forked from FujitsuLaboratories/cattaz
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathaws-ecs.yaml
267 lines (267 loc) · 7.09 KB
/
aws-ecs.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
---
# 1. Create an ECS cluster via AWS console, to create IAM profiles, and delete the cluster
# 1. Create an ECR
# 1. Convert this yaml to json. You can use https://www.json2yaml.com/
# 1. Create a new stack in CloudFormation at ap-northeast-1 region
# 1. Launch AWS CloudFormation Designer and paste json to it
AWSTemplateFormatVersion: '2010-09-09'
Description: AWS CloudFormation template to create an ECS cluster with a new VPC
Mappings:
VpcCidrs:
ap-northeast-1:
vpc: 10.123.0.0/16
pubsubnet1: 10.123.0.0/24
pubsubnet2: 10.123.1.0/24
Parameters:
EcsRepository:
Type: String
Description: Image to use for containers. repository-url/image:tag.
EcsAmiId:
Type: String
Description: ECS AMI Id. Find AMIs whose name contains 'ecs-optimized'.
EcsInstanceType:
Type: String
Description: ECS EC2 instance type
Default: t2.micro
ConstraintDescription: must be a valid EC2 instance type.
AsgMaxSize:
Type: Number
Description: Maximum size and initial Desired Capacity of ECS Auto Scaling Group
Default: '2'
IamRoleInstanceProfile:
Type: String
Description: Name or the Amazon Resource Name (ARN) of the instance profile associated with the IAM role for the instance. The profile can be automatically created if you create an ECS cluster via AWS console.
Default: ecsInstanceRole
IamRoleServiceProfile:
Type: String
Description: Name or the Amazon Resource Name (ARN) of the service profile associated with the IAM role for the instance. The profile can be automatically created if you create an ECS cluster via AWS console.
Default: ecsServiceRole
EcsClusterName:
Type: String
Description: ECS Cluster Name
Default: default
Resources:
Vpc:
Type: AWS::EC2::VPC
Properties:
CidrBlock:
Fn::FindInMap:
- VpcCidrs
- Ref: AWS::Region
- vpc
EnableDnsSupport: true
EnableDnsHostnames: true
PubSubnetAz1:
Type: AWS::EC2::Subnet
Properties:
VpcId:
Ref: Vpc
CidrBlock:
Fn::FindInMap:
- VpcCidrs
- Ref: AWS::Region
- pubsubnet1
AvailabilityZone:
Fn::Select:
- '0'
- Fn::GetAZs:
Ref: AWS::Region
PubSubnetAz2:
Type: AWS::EC2::Subnet
Properties:
VpcId:
Ref: Vpc
CidrBlock:
Fn::FindInMap:
- VpcCidrs
- Ref: AWS::Region
- pubsubnet2
AvailabilityZone:
Fn::Select:
- '1'
- Fn::GetAZs:
Ref: AWS::Region
InternetGateway:
Type: AWS::EC2::InternetGateway
AttachGateway:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
VpcId:
Ref: Vpc
InternetGatewayId:
Ref: InternetGateway
RouteViaIgw:
Type: AWS::EC2::RouteTable
Properties:
VpcId:
Ref: Vpc
PublicRouteViaIgw:
Type: AWS::EC2::Route
DependsOn: AttachGateway
Properties:
RouteTableId:
Ref: RouteViaIgw
DestinationCidrBlock: 0.0.0.0/0
GatewayId:
Ref: InternetGateway
PubSubnet1RouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId:
Ref: PubSubnetAz1
RouteTableId:
Ref: RouteViaIgw
PubSubnet2RouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId:
Ref: PubSubnetAz2
RouteTableId:
Ref: RouteViaIgw
ElbSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: ELB Allowed Ports
VpcId:
Ref: Vpc
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 1234
ToPort: 1234
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 80
ToPort: 8080
CidrIp: 0.0.0.0/0
EcsSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: ECS Allowed Ports
VpcId:
Ref: Vpc
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 1234
ToPort: 1234
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 8080
ToPort: 8080
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: '1'
ToPort: '65535'
SourceSecurityGroupId:
Ref: ElbSecurityGroup
EcsElasticLoadBalancer:
Type: AWS::ElasticLoadBalancing::LoadBalancer
Properties:
SecurityGroups:
- Ref: ElbSecurityGroup
Subnets:
- Ref: PubSubnetAz1
- Ref: PubSubnetAz2
CrossZone: true
Listeners:
- LoadBalancerPort: 80
InstancePort: 8080
Protocol: HTTP
- LoadBalancerPort: 1234
InstancePort: 1234
Protocol: TCP
HealthCheck:
Target: HTTP:8080/
HealthyThreshold: '2'
UnhealthyThreshold: '10'
Interval: '30'
Timeout: '5'
EcsInstanceLcWithoutKeyPair:
Type: AWS::AutoScaling::LaunchConfiguration
Properties:
ImageId:
Ref: EcsAmiId
InstanceType:
Ref: EcsInstanceType
AssociatePublicIpAddress: true
IamInstanceProfile:
Ref: IamRoleInstanceProfile
SecurityGroups:
- Ref: EcsSecurityGroup
UserData:
Fn::Base64:
Fn::Join:
- ''
- - "#!/bin/bash\n"
- echo ECS_CLUSTER=
- Ref: EcsClusterName
- " >> /etc/ecs/ecs.config"
EcsInstanceAsg:
Type: AWS::AutoScaling::AutoScalingGroup
Properties:
VPCZoneIdentifier:
- Ref: PubSubnetAz1
- Ref: PubSubnetAz2
LaunchConfigurationName:
Ref: EcsInstanceLcWithoutKeyPair
MinSize: '1'
MaxSize:
Ref: AsgMaxSize
DesiredCapacity:
Ref: AsgMaxSize
Tags:
- Key: Name
Value:
Fn::Join:
- ''
- - 'ECS Instance - '
- Ref: AWS::StackName
PropagateAtLaunch: true
EcsCluster:
Type: AWS::ECS::Cluster
Properties:
ClusterName:
Ref: EcsClusterName
EcsTaskDef:
Type: AWS::ECS::TaskDefinition
Properties:
ContainerDefinitions:
- Image:
Ref: EcsRepository
Memory: 256
Name: cattaz-container
PortMappings:
- ContainerPort: 1234
HostPort: 1234
Protocol: tcp
- ContainerPort: 8080
HostPort: 8080
Protocol: tcp
EcsService:
Type: AWS::ECS::Service
Properties:
Cluster:
Ref: EcsCluster
Role:
Ref: IamRoleServiceProfile
TaskDefinition:
Ref: EcsTaskDef
DesiredCount: 1
LoadBalancers:
## Due to the limitation of CloudFormation and ECS, cannot add two load balancers. But it works.
# - ContainerName: cattaz-container
# ContainerPort: 1234
# LoadBalancerName:
# Ref: EcsElasticLoadBalancer
- ContainerName: cattaz-container
ContainerPort: 8080
LoadBalancerName:
Ref: EcsElasticLoadBalancer
Outputs:
EcsInstanceAsgName:
Description: Auto Scaling Group Name for ECS Instances
Value:
Ref: EcsInstanceAsg
EcsElbName:
Description: Load Balancer for ECS Service
Value:
Ref: EcsElasticLoadBalancer