add mms prod quickstart front end; add kill-mp-web-installer

424D57 · 424D57 · commit 088082a2f662 · 2016-03-21T13:56:21.000-05:00
diff --git a/DeepSecurity/Common/helpers/kill-mp-web-installer b/DeepSecurity/Common/helpers/kill-mp-web-installer
@@ -0,0 +1,5 @@
+#!/bin/bash
+sed -i "s|/opt/trend/dsm_app/start.sh &||g" /etc/rc.local
+sed -i "s|/opt/trend/dsm_app/start.sh &||g" /etc/rc.d/rc.local
+for pid in $(ps -ef | grep "/opt/trend/dsm_app/start.sh" | awk '{print $2}'); do kill -9 $pid; done
+kill -9 $(sudo netstat -plnt | grep :8080 | grep python | grep -oP '(\d*)\/python' | grep -oP '(\d*)')
diff --git a/DeepSecurity/DeepSecurity.cfproj b/DeepSecurity/DeepSecurity.cfproj
@@ -54,6 +54,9 @@
     <Compile Include="Quickstart\TMQuickStartBYOL.template">
       <SubType>Code</SubType>
     </Compile>
+    <Compile Include="Quickstart\TMQuickStartMMS.template">
+      <SubType>Code</SubType>
+    </Compile>
     <Compile Include="Quickstart\TMQuickStartPocMMS.template">
       <SubType>Code</SubType>
     </Compile>
@@ -86,6 +89,9 @@
     <Content Include="Common\helpers\createCloudAccount">
       <SubType>Content</SubType>
     </Content>
+    <Content Include="Common\helpers\kill-mp-web-installer">
+      <SubType>Content</SubType>
+    </Content>
     <Content Include="Common\helpers\reactivate-manager">
       <SubType>Content</SubType>
     </Content>
diff --git a/DeepSecurity/Quickstart/TMQuickStartMMS.template b/DeepSecurity/Quickstart/TMQuickStartMMS.template
@@ -0,0 +1,253 @@
+{
+    "AWSTemplateFormatVersion" : "2010-09-09",
+    "Description"              : "v2 Quick Start that deploys Trend Micro Deep Security into an exisintg VPC with a Multi-AZ Oracle RDS instance  **WARNING** This template uses images from the AWS Marketplace and an active subscription is required - Please see the Quick Start documentation for more details. You will be billed for the AWS resources used if you create a stack from this template.",
+    "Metadata" : {
+		"AWS::CloudFormation::Interface" : {
+			"ParameterGroups" : [
+				{
+					"Label" : { "default" : "Deep Security Manager Configuration" },
+					"Parameters" : [ "DeepSecurityAdminName", "DeepSecurityAdminPass", "AWSKeyPairName", "ProtectedInstances" ]
+				},
+				{
+					"Label" : { "default" : "Network Configuration" },
+					"Parameters" : [ "AWSVPC", "DeepSecuritySubnet", "DatabaseSubnet1", "DatabaseSubnet2" ]
+				}
+
+			],
+			"ParameterLabels" : {
+				"AWSIKeyPairName" : { "default" : "EC2 Key Pair for SSH access" },
+				"AWSVPC" : { "default" : "VPC for Deep Security Components" },
+				"DeepSecuritySubnet" : { "default" : "Public Subnet for Deep Security Managers" },
+				"DeepSecurityAdminName" : { "default" : "Administrator username for Deep Security" },
+				"DeepSecurityAdminPass" : { "default" : "Administrator password for Deep Security" },
+				"DatabaseSubnet1" : { "default" : "Primary private subnet for RDS" },
+				"DatabaseSubnet2" : { "default" : "Secondary private subnet for RDS" },
+				"ProtectedInstances" : { "default" : "Number of instances you expect to protect with Deep Security Agents" }
+			}
+		}
+	},
+	"Parameters"               : {
+        "AWSKeyPairName" : {
+            "Description" : "Select an existing key pair to use for connecting to your Deep Security Manager Instance.",
+            "Type"        : "AWS::EC2::KeyPair::KeyName",
+            "MinLength"   : "1",
+            "MaxLength"   : "255",
+            "AllowedPattern" : "[-_a-zA-Z0-9]*",
+            "ConstraintDescription" : "Select an existing EC2 Key Pair."
