceName (for example, /dev/xvdk) and Ebs (map of EBS options). VolumeSize, an Ebs property, is for determining how much GB an EBS should have.

WeightedDnsElasticLoadBalancer

Senza’s WeightedDnsElasticLoadBalancer component type creates one HTTPs ELB resource with Route 53 weighted domains. You can either auto-detect the SSL certificate name used by the ELB, or name it SSLCertificateId. Specify the main domain (MainDomain) or the default Route53 hosted zone will apply.

An internal load balancer is created by default, which differs from AWS’s default behavior. To create an Internet-facing ELB, explicitly set the Scheme to internet-facing.

SenzaComponents:
  - AppLoadBalancer:
      Type: Senza::WeightedDnsElasticLoadBalancer
      HTTPPort: 8080
      SecurityGroups:
        - app-myapp-lb

The WeightedDnsElasticLoadBalancer component supports the following configuration properties:

HTTPPort

The HTTP port used by the EC2 instances.

HealthCheckPath

The HTTP path to use for health checks, e.g. “/health”. Must return 200.

HealthCheckPort

Optional. Port used for the health check. Defaults to HTTPPort.

SecurityGroups

List of security groups to use for the ELB. The security groups must allow SSL traffic.

MainDomain

Main domain to use, e.g. “myapp.example.org”.

VersionDomain

Version domain to use, e.g. “myapp-1.example.org”. You can use the usual templating feature to integrate the stack version, e.g. myapp-{{SenzaInfo.StackVersion}}.example.org.

Scheme

The load balancer scheme. Either internal or internet-facing. Defaults to internal.

SSLCertificateId

Name or ARN ID of the uploaded SSL/TLS server certificate to use, e.g. myapp-example-org-letsencrypt or arn:aws:acm:eu-central-1:123123123:certificate/abcdefgh-ijkl-mnop-qrst-uvwxyz012345. You can check available IAM server certificates with aws iam list-server-certificates. For ACM certificates, use aws acm list-certificates.

Additionally, you can specify any of the valid AWS CloudFormation ELB properties (e.g. to overwrite Listeners).

WeightedDnsElasticLoadBalancerV2

Similar to the WeightedDnsElasticLoadBalancer component WeightedDnsElasticLoadBalancerV2 creates one HTTPs ELBv2 resource with Route 53 weighted domains. ELBv2 listeners support SNI, hence you can specify multiple SSL certificates.

SenzaComponents:
  - AppLoadBalancer:
      Type: Senza::WeightedDnsElasticLoadBalancerV2
      HTTPPort: 8080
      SecurityGroups:
        - app-myapp-lb

The WeightedDnsElasticLoadBalancerV2 component supports the following configuration properties:

HTTPPort

The HTTP port used by the EC2 instances.

HealthCheckPath

The HTTP path to use for health checks, e.g. “/health”. Must return 200.

HealthCheckPort

Optional. Port used for the health check. Defaults to HTTPPort.

SecurityGroups

List of security groups to use for the ELBv2. The security groups must allow SSL traffic.

MainDomain

Main domain to use, e.g. “myapp.example.org”.

VersionDomain

Version domain to use, e.g. “myapp-1.example.org”. You can use the usual templating feature to integrate the stack version, e.g. myapp-{{SenzaInfo.StackVersion}}.example.org.

Scheme

The load balancer scheme. Either internal or internet-facing. Defaults to internal.

SSLCertificateId

A comma-separated list of names or ARN ID of the uploaded SSL/TLS server certificates to use, e.g. myapp-example-org-letsencrypt or arn:aws:acm:eu-central-1:123123123:certificate/abcdefgh-ijkl-mnop-qrst-uvwxyz012345. You can check available IAM server certificates with aws iam list-server-certificates. For ACM certificates, use aws acm list-certificates.

Cross-Stack References

Traditional CloudFormation templates only allow you to reference resources located in the same template. This can be quite limiting. To compensate, Senza selectively supports special cross-stack references in some parts of your template — for instance, in SecurityGroups and IamRoles:

AppServer:
   Type: Senza::TaupageAutoScalingGroup
   InstanceType: c4.xlarge
   SecurityGroups:
     - Stack: base-1
       LogicalId: ApplicationSecurityGroup
   IamRoles:
     - Stack: base-1
       LogicalId: ApplicationRole

With these references, you can have an additional special stack per application that defines common security groups and IAM roles shared across different versions. Note that this in contrast to using senza init.

Unit Tests

$ python3 setup.py test --cov-html=true

Releasing

$ ./release.sh <NEW-VERSION>

Project details


Release history Release notifications | RSS feed

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

stups-senza-2.1.143.tar.gz (123.3 kB view details)

Uploaded Source

Built Distribution

stups_senza-2.1.143-py3-none-any.whl (120.2 kB view details)

Uploaded Python 3

File details

Details for the file stups-senza-2.1.143.tar.gz.

File metadata

  • Download URL: stups-senza-2.1.143.tar.gz
  • Upload date:
  • Size: 123.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.2 CPython/3.8.16

File hashes

Hashes for stups-senza-2.1.143.tar.gz
Algorithm Hash digest
SHA256 ff072e3c8365d423f9c05dd49f388f0bdc8660fa26fdddeda56333ab36c4b7e3
MD5 845916b3e38bf05c94af0bfa2f0716c7
BLAKE2b-256 6aea01e4b20293b6bca24020b1cb8e67104bda61c0636d5e3cc0a37d3a5f389c

See more details on using hashes here.

File details

Details for the file stups_senza-2.1.143-py3-none-any.whl.

File metadata

File hashes

Hashes for stups_senza-2.1.143-py3-none-any.whl
Algorithm Hash digest
SHA256 a0da3b277e9817fdf66d2ef883b3491d8bfd67d078a0d6caa224ebc71baee2eb
MD5 8b1e065115a517d99774e4e33fd12c06
BLAKE2b-256 ea79ee2978e232ad99dff0c03d3be722a2e61a439fd64e13dd4a7c052e519307

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page