-
Notifications
You must be signed in to change notification settings - Fork 19
/
aws-ecs.yaml
196 lines (196 loc) · 6.05 KB
/
aws-ecs.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
---
# 1. Create an ECS cluster via AWS console, to create IAM profiles, and delete the cluster
# 1. Create an ECR
# 1. Create a new stack in CloudFormation at ap-northeast-1 region
# 1. Launch AWS CloudFormation Designer and paste this yaml to it
AWSTemplateFormatVersion: '2010-09-09'
Description: AWS CloudFormation template to create an ECS cluster with a new VPC
Mappings:
VpcCidrs:
ap-northeast-1:
vpc: 10.123.0.0/16
pubsubnet1: 10.123.0.0/24
pubsubnet2: 10.123.1.0/24
Parameters:
EcsRepository:
Type: String
Description: Image to use for containers. repository-url/image:tag.
EcsAmiId:
Type: String
Description: ECS AMI Id. Find AMIs whose name contains 'ecs-optimized'.
EcsInstanceType:
Type: String
Description: ECS EC2 instance type
Default: t2.micro
ConstraintDescription: must be a valid EC2 instance type.
AsgMaxSize:
Type: Number
Description: Maximum size and initial Desired Capacity of ECS Auto Scaling Group
Default: '2'
IamRoleInstanceProfile:
Type: String
Description: Name or the Amazon Resource Name (ARN) of the instance profile associated with the IAM role for the instance. The profile can be automatically created if you create an ECS cluster via AWS console.
Default: ecsInstanceRole
IamRoleServiceProfile:
Type: String
Description: Name or the Amazon Resource Name (ARN) of the service profile associated with the IAM role for the instance. The profile can be automatically created if you create an ECS cluster via AWS console.
Default: ecsServiceRole
EcsClusterName:
Type: String
Description: ECS Cluster Name
Default: default
Resources:
Vpc:
Type: AWS::EC2::VPC
Properties:
CidrBlock: !FindInMap [VpcCidrs, !Ref "AWS::Region", vpc]
EnableDnsSupport: true
EnableDnsHostnames: true
PubSubnetAz1:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref Vpc
CidrBlock: !FindInMap [VpcCidrs, !Ref "AWS::Region", pubsubnet1]
AvailabilityZone: !Select
- '0'
- Fn::GetAZs: !Ref "AWS::Region"
PubSubnetAz2:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref Vpc
CidrBlock: !FindInMap [VpcCidrs, !Ref "AWS::Region", pubsubnet2]
AvailabilityZone: !Select
- '1'
- Fn::GetAZs: !Ref "AWS::Region"
InternetGateway:
Type: AWS::EC2::InternetGateway
AttachGateway:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
VpcId: !Ref Vpc
InternetGatewayId: !Ref InternetGateway
RouteViaIgw:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref Vpc
PublicRouteViaIgw:
Type: AWS::EC2::Route
DependsOn: AttachGateway
Properties:
RouteTableId: !Ref RouteViaIgw
DestinationCidrBlock: 0.0.0.0/0
GatewayId: !Ref InternetGateway
PubSubnet1RouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref PubSubnetAz1
RouteTableId: !Ref RouteViaIgw
PubSubnet2RouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref PubSubnetAz2
RouteTableId: !Ref RouteViaIgw
ElbSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: ELB Allowed Ports
VpcId: !Ref Vpc
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 80
ToPort: 8080
CidrIp: 0.0.0.0/0
EcsSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: ECS Allowed Ports
VpcId: !Ref Vpc
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 8080
ToPort: 8080
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: '1'
ToPort: '65535'
SourceSecurityGroupId: !Ref ElbSecurityGroup
EcsElasticLoadBalancer:
Type: AWS::ElasticLoadBalancing::LoadBalancer
Properties:
SecurityGroups: [!Ref ElbSecurityGroup]
Subnets: [!Ref PubSubnetAz1, !Ref PubSubnetAz2]
CrossZone: true
Listeners:
- LoadBalancerPort: 80
InstancePort: 8080
Protocol: TCP
HealthCheck:
Target: HTTP:8080/
HealthyThreshold: '2'
UnhealthyThreshold: '10'
Interval: '30'
Timeout: '5'
EcsInstanceLcWithoutKeyPair:
Type: AWS::AutoScaling::LaunchConfiguration
Properties:
ImageId: !Ref EcsAmiId
InstanceType: !Ref EcsInstanceType
AssociatePublicIpAddress: true
IamInstanceProfile: !Ref IamRoleInstanceProfile
SecurityGroups: [!Ref EcsSecurityGroup]
UserData: !Base64
Fn::Join:
- ''
- - "#!/bin/bash\n"
- "echo ECS_CLUSTER="
- !Ref "EcsClusterName"
- " >> /etc/ecs/ecs.config"
EcsInstanceAsg:
Type: AWS::AutoScaling::AutoScalingGroup
Properties:
VPCZoneIdentifier: [!Ref PubSubnetAz1, !Ref PubSubnetAz2]
LaunchConfigurationName: !Ref EcsInstanceLcWithoutKeyPair
MinSize: '1'
MaxSize: !Ref AsgMaxSize
DesiredCapacity: !Ref AsgMaxSize
Tags:
- Key: Name
Value: !Join
- ''
- - 'ECS Instance - '
- !Ref "AWS::StackName"
PropagateAtLaunch: true
EcsCluster:
Type: AWS::ECS::Cluster
Properties:
ClusterName: !Ref EcsClusterName
EcsTaskDef:
Type: AWS::ECS::TaskDefinition
Properties:
ContainerDefinitions:
- Image: !Ref EcsRepository
Command: [yarn, run, landingpage]
Memory: 256
Name: cattaz-container
PortMappings:
- ContainerPort: 8080
HostPort: 8080
Protocol: tcp
EcsService:
Type: AWS::ECS::Service
Properties:
Cluster: !Ref EcsCluster
Role: !Ref IamRoleServiceProfile
TaskDefinition: !Ref EcsTaskDef
DesiredCount: 1
LoadBalancers:
- ContainerName: cattaz-container
ContainerPort: 8080
LoadBalancerName: !Ref EcsElasticLoadBalancer
Outputs:
EcsInstanceAsgName:
Description: Auto Scaling Group Name for ECS Instances
Value: !Ref EcsInstanceAsg
EcsElbName:
Description: Load Balancer for ECS Service
Value: !Ref EcsElasticLoadBalancer