+        },
+        "AWSVPC"         : {
+            "Description" : "Select an existing VPC to deploy Deep Security Manager.",
+            "Type"        : "AWS::EC2::VPC::Id",
+            "MinLength"   : "1",
+            "MaxLength"   : "255",
+            "AllowedPattern" : "[-_a-zA-Z0-9]*"
+        },
+		"DatabaseSubnet1"           : {
+            "Description" : "Select a private subnet for the RDS database.  Must be a private subnet contained the in VPC chosen above.",
+            "Type"        : "AWS::EC2::Subnet::Id",
+            "ConstraintDescription" : "RDS Subnet Groups must be comprised of 2 subnets in seperate availability zones within the specified VPC for deploying this template"
+        },
+        "DatabaseSubnet2"           : {
+            "Description" : "Select a second private subnet for the RDS database.  Must be a private subnet contained the in VPC chosen above.",
+            "Type"        : "AWS::EC2::Subnet::Id",
+            "ConstraintDescription" : "RDS Subnet Groups must be comprised of 2 subnets in seperate availability zones within the specified VPC for deploying this template"
+        },
+		"DeepSecuritySubnet"   : {
+            "Description" : "Select an existing Subnet for Deep Seucurity Manager. Must be a public subnet contained the in VPC chosen above.",
+            "Type"        : "AWS::EC2::Subnet::Id",
+            "MinLength"   : "1",
+            "MaxLength"   : "255",
+            "AllowedPattern" : "[-_a-zA-Z0-9]*",
+            "ConstraintDescription" : "Subnet ID must exist in the chosen VPC"
+        },
+        "DeepSecurityAdminName"         : {
+            "Default" : "MasterAdmin",
+            "NoEcho"  : false,
+            "Description" : "The Deep Security Manager administrator username for Web Console Access.",
+            "Type"        : "String",
+            "MinLength"   : 1,
+            "MaxLength"   : 16,
+            "AllowedPattern" : "[a-zA-Z][a-zA-Z0-9]*",
+            "ConstraintDescription" : "Must begin with a letter and contain only alphanumeric characters. Min length 1, max length 16"
+        },
+        "DeepSecurityAdminPass"     : {
+            "NoEcho" : true,
+            "Description" : "The Deep Security Manager administrator password. Must be 8-41 characters long and can only contain alphanumeric characters or the following special characters !^*-_+",
+            "Type"        : "String",
+            "MinLength"   : 8,
+            "MaxLength"   : 41,
+            "AllowedPattern" : "[a-zA-Z0-9!^*\\-_+]*",
+            "ConstraintDescription" : "Can only contain alphanumeric characters or the following special characters !^*-_+ Min length 8, max length 41"
+        },
+		"ProtectedInstances"           : {
+            "Description" : "Select how many instances would you like to protect.",
+            "Type"        : "String",
+            "AllowedValues" : [
+                "1-100",
+                "101-500",
+				"501-1000"
+            ]
+        }
+    },
+    "Mappings"                 : {
+		"DSMSIZE" : {
+	        "us-east-1"      : {
+                "MMS" : "c3.xlarge"
+            },
+			"us-west-1"      : {
+				"MMS" : "c3.xlarge"
+            },
+            "us-west-2"      : {
+				"MMS" : "c3.xlarge"
+            },
+			"eu-west-1"      : {
+				"MMS" : "c3.xlarge"
+            },
+			"eu-central-1" : {
+				"MMS" : "c3.xlarge"
+            },
+            "sa-east-1"    : {
+				"MMS" : "c3.xlarge"
+            },
+            "ap-northeast-1" : {
+				"MMS" : "c3.xlarge"
+            },
+            "ap-southeast-1" : {
+				"MMS" : "c3.xlarge"
+            },
+            "ap-southeast-2" : {
+				"MMS" : "c3.xlarge"
+            },
+			"ap-northeast-2" : {
+				"MMS" : "m4.xlarge"
