From c69dceb5aba56c3e48e8289b4bc2e6770101bc92 Mon Sep 17 00:00:00 2001 From: Ryan Date: Wed, 28 Mar 2018 21:26:39 -0400 Subject: [PATCH] Additional Fargate service --- README.md | 122 +++--- bin/deploy.sh | 2 +- templates/fargate-service.cfn.yml | 682 ++++++++++++++++++++++++++++++ templates/fargate.cfn.yml | 105 +++-- vpc-bastion-eb-rds.cfn.yml | 2 +- vpc-bastion-fargate-rds.cfn.yml | 39 +- vpc-bastion-fargate.cfn.yml | 37 +- vpc-bastion.cfn.yml | 2 +- vpc.cfn.yml | 2 +- 9 files changed, 869 insertions(+), 124 deletions(-) create mode 100644 templates/fargate-service.cfn.yml diff --git a/README.md b/README.md index f03a8903..2e008910 100644 --- a/README.md +++ b/README.md @@ -252,64 +252,64 @@ CloudFormation | Region Name | Region | VPC | Bastion | DB | Fargate | Elastic B [ ][ap-southeast-2-vpc-bastion] | Asia Pacific (Sydney) | ap-southeast-2 | ✅ | ✅ ||| [ ][ap-southeast-2-vpc-bastion-eb-rds] | Asia Pacific (Sydney) | ap-southeast-2 | ✅ | ✅ | ✅ || ✅ | -[us-east-1-vpc]: https://console.aws.amazon.com/cloudformation/home?region=us-east-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc.cfn.yml -[us-east-1-vpc-bastion]: https://console.aws.amazon.com/cloudformation/home?region=us-east-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc-bastion.cfn.yml -[us-east-1-vpc-bastion-fargate]: https://console.aws.amazon.com/cloudformation/home?region=us-east-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc-bastion-fargate.cfn.yml -[us-east-1-vpc-bastion-fargate-rds]: https://console.aws.amazon.com/cloudformation/home?region=us-east-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc-bastion-fargate-rds.cfn.yml -[us-east-1-vpc-bastion-eb-rds]: https://console.aws.amazon.com/cloudformation/home?region=us-east-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc-bastion-eb-rds.cfn.yml - -[us-east-2-vpc]: https://console.aws.amazon.com/cloudformation/home?region=us-east-2#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc.cfn.yml -[us-east-2-vpc-bastion]: https://console.aws.amazon.com/cloudformation/home?region=us-east-2#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc-bastion.cfn.yml -[us-east-2-vpc-bastion-eb-rds]: https://console.aws.amazon.com/cloudformation/home?region=us-east-2#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc-bastion-eb-rds.cfn.yml - -[us-west-1-vpc]: https://console.aws.amazon.com/cloudformation/home?region=us-west-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc.cfn.yml -[us-west-1-vpc-bastion]: https://console.aws.amazon.com/cloudformation/home?region=us-west-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc-bastion.cfn.yml -[us-west-1-vpc-bastion-eb-rds]: https://console.aws.amazon.com/cloudformation/home?region=us-west-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc-bastion-eb-rds.cfn.yml - -[us-west-2-vpc]: https://console.aws.amazon.com/cloudformation/home?region=us-west-2#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc.cfn.yml -[us-west-2-vpc-bastion]: https://console.aws.amazon.com/cloudformation/home?region=us-west-2#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc-bastion.cfn.yml -[us-west-2-vpc-bastion-eb-rds]: https://console.aws.amazon.com/cloudformation/home?region=us-west-2#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc-bastion-eb-rds.cfn.yml - -[sa-east-1-vpc]: https://console.aws.amazon.com/cloudformation/home?region=sa-east-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc.cfn.yml -[sa-east-1-vpc-bastion]: https://console.aws.amazon.com/cloudformation/home?region=sa-east-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc-bastion.cfn.yml -[sa-east-1-vpc-bastion-eb-rds]: https://console.aws.amazon.com/cloudformation/home?region=sa-east-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc-bastion-eb-rds.cfn.yml - -[eu-west-1-vpc]: https://console.aws.amazon.com/cloudformation/home?region=eu-west-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc.cfn.yml -[eu-west-1-vpc-bastion]: https://console.aws.amazon.com/cloudformation/home?region=eu-west-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc-bastion.cfn.yml -[eu-west-1-vpc-bastion-eb-rds]: https://console.aws.amazon.com/cloudformation/home?region=eu-west-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc-bastion-eb-rds.cfn.yml - -[eu-west-2-vpc]: https://console.aws.amazon.com/cloudformation/home?region=eu-west-2#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc.cfn.yml -[eu-west-2-vpc-bastion]: https://console.aws.amazon.com/cloudformation/home?region=eu-west-2#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc-bastion.cfn.yml -[eu-west-2-vpc-bastion-eb-rds]: https://console.aws.amazon.com/cloudformation/home?region=eu-west-2#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc-bastion-eb-rds.cfn.yml - -[eu-west-3-vpc]: https://console.aws.amazon.com/cloudformation/home?region=eu-west-3#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc.cfn.yml -[eu-west-3-vpc-bastion]: https://console.aws.amazon.com/cloudformation/home?region=eu-west-3#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc-bastion.cfn.yml -[eu-west-3-vpc-bastion-eb-rds]: https://console.aws.amazon.com/cloudformation/home?region=eu-west-3#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc-bastion-eb-rds.cfn.yml - -[eu-central-1-vpc]: https://console.aws.amazon.com/cloudformation/home?region=eu-central-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc.cfn.yml -[eu-central-1-vpc-bastion]: https://console.aws.amazon.com/cloudformation/home?region=eu-central-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc-bastion.cfn.yml -[eu-central-1-vpc-bastion-eb-rds]: https://console.aws.amazon.com/cloudformation/home?region=eu-central-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc-bastion-eb-rds.cfn.yml - -[ap-south-1-vpc]: https://console.aws.amazon.com/cloudformation/home?region=ap-south-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc.cfn.yml -[ap-south-1-vpc-bastion]: https://console.aws.amazon.com/cloudformation/home?region=ap-south-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc-bastion.cfn.yml -[ap-south-1-vpc-bastion-eb-rds]: https://console.aws.amazon.com/cloudformation/home?region=ap-south-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc-bastion-eb-rds.cfn.yml - -[ap-northeast-1-vpc]: https://console.aws.amazon.com/cloudformation/home?region=ap-northeast-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc.cfn.yml -[ap-northeast-1-vpc-bastion]: https://console.aws.amazon.com/cloudformation/home?region=ap-northeast-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc-bastion.cfn.yml -[ap-northeast-1-vpc-bastion-eb-rds]: https://console.aws.amazon.com/cloudformation/home?region=ap-northeast-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc-bastion-eb-rds.cfn.yml - -[ap-northeast-2-vpc]: https://console.aws.amazon.com/cloudformation/home?region=ap-northeast-2#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc.cfn.yml -[ap-northeast-2-vpc-bastion]: https://console.aws.amazon.com/cloudformation/home?region=ap-northeast-2#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc-bastion.cfn.yml -[ap-northeast-2-vpc-bastion-eb-rds]: https://console.aws.amazon.com/cloudformation/home?region=ap-northeast-2#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc-bastion-eb-rds.cfn.yml - -[ap-southeast-1-vpc]: https://console.aws.amazon.com/cloudformation/home?region=ap-southeast-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc.cfn.yml -[ap-southeast-1-vpc-bastion]: https://console.aws.amazon.com/cloudformation/home?region=ap-southeast-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc-bastion.cfn.yml -[ap-southeast-1-vpc-bastion-eb-rds]: https://console.aws.amazon.com/cloudformation/home?region=ap-southeast-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc-bastion-eb-rds.cfn.yml - -[ap-southeast-2-vpc]: https://console.aws.amazon.com/cloudformation/home?region=ap-southeast-2#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc.cfn.yml -[ap-southeast-2-vpc-bastion]: https://console.aws.amazon.com/cloudformation/home?region=ap-southeast-2#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc-bastion.cfn.yml -[ap-southeast-2-vpc-bastion-eb-rds]: https://console.aws.amazon.com/cloudformation/home?region=ap-southeast-2#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc-bastion-eb-rds.cfn.yml - -[ca-central-1-vpc]: https://console.aws.amazon.com/cloudformation/home?region=ca-central-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc.cfn.yml -[ca-central-1-vpc-bastion]: https://console.aws.amazon.com/cloudformation/home?region=ca-central-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc-bastion.cfn.yml -[ca-central-1-vpc-bastion-eb-rds]: https://console.aws.amazon.com/cloudformation/home?region=ca-central-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v2/vpc-bastion-eb-rds.cfn.yml +[us-east-1-vpc]: https://console.aws.amazon.com/cloudformation/home?region=us-east-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc.cfn.yml +[us-east-1-vpc-bastion]: https://console.aws.amazon.com/cloudformation/home?region=us-east-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc-bastion.cfn.yml +[us-east-1-vpc-bastion-fargate]: https://console.aws.amazon.com/cloudformation/home?region=us-east-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc-bastion-fargate.cfn.yml +[us-east-1-vpc-bastion-fargate-rds]: https://console.aws.amazon.com/cloudformation/home?region=us-east-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc-bastion-fargate-rds.cfn.yml +[us-east-1-vpc-bastion-eb-rds]: https://console.aws.amazon.com/cloudformation/home?region=us-east-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc-bastion-eb-rds.cfn.yml + +[us-east-2-vpc]: https://console.aws.amazon.com/cloudformation/home?region=us-east-2#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc.cfn.yml +[us-east-2-vpc-bastion]: https://console.aws.amazon.com/cloudformation/home?region=us-east-2#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc-bastion.cfn.yml +[us-east-2-vpc-bastion-eb-rds]: https://console.aws.amazon.com/cloudformation/home?region=us-east-2#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc-bastion-eb-rds.cfn.yml + +[us-west-1-vpc]: https://console.aws.amazon.com/cloudformation/home?region=us-west-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc.cfn.yml +[us-west-1-vpc-bastion]: https://console.aws.amazon.com/cloudformation/home?region=us-west-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc-bastion.cfn.yml +[us-west-1-vpc-bastion-eb-rds]: https://console.aws.amazon.com/cloudformation/home?region=us-west-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc-bastion-eb-rds.cfn.yml + +[us-west-2-vpc]: https://console.aws.amazon.com/cloudformation/home?region=us-west-2#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc.cfn.yml +[us-west-2-vpc-bastion]: https://console.aws.amazon.com/cloudformation/home?region=us-west-2#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc-bastion.cfn.yml +[us-west-2-vpc-bastion-eb-rds]: https://console.aws.amazon.com/cloudformation/home?region=us-west-2#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc-bastion-eb-rds.cfn.yml + +[sa-east-1-vpc]: https://console.aws.amazon.com/cloudformation/home?region=sa-east-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc.cfn.yml +[sa-east-1-vpc-bastion]: https://console.aws.amazon.com/cloudformation/home?region=sa-east-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc-bastion.cfn.yml +[sa-east-1-vpc-bastion-eb-rds]: https://console.aws.amazon.com/cloudformation/home?region=sa-east-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc-bastion-eb-rds.cfn.yml + +[eu-west-1-vpc]: https://console.aws.amazon.com/cloudformation/home?region=eu-west-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc.cfn.yml +[eu-west-1-vpc-bastion]: https://console.aws.amazon.com/cloudformation/home?region=eu-west-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc-bastion.cfn.yml +[eu-west-1-vpc-bastion-eb-rds]: https://console.aws.amazon.com/cloudformation/home?region=eu-west-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc-bastion-eb-rds.cfn.yml + +[eu-west-2-vpc]: https://console.aws.amazon.com/cloudformation/home?region=eu-west-2#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc.cfn.yml +[eu-west-2-vpc-bastion]: https://console.aws.amazon.com/cloudformation/home?region=eu-west-2#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc-bastion.cfn.yml +[eu-west-2-vpc-bastion-eb-rds]: https://console.aws.amazon.com/cloudformation/home?region=eu-west-2#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc-bastion-eb-rds.cfn.yml + +[eu-west-3-vpc]: https://console.aws.amazon.com/cloudformation/home?region=eu-west-3#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc.cfn.yml +[eu-west-3-vpc-bastion]: https://console.aws.amazon.com/cloudformation/home?region=eu-west-3#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc-bastion.cfn.yml +[eu-west-3-vpc-bastion-eb-rds]: https://console.aws.amazon.com/cloudformation/home?region=eu-west-3#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc-bastion-eb-rds.cfn.yml + +[eu-central-1-vpc]: https://console.aws.amazon.com/cloudformation/home?region=eu-central-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc.cfn.yml +[eu-central-1-vpc-bastion]: https://console.aws.amazon.com/cloudformation/home?region=eu-central-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc-bastion.cfn.yml +[eu-central-1-vpc-bastion-eb-rds]: https://console.aws.amazon.com/cloudformation/home?region=eu-central-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc-bastion-eb-rds.cfn.yml + +[ap-south-1-vpc]: https://console.aws.amazon.com/cloudformation/home?region=ap-south-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc.cfn.yml +[ap-south-1-vpc-bastion]: https://console.aws.amazon.com/cloudformation/home?region=ap-south-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc-bastion.cfn.yml +[ap-south-1-vpc-bastion-eb-rds]: https://console.aws.amazon.com/cloudformation/home?region=ap-south-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc-bastion-eb-rds.cfn.yml + +[ap-northeast-1-vpc]: https://console.aws.amazon.com/cloudformation/home?region=ap-northeast-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc.cfn.yml +[ap-northeast-1-vpc-bastion]: https://console.aws.amazon.com/cloudformation/home?region=ap-northeast-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc-bastion.cfn.yml +[ap-northeast-1-vpc-bastion-eb-rds]: https://console.aws.amazon.com/cloudformation/home?region=ap-northeast-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc-bastion-eb-rds.cfn.yml + +[ap-northeast-2-vpc]: https://console.aws.amazon.com/cloudformation/home?region=ap-northeast-2#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc.cfn.yml +[ap-northeast-2-vpc-bastion]: https://console.aws.amazon.com/cloudformation/home?region=ap-northeast-2#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc-bastion.cfn.yml +[ap-northeast-2-vpc-bastion-eb-rds]: https://console.aws.amazon.com/cloudformation/home?region=ap-northeast-2#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc-bastion-eb-rds.cfn.yml + +[ap-southeast-1-vpc]: https://console.aws.amazon.com/cloudformation/home?region=ap-southeast-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc.cfn.yml +[ap-southeast-1-vpc-bastion]: https://console.aws.amazon.com/cloudformation/home?region=ap-southeast-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc-bastion.cfn.yml +[ap-southeast-1-vpc-bastion-eb-rds]: https://console.aws.amazon.com/cloudformation/home?region=ap-southeast-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc-bastion-eb-rds.cfn.yml + +[ap-southeast-2-vpc]: https://console.aws.amazon.com/cloudformation/home?region=ap-southeast-2#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc.cfn.yml +[ap-southeast-2-vpc-bastion]: https://console.aws.amazon.com/cloudformation/home?region=ap-southeast-2#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc-bastion.cfn.yml +[ap-southeast-2-vpc-bastion-eb-rds]: https://console.aws.amazon.com/cloudformation/home?region=ap-southeast-2#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc-bastion-eb-rds.cfn.yml + +[ca-central-1-vpc]: https://console.aws.amazon.com/cloudformation/home?region=ca-central-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc.cfn.yml +[ca-central-1-vpc-bastion]: https://console.aws.amazon.com/cloudformation/home?region=ca-central-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc-bastion.cfn.yml +[ca-central-1-vpc-bastion-eb-rds]: https://console.aws.amazon.com/cloudformation/home?region=ca-central-1#/stacks/create/review?templateURL=https://s3.amazonaws.com/awslabs-startup-kit-templates-deploy-v3/vpc-bastion-eb-rds.cfn.yml diff --git a/bin/deploy.sh b/bin/deploy.sh index f63ecbf5..5ba767f6 100755 --- a/bin/deploy.sh +++ b/bin/deploy.sh @@ -1,7 +1,7 @@ #!/bin/bash # -# Usage: ./bin/deploy.sh awslabs-startup-kit-templates-deploy-v2 startup +# Usage: ./bin/deploy.sh awslabs-startup-kit-templates-deploy-v3 startup # # The first argument is the bucket and the second is the aws cli profile # diff --git a/templates/fargate-service.cfn.yml b/templates/fargate-service.cfn.yml new file mode 100644 index 00000000..a6ecdeb1 --- /dev/null +++ b/templates/fargate-service.cfn.yml @@ -0,0 +1,682 @@ +--- +AWSTemplateFormatVersion: 2010-09-09 + +# A CloudFormation template to deploy an additional service to Fargate. This requires an existing +# cluster deployed by fargate.cfn.yml. + +Description: Fargate Service + + +Parameters: + + NetworkStackName: + Type: String + Description: Name of an active Startup Kit CloudFormation stack that contains networking resources + MinLength: 1 + MaxLength: 255 + AllowedPattern: "^[a-zA-Z][-a-zA-Z0-9]*$" + + EnvironmentName: + Type: String + Description: Environment name - dev or prod + Default: dev + AllowedValues: + - dev + - prod + ConstraintDescription: Specify either dev or prod + + DatabaseStackName: + Type: String + Description: Name of an optional active Startup Kit CloudFormation stack that contains database resources + Default: "" + + FargateStackName: + Type: String + Description: Name of an active Startup Kit CloudFormation stack that contains Fargate resources + MinLength: 1 + MaxLength: 255 + AllowedPattern: "^[a-zA-Z][-a-zA-Z0-9]*$" + + RegisterServiceWithAlb: + Default: true + Type: String + Description: Set to false to disable registering with the ALB (e.g., backend services without a web interface) + ConstraintDescription: Only true or false are allowed + AllowedValues: + - true + - false + + AppProtocol: + Type: String + Description: The application server protocol + Default: HTTP + AllowedValues: + - HTTP + - HTTPS + ConstraintDescription: Specify either HTTTP or HTTPS + + ServiceUrlPath: + Type: String + Description: The URL path for the service (e.g., /test) + Default: /test + MinLength: 1 + MaxLength: 255 + ConstraintDescription: Value must be between 1 and 255 characters + + ServiceLBListenerPriority: + Type: Number + Description: The service load balancer listener priority - must be unique for each service if ALB is enabled + Default: 2 + MinValue: 2 + MaxValue: 50000 + ConstraintDescription: Number must be between 1 and 50,000 + + HealthCheckPath: + Type: String + Description: The path for the Application Load Balancer health check + Default: / + MinLength: 1 + MaxLength: 255 + ConstraintDescription: Value must be between 1 and 255 characters + + GitHubSourceRepo: + Type: String + Description: GitHub source repository - must contain a Dockerfile in the base + + GitHubBranch: + Type: String + Default: master + Description: GitHub repository branch to trigger builds + + GitHubToken: + Type: String + NoEcho: true + Description: "GitHub API token - see: https://github.com/blog/1509-personal-api-tokens" + + GitHubUser: + Type: String + Description: GitHub username + + CodeBuildDockerImage: + Type: String + Default: aws/codebuild/docker:17.09.0 + + SeedDockerImage: + Type: String + Default: registry.hub.docker.com/library/nginx:1.13 + Description: The initial image, before the GitHub repo above is deployed. Existing application images in ECR should override this parameter + + ContainerCpu: + Type: Number + Description: "Amount of CPU for the container - options available: https://aws.amazon.com/fargate/pricing/" + Default: 256 + MinValue: 256 + MaxValue: 4096 + ConstraintDescription: "Value must be between 256 and 4096 - see: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#task_size" + + ContainerMemory: + Type: Number + Description: "Amount of memory for the container - options available: https://aws.amazon.com/fargate/pricing/" + Default: 512 + MinValue: 512 + MaxValue: 30720 + ConstraintDescription: "Value must be between 512 and 30720 - see: https://aws.amazon.com/fargate/pricing/" + + # CPU alarm parameters + CpuAlarmEvaluationPeriods: + Description: The number of periods over which data is compared to the specified threshold + Type: Number + Default: 2 + MinValue: 2 + + CpuScaleOutThreshold: + Type: Number + Description: Average CPU value to trigger auto scaling out + Default: 50 + MinValue: 0 + MaxValue: 100 + ConstraintDescription: Value must be between 0 and 100 + + CpuScaleInThreshold: + Type: Number + Description: Average CPU value to trigger auto scaling in + Default: 25 + MinValue: 0 + MaxValue: 100 + ConstraintDescription: Value must be between 0 and 100 + + # Auto scaling container counts + TaskMinContainerCount: + Type: Number + Description: Minimum number of containers to run for the service + Default: 1 + MinValue: 1 + ConstraintDescription: Value must be at least one + + TaskMaxContainerCount: + Type: Number + Description: Maximum number of containers to run for the service when auto scaling out + Default: 2 + MinValue: 1 + ConstraintDescription: Value must be at least one + + ContainerLogRetentionInDays: + Type: Number + Default: 7 + + +Conditions: + + IsDbStackSet: !Not [ !Equals [ !Ref DatabaseStackName, "" ] ] + + AddServiceToAlb: !Equals [ !Ref RegisterServiceWithAlb, true ] + + DoNotAddServiceToAlb: !Equals [ !Ref RegisterServiceWithAlb, false ] + + +Resources: + + CodePipelineArtifactBucket: + Type: AWS::S3::Bucket + DeletionPolicy: Delete + + CodeBuildServiceRole: + Type: AWS::IAM::Role + Properties: + Path: / + AssumeRolePolicyDocument: + Version: 2012-10-17 + Statement: + - Effect: Allow + Principal: + Service: codebuild.amazonaws.com + Action: sts:AssumeRole + Policies: + - PolicyName: root + PolicyDocument: + Version: 2012-10-17 + Statement: + - Resource: "*" + Effect: Allow + Action: + - logs:CreateLogGroup + - logs:CreateLogStream + - logs:PutLogEvents + - ecr:GetAuthorizationToken + - Resource: !Sub arn:aws:s3:::${CodePipelineArtifactBucket}/* + Effect: Allow + Action: + - s3:GetObject + - s3:PutObject + - s3:GetObjectVersion + - Resource: + Fn::ImportValue: !Sub ${FargateStackName}-EcrDockerRepositoryArn + Effect: Allow + Action: + - ecr:GetDownloadUrlForLayer + - ecr:BatchGetImage + - ecr:BatchCheckLayerAvailability + - ecr:PutImage + - ecr:InitiateLayerUpload + - ecr:UploadLayerPart + - ecr:CompleteLayerUpload + + # By default, the build specification is defined in this template, but you can also add buildspec.yml + # files in your repos to allow for customization. + # See: + # https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html + # https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codebuild-project-source.html + CodeBuildProject: + Type: AWS::CodeBuild::Project + Properties: + Artifacts: + Type: CODEPIPELINE + Source: + Type: CODEPIPELINE + BuildSpec: !Sub + - | + --- + version: 0.2 + phases: + install: + commands: + - apt-get update && apt-get -y install python-pip && pip install --upgrade python && pip install --upgrade awscli + pre_build: + commands: + - printenv + - TAG="$REPOSITORY_NAME.$REPOSITORY_BRANCH.$ENVIRONMENT_NAME.$(date +%Y-%m-%d.%H.%M.%S).$(echo $CODEBUILD_RESOLVED_SOURCE_VERSION | head -c 8)" + - echo $TAG + - $(aws ecr get-login --no-include-email) + build: + commands: + - docker build --tag $REPOSITORY_URI:$TAG . + post_build: + commands: + - docker push $REPOSITORY_URI:$TAG + - printf '[{"name":"${ServiceName}","imageUri":"%s"}]' $REPOSITORY_URI:$TAG > build.json + artifacts: + files: build.json + - ServiceName: !Ref GitHubSourceRepo + Environment: + ComputeType: BUILD_GENERAL1_SMALL + Type: LINUX_CONTAINER + Image: !Ref CodeBuildDockerImage + EnvironmentVariables: + - Name: REPOSITORY_URI + Value: + Fn::ImportValue: !Sub ${FargateStackName}-EcrDockerRepositoryUri + - Name: ENVIRONMENT_NAME + Value: !Ref EnvironmentName + - Name: REPOSITORY_NAME + Value: !Ref GitHubSourceRepo + - Name: REPOSITORY_BRANCH + Value: !Ref GitHubBranch + Name: !Ref AWS::StackName + ServiceRole: !Ref CodeBuildServiceRole + + CodePipelineServiceRole: + Type: AWS::IAM::Role + Properties: + Path: / + AssumeRolePolicyDocument: + Version: 2012-10-17 + Statement: + - Effect: Allow + Principal: + Service: codepipeline.amazonaws.com + Action: sts:AssumeRole + Policies: + - PolicyName: codepipeline-access + PolicyDocument: + Version: 2012-10-17 + Statement: + - Resource: "*" + Effect: Allow + Action: + - ecs:List* + - ecs:Describe* + - ecs:RegisterTaskDefinition + - ecs:UpdateService + - codebuild:StartBuild + - codebuild:BatchGetBuilds + - iam:PassRole + - Resource: !Sub arn:aws:s3:::${CodePipelineArtifactBucket}/* + Effect: Allow + Action: + - s3:PutObject + - s3:GetObject + - s3:GetObjectVersion + - s3:GetBucketVersioning + DependsOn: + - CodePipelineArtifactBucket + + # This CodePipeline triggers on a commit to the Git branch passed, builds the Docker image + # and then deploys the container in the Fargate Cluster. CodePipeline can support N stages. For + # example, you may want to add a stage to test your build and/or container. + CodePipeline: + Type: AWS::CodePipeline::Pipeline + Properties: + RoleArn: !GetAtt CodePipelineServiceRole.Arn + ArtifactStore: + Type: S3 + Location: !Ref CodePipelineArtifactBucket + Stages: + - Name: Source + Actions: + - Name: App + ActionTypeId: + Category: Source + Owner: ThirdParty + Version: 1 + Provider: GitHub + Configuration: + Owner: !Ref GitHubUser + Repo: !Ref GitHubSourceRepo + Branch: !Ref GitHubBranch + OAuthToken: !Ref GitHubToken + OutputArtifacts: + - Name: App + RunOrder: 1 + - Name: Build + Actions: + - Name: Build + ActionTypeId: + Category: Build + Owner: AWS + Version: 1 + Provider: CodeBuild + Configuration: + ProjectName: !Ref CodeBuildProject + InputArtifacts: + - Name: App + OutputArtifacts: + - Name: BuildOutput + RunOrder: 1 + - Name: Deploy + Actions: + - Name: Deploy + ActionTypeId: + Category: Deploy + Owner: AWS + Version: 1 + Provider: ECS + Configuration: + ClusterName: + Fn::ImportValue: !Sub ${FargateStackName}-FargateEcsClusterName + ServiceName: !If [ AddServiceToAlb, !GetAtt ServiceWithAlb.Name, !GetAtt ServiceWithoutAlb.Name ] + FileName: build.json + InputArtifacts: + - Name: BuildOutput + RunOrder: 1 + DependsOn: + - CodePipelineArtifactBucket + - CodeBuildProject + - CodePipelineServiceRole + + # The namespace in Amazon CloudWatch Logs - see https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatchLogsConcepts.html + LogGroup: + Type: AWS::Logs::LogGroup + Properties: + LogGroupName: !Sub /fargate/app/${EnvironmentName}/${GitHubSourceRepo}/${GitHubBranch} + RetentionInDays: !Ref ContainerLogRetentionInDays + + TaskRole: + Type: AWS::IAM::Role + Properties: + Path: / + AssumeRolePolicyDocument: + Version: 2012-10-17 + Statement: + - Effect: Allow + Principal: + Service: ecs-tasks.amazonaws.com + Action: sts:AssumeRole + + TaskExecutionRole: + Type: AWS::IAM::Role + Properties: + Path: / + AssumeRolePolicyDocument: + Version: 2012-10-17 + Statement: + - Effect: Allow + Principal: + Service: ecs-tasks.amazonaws.com + Action: sts:AssumeRole + ManagedPolicyArns: + - arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy + + TaskDefinition: + Type: AWS::ECS::TaskDefinition + Properties: + Family: !Sub ${AWS::StackName}-${GitHubSourceRepo} + RequiresCompatibilities: + - FARGATE + Cpu: !Ref ContainerCpu + Memory: !Ref ContainerMemory + NetworkMode: awsvpc + TaskRoleArn: !GetAtt TaskRole.Arn + ExecutionRoleArn: !GetAtt TaskExecutionRole.Arn + ContainerDefinitions: + - Name: !Ref GitHubSourceRepo + Image: !Ref SeedDockerImage + Essential: true + PortMappings: + - ContainerPort: + Fn::ImportValue: !Sub ${NetworkStackName}-AppIngressPort + + # Environment variables can be customized by adding parameters/values below. Secrets + # should be stored in AWS Systems Manager Parameter Store. + # See: https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-paramstore.html + Environment: + - Name: ENVIRONMENT_NAME + Value: !Ref EnvironmentName + - Name: DATABASE_ENDPOINT + Value: !If [ IsDbStackSet, "Fn::ImportValue": !Sub "${DatabaseStackName}-DatabaseURL", "" ] + - Name: DATABASE_USER + Value: !If [ IsDbStackSet, "Fn::ImportValue": !Sub "${DatabaseStackName}-DatabaseUser", "" ] + - Name: LOAD_BALANCER_DNS + Value: + Fn::ImportValue: !Sub ${FargateStackName}-ApplicationLoadBalancerDnsName + LogConfiguration: + LogDriver: awslogs + Options: + awslogs-region: !Ref AWS::Region + awslogs-group: !Ref LogGroup + awslogs-stream-prefix: !Ref GitHubSourceRepo + DependsOn: + - LogGroup + - TaskExecutionRole + + ServiceWithoutAlb: + Type: AWS::ECS::Service + Condition: DoNotAddServiceToAlb + Properties: + Cluster: + Fn::ImportValue: !Sub ${FargateStackName}-FargateEcsClusterName + ServiceName: !Ref AWS::StackName + DesiredCount: !Ref TaskMinContainerCount + LaunchType: FARGATE + TaskDefinition: !Ref TaskDefinition + NetworkConfiguration: + AwsvpcConfiguration: + AssignPublicIp: DISABLED + Subnets: + - Fn::ImportValue: !Sub ${NetworkStackName}-PrivateSubnet1ID + - Fn::ImportValue: !Sub ${NetworkStackName}-PrivateSubnet2ID + DependsOn: + - TaskDefinition + + ServiceWithAlb: + Type: AWS::ECS::Service + Condition: AddServiceToAlb + Properties: + Cluster: + Fn::ImportValue: !Sub ${FargateStackName}-FargateEcsClusterName + ServiceName: !Ref AWS::StackName + DesiredCount: !Ref TaskMinContainerCount + LaunchType: FARGATE + TaskDefinition: !Ref TaskDefinition + LoadBalancers: + - ContainerName: !Ref GitHubSourceRepo + ContainerPort: + Fn::ImportValue: !Sub ${NetworkStackName}-AppIngressPort + TargetGroupArn: !Ref TargetGroup + NetworkConfiguration: + AwsvpcConfiguration: + AssignPublicIp: DISABLED + SecurityGroups: + - Fn::ImportValue: !Sub ${NetworkStackName}-AppSecurityGroupID + Subnets: + - Fn::ImportValue: !Sub ${NetworkStackName}-PrivateSubnet1ID + - Fn::ImportValue: !Sub ${NetworkStackName}-PrivateSubnet2ID + DependsOn: + - TaskDefinition + + AutoScalingRole: + Type: AWS::IAM::Role + Properties: + AssumeRolePolicyDocument: + Statement: + - Effect: Allow + Principal: + Service: application-autoscaling.amazonaws.com + Action: sts:AssumeRole + Path: / + Policies: + - PolicyName: service-autoscaling + PolicyDocument: + Statement: + - Effect: Allow + Action: + - application-autoscaling:* + - cloudwatch:DescribeAlarms + - cloudwatch:PutMetricAlarm + - ecs:DescribeServices + - ecs:UpdateService + Resource: '*' + + ScalingTarget: + Type: AWS::ApplicationAutoScaling::ScalableTarget + Properties: + MinCapacity: !Ref TaskMinContainerCount + MaxCapacity: !Ref TaskMaxContainerCount + ResourceId: !Sub + - service/${EcsClusterName}/${ServiceName} + - EcsClusterName: + Fn::ImportValue: !Sub ${FargateStackName}-FargateEcsClusterName + ServiceName: !If [ AddServiceToAlb, !GetAtt ServiceWithAlb.Name, !GetAtt ServiceWithoutAlb.Name ] + RoleARN: !GetAtt AutoScalingRole.Arn + ScalableDimension: ecs:service:DesiredCount + ServiceNamespace: ecs + DependsOn: + - AutoScalingRole + + ScaleOutPolicy: + Type: AWS::ApplicationAutoScaling::ScalingPolicy + Properties: + PolicyName: ScaleOutPolicy + PolicyType: StepScaling + ScalingTargetId: !Ref ScalingTarget + StepScalingPolicyConfiguration: + AdjustmentType: ChangeInCapacity + Cooldown: 60 + MetricAggregationType: Average + StepAdjustments: + - ScalingAdjustment: 1 + MetricIntervalLowerBound: 0 + DependsOn: ScalingTarget + + ScaleInPolicy: + Type: AWS::ApplicationAutoScaling::ScalingPolicy + Properties: + PolicyName: ScaleInPolicy + PolicyType: StepScaling + ScalingTargetId: !Ref ScalingTarget + StepScalingPolicyConfiguration: + AdjustmentType: ChangeInCapacity + Cooldown: 60 + MetricAggregationType: Average + StepAdjustments: + - ScalingAdjustment: -1 + MetricIntervalUpperBound: 0 + DependsOn: ScalingTarget + + ScaleOutAlarm: + Type: AWS::CloudWatch::Alarm + Properties: + EvaluationPeriods: !Ref CpuAlarmEvaluationPeriods + Statistic: Average + TreatMissingData: notBreaching + Threshold: !Ref CpuScaleOutThreshold + AlarmDescription: Alarm to add capacity if CPU is high + Period: 60 + AlarmActions: + - !Ref ScaleOutPolicy + Namespace: AWS/ECS + Dimensions: + - Name: ClusterName + Value: + Fn::ImportValue: !Sub ${FargateStackName}-FargateEcsClusterName + - Name: ServiceName + Value: !If [ AddServiceToAlb, !GetAtt ServiceWithAlb.Name, !GetAtt ServiceWithoutAlb.Name ] + ComparisonOperator: GreaterThanThreshold + MetricName: CPUUtilization + DependsOn: + - ScaleOutPolicy + + ScaleInAlarm: + Type: AWS::CloudWatch::Alarm + Properties: + EvaluationPeriods: !Ref CpuAlarmEvaluationPeriods + Statistic: Average + TreatMissingData: notBreaching + Threshold: !Ref CpuScaleInThreshold + AlarmDescription: Alarm to reduce capacity if container CPU is low + Period: 300 + AlarmActions: + - !Ref ScaleInPolicy + Namespace: AWS/ECS + Dimensions: + - Name: ClusterName + Value: + Fn::ImportValue: !Sub ${FargateStackName}-FargateEcsClusterName + - Name: ServiceName + Value: !If [ AddServiceToAlb, !GetAtt ServiceWithAlb.Name, !GetAtt ServiceWithoutAlb.Name ] + ComparisonOperator: LessThanThreshold + MetricName: CPUUtilization + DependsOn: + - ScaleInPolicy + + # The health checks can be further tuned if your requirements differ + TargetGroup: + Type: AWS::ElasticLoadBalancingV2::TargetGroup + Condition: AddServiceToAlb + Properties: + VpcId: + Fn::ImportValue: !Sub ${NetworkStackName}-VpcID + Port: + Fn::ImportValue: !Sub ${NetworkStackName}-AppIngressPort + Protocol: !Ref AppProtocol + Matcher: + HttpCode: 200 + HealthCheckIntervalSeconds: 10 + HealthCheckPath: !Ref HealthCheckPath + HealthCheckProtocol: !Ref AppProtocol + HealthCheckTimeoutSeconds: 5 + HealthyThresholdCount: 2 + TargetGroupAttributes: + - Key: deregistration_delay.timeout_seconds + Value: 300 + TargetType: ip + Tags: + - Key: Repository + Value: !Ref GitHubSourceRepo + - Key: Branch + Value: !Ref GitHubBranch + - Key: Stack + Value: !Ref AWS::StackName + - Key: Environment + Value: !Ref EnvironmentName + + ListenerRule: + Type: AWS::ElasticLoadBalancingV2::ListenerRule + Condition: AddServiceToAlb + Properties: + ListenerArn: + Fn::ImportValue: !Sub ${FargateStackName}-ApplicationLoadBalancerListenerArn + Priority: !Ref ServiceLBListenerPriority + Conditions: + - Field: path-pattern + Values: + - !Ref ServiceUrlPath + Actions: + - TargetGroupArn: !Ref TargetGroup + Type: forward + DependsOn: + - TargetGroup + + +Outputs: + + ServiceArn: + Value: !If [ AddServiceToAlb, !Ref ServiceWithAlb, !Ref ServiceWithoutAlb ] + Export: + Name: !Sub ${AWS::StackName}-ServiceArn + + ServiceName: + Value: !If [ AddServiceToAlb, !GetAtt ServiceWithAlb.Name, !GetAtt ServiceWithoutAlb.Name ] + Export: + Name: !Sub ${AWS::StackName}-ServiceName + + CodePipelineArtifactBucketName: + Value: !Ref CodePipelineArtifactBucket + Export: + Name: !Sub ${AWS::StackName}-CodePipelineArtifactBucket + + CodePipelineArtifactBucketArn: + Value: !GetAtt CodePipelineArtifactBucket.Arn + Export: + Name: !Sub ${AWS::StackName}-CodePipelineArtifactBucketArn + + diff --git a/templates/fargate.cfn.yml b/templates/fargate.cfn.yml index 2f909375..d664a636 100644 --- a/templates/fargate.cfn.yml +++ b/templates/fargate.cfn.yml @@ -118,17 +118,24 @@ Parameters: MaxValue: 30720 ConstraintDescription: "Value must be between 512 and 30720 - see: https://aws.amazon.com/fargate/pricing/" - DefaultServiceCpuScaleUpThreshold: + # Scaling params + DefaultServiceScaleEvaluationPeriods: + Description: The number of periods over which data is compared to the specified threshold + Type: Number + Default: 2 + MinValue: 2 + + DefaultServiceCpuScaleOutThreshold: Type: Number - Description: Average CPU value to trigger auto scaling up + Description: Average CPU value to trigger auto scaling out Default: 50 MinValue: 0 MaxValue: 100 ConstraintDescription: Value must be between 0 and 100 - DefaultServiceCpuScaleDownThreshold: + DefaultServiceCpuScaleInThreshold: Type: Number - Description: Average CPU value to trigger auto scaling down + Description: Average CPU value to trigger auto scaling in Default: 25 MinValue: 0 MaxValue: 100 @@ -143,7 +150,7 @@ Parameters: DefaultTaskMaxContainerCount: Type: Number - Description: Maximum number of containers to run for the service when auto scaling up + Description: Maximum number of containers to run for the service when auto scaling out Default: 2 MinValue: 1 ConstraintDescription: Value must be at least one @@ -194,9 +201,9 @@ Parameters: LoadBalancerLatencySeconds: Description: LoadBalancer latency threshold, in seconds Type: Number - Default: 1 + Default: 2 MinValue: 1 - ConstraintDescription: Must be atleast one + ConstraintDescription: Must be at least one second EnableLBAlarm: Description: Set to true to enable load balancer latency alarm @@ -219,6 +226,7 @@ Conditions: IsLBAlarmEnabled: !Equals [ !Ref EnableLBAlarm, true ] