chef_ec2_node_rm

If you're managing EC2 instances with a Chef server, this gem can help prevent your server from becoming polluted with stale node/client data by automatically deleting it whenever instances are destroyed.

This gem relies on aws-sdk, so AWS credentials will automatically be read from the usual places (credential files under ~/.aws, environment variables, IAM roles, etc.).

Note that this gem requires the following permissions on the SQS queue:

• sqs:GetQueueAttributes
• sqs:ReceiveMessage
• sqs:DeleteMessage

1. Create an SQS queue for your EC2 termination events.

2. Create a CloudWatch event rule to send termination events to the SQS queue:

   {
     "source": [
       "aws.ec2"
     ],
     "detail-type": [
       "EC2 Instance State-change Notification"
     ],
     "detail": {
       "state": [
         "terminated"
       ]
     }
   }
   

3. Configure knife on your Chef server.

4. Install chef_ec2_node_rm on your Chef server:

   gem install chef_ec2_node_rm
   

5. Run the application in the foreground to make sure everything is working (run it with --help to see a list of available options):

   chef_ec2_node_rm <options>
   

6. Using the command above, create an Upstart job on your Chef server (e.g. /etc/systemd/system/chef_ec2_node_rm.service) to keep the application running in the background:

   [Unit]
   Description=chef_ec2_node_rm
   
   [Service]
   Type=simple
   Environment=HOME=/root
   ExecStart=/path/to/chef_ec2_node_rm <options>
   Restart=always
   
   [Install]
   WantedBy=multi-user.target
   

7. Start the service:

   systemctl daemon-reload
   systemctl restart chef_ec2_node_rm
   

./bin/setup

rake test
rake rubocop

{
  "detail": {
    "instance-id": "foo",
    "state": "bar"
  }
}

gem build chef_ec2_node_rm.gemspec
gem install chef_ec2_node_rm-*.gem
gem push chef_ec2_node_rm-*.gem

• Inspired by Matt Revell's script