+            }
+        },
+		"RDSStorageSize" : {
+            "1-100"   : {
+                "Size" : "75"
+            },
+            "101-500"   : {
+                "Size" : "200"
+            },
+            "501-1000"  : {
+                "Size" : "300"
+            }
+        },
+        "RDSInstanceSize" : {
+            "us-east-1"      : {
+                "Oracle" : "db.m4.large"
+            },
+			"us-west-1"      : {
+                "Oracle" : "db.m4.large"
+            },
+            "us-west-2"      : {
+                "Oracle" : "db.m4.large"
+            },
+			"eu-west-1"      : {
+                "Oracle" : "db.m4.large"
+            },
+			"eu-central-1" : {
+                "Oracle" : "db.m4.large"
+            },
+            "sa-east-1"    : {
+                "Oracle" : "db.m3.large"
+            },
+            "ap-northeast-1" : {
+                "Oracle" : "db.m4.large"
+            },
+            "ap-southeast-1" : {
+                "Oracle" : "db.m4.large"
+            },
+            "ap-southeast-2" : {
+                "Oracle" : "db.m3.large"
+            },
+			"ap-northeast-2" : {
+                "Oracle" : "db.m4.large"
+            }
+        }
+    },
+    "Resources"                : {
+        "MasterMP96" : {
+            "Type" : "AWS::CloudFormation::Stack",
+            "Properties" : {
+                "TemplateURL" : "https://s3.amazonaws.com/cf-deepsecurity/96/v0.6/MP/MasterMP96.template",
+                "Parameters"  : {
+                    "AWSIKeyPairName" : {
+                        "Ref" : "AWSKeyPairName"
+                    },
+                    "AWSIVPC"         : {
+                        "Ref" : "AWSVPC"
+                    },
+					"DSISubnetID"         : {
+                        "Ref" : "DeepSecuritySubnet"
+                    },
+					"DBIRDSInstanceSize"         : {
+						"Fn::FindInMap" : [
+							"RDSInstanceSize",
+							{
+								"Ref" : "AWS::Region"
+							},
+								"Oracle"
+						]				
+					},
+					"DBIStorageAllocation"         : {
+						"Fn::FindInMap" : [
+							"RDSStorageSize",
+							{
+								"Ref" : "ProtectedInstances"
+							},
+								"Size"
+						]					
+					},
+					"DBPBackupDays"         : "5",
+					"DBPCreateDbInstance"         : "Yes" ,
+					"DBICAdminName"         : "dsmadmin",
+					"DBICAdminPassword"         : {
+                        "Ref" : "DeepSecurityAdminPass"
+                    },
+					"DBPEngine"         : "Oracle",
+					"DBPEndpoint" : "" ,
+					"DBPName"         :"dsm",
+					"DSCAdminName"         : {
+                        "Ref" : "DeepSecurityAdminName"
+                    },
+					"DSCAdminPassword"         : {
+                        "Ref" : "DeepSecurityAdminPass"
+                    },
+					"DSIMultiNode"         : "2" ,
+					"DSIPLicenseKey" : "XX-XXXX-XXXXX-XXXXX-XXXXX-XXXXX-XXXXX",
+					"DSIPHeartbeatPort" : "4120",
+					"DSIPGUIPort"       : "443",
+					"DSIPInstanceType"         : {
+						"Fn::FindInMap" : [
+							"DSMSIZE",
+							{
+								"Ref" : "AWS::Region"
+							},
+							"MMS"
+						]				
+					},
+					"DBISubnet1"         : {
+                        "Ref" : "DatabaseSubnet1"
+                    },
+					"DBISubnet2"         : {
+                        "Ref" : "DatabaseSubnet2"
+                    },
+					"DBIInstanceIdentifier" : "deep-security",
+					"DSIPLicense"         : "MMS",
+					"DBPMultiAZ": "true"
+                }
+            }
+        }
+    },
+	"Outputs"                  : {
+        "DeepSecurityConsole" : {
+            "Value" : {
+	            "Fn::GetAtt" : [
+					"MasterMP96",
+                    "Outputs.DeepSecurityConsole"
+				]
+            }
+        }
+    }
+}
