Georgetown scenario

scenarios/georgetown/ansible/playbook-debian.yml

@@ -0,0 +1,73 @@
+---
+# ansible-playbook playbook-debian.yml -u admin --private-key=/path/to/private/key -i "$ip,"
+- name: copy files to remote server
+  hosts: all
+  tasks:
+  # OS
+  - name: update packages and install lsof
+    become: true
+    package:
+      # This is weird in that it does not exist in the offical docs 
+      # but this module just passes params down to the underlying 
+      # package manager module where `update_cache` is normally a thing so
+      # it ends up working....
+      update_cache: yes
+      state: latest
+      name:
+        - lsof
+        - util-linux # Ensure that fallocate is installed
+
+  - name: create log file
+    become: true
+    file:
+      path: /var/log/fallocate.log
+      state: touch
+      owner: admin
+      group: admin
+
+  - name: cronjob
+    cron:
+      name: "reboot"
+      special_time: reboot
+      job: "/home/admin/badlog.py &"
+
+  # check.sh
+  - name: Create /home/admin/agent directory
+    ansible.builtin.file:
+      path: /home/admin/agent
+      owner: admin
+      group: admin
+      mode: a+wx
+      state: directory
+
+  - name: Copy georgetown systemd files
+    become: true
+    copy:
+      src: {{ item.src }}
+      dest: {{ item.dest }}
+    with_items:
+      - { src: ../files/mock-build.service, dest: /etc/systemd/system/mock-build.service }
+      - { src: ../files/secondary-service.service, dest: /etc/systemd/system/secondary-service.service }
+
+  - name: Start mock build application
+    become: true
+    systemd:
+      name: mock-build
+      state: started
+
+  - name: Start secondary service
+    become: true
+    systemd:
+      name: secondary-service
+      state: started
+      enabled: yes
+
+  - name: copy check.sh
+    copy:
+      src: ../files/check.sh
+      dest: /home/admin/agent/check.sh
+
+  - name: set check.sh
+    file:
+      path: /home/admin/agent/check.sh
+      mode: "+x"

scenarios/georgetown/files/check.sh

@@ -0,0 +1,34 @@
+#!/usr/bin/bash
+
+BUILD_MOUNT_POINT="/tmp/ephemeral-build"
+
+# Check if the build mount point exists
+function check_build_mount_point {
+  if [ ! -d $BUILD_MOUNT_POINT ]; then
+    echo -b "NO"
+    exit 1
+  fi
+}
+
+# Function to check if both example-build-artifact.txt and
+# secondary-artifact.txt exist in the build mount point
+# BOTH files need to exist concurrently
+function check_build_artifacts {
+  BUILD_FILES=(
+    "example-build-artifact.txt"
+    "secondary-artifact.txt"
+  )
+  for file in "${BUILD_FILES[@]}"; do
+    if [ ! -f "$BUILD_MOUNT_POINT/$file" ]; then
+      echo -b "NO"
+      exit 1
+    else
+      echo -b "OK"
+      exit 0
+    fi
+  done
+}
+
+# Check if one or both functions executed successfull
+check_build_mount_point
+check_build_artifacts

scenarios/georgetown/files/mock-build-run.sh

@@ -0,0 +1,13 @@
+#!/usr/env/bin bash
+
+MOUNT_POINT="/tmp/ephemeral-build"
+EXAMPLE_BUILD_ARTIFACT="example-build-artifact.txt"
+MAX_BUILD_ARTIFACT_SIZE=10M
+
+# Create the example build file
+touch $MOUNT_POINT/$EXAMPLE_BUILD_ARTIFACT
+
+# Use fallocate to allocate the maximum size of the file
+fallocate -l "$MAX_SIZE" "$MOUNT_POINT/$EXAMPLE_BUILD_ARTIFACT"
+
+trap

scenarios/georgetown/files/mock-build.service

@@ -0,0 +1,9 @@
+[Unit]
+Description=Mock Build Application
+After=network.target
+
+[Service]
+ExecStart=/home/admin/mock_build.sh
+
+[Install]
+WantedBy=multi-user.target

scenarios/georgetown/files/secondary-service.service

@@ -0,0 +1,9 @@
+[Unit]
+Description=Secondary service Application
+After=network.target
+
+[Service]
+ExecStart=/home/admin/secondary-service.sh
+
+[Install]
+WantedBy=multi-user.target

scenarios/georgetown/files/secondary-service.sh

@@ -0,0 +1,2 @@
+# Secondary service that will continually run in the background
+# and try to place a file on tmp artifact directory that is too big to fit on disk

scenarios/georgetown/packer/aws-debian11.pkr.hcl

@@ -0,0 +1,67 @@
+# Debian
+
+packer {
+  required_plugins {
+    amazon = {
+      version = "= 1.2.1"
+      source  = "github.com/hashicorp/amazon"
+    }
+  }
+}
+
+source "amazon-ebs" "debian" {
+  ami_name                    = "scenario-1-saintjohn"
+  instance_type               = "t3a.nano"
+  region                      = "${var.region}"
+  vpc_id                      = "${var.vpc_id}"
+  subnet_id                   = "${var.subnet_id}"
+  associate_public_ip_address = true
+  source_ami                  = "${var.source_ami}"
+  ssh_username                = "admin"
+}
+
+build {
+  name = "debian-build"
+  sources = [
+    "source.amazon-ebs.debian"
+  ]
+
+  # OS & scenario packages
+  provisioner "shell" {
+    inline = [
+      "echo Update packages...",
+      "sudo apt-get update",
+      "sudo apt-get install -y lsof",
+    ]
+  }
+
+  # badlog.py
+  provisioner "file" {
+    source      = "../files/badlog.py"
+    destination = "/tmp/badlog.py"
+  }
+
+  provisioner "shell" {
+    inline = [
+      "mv /tmp/badlog.py /home/admin/badlog.py",
+      "chmod +x /home/admin/badlog.py",
+      "sudo touch /var/log/bad.log",
+      "sudo chown admin: /var/log/bad.log",
+      "echo '@reboot /home/admin/badlog.py &' | crontab -",
+    ]
+  }
+
+  # check.sh
+  provisioner "file" {
+    source      = "../files/check.sh"
+    destination = "/tmp/check.sh"
+  }
+
+  provisioner "shell" {
+    inline = [
+      "sudo mv /tmp/check.sh /home/admin/agent/check.sh",
+      "sudo chmod +x /home/admin/agent/check.sh",
+    ]
+  }
+
+}

scenarios/georgetown/packer/variables.pkr.hcl

@@ -0,0 +1,25 @@
+# variables for Packer file, adapt to your AWS region, base image, vpc, subnet
+
+variable "region" {
+  type    = string
+  default = "us-east-1"
+}
+
+# tested with source Debian 11 image HVM 64-bit (x86)
+# change to one in your region
+variable "source_ami" {
+  type    = string
+  default = "ami-"
+}
+
+# change to your vpc
+variable "vpc_id" {
+  type    = string
+  default = "vpc-"
+}
+
+# change to your subnet
+variable "subnet_id" {
+  type    = string
+  default = "subnet-"
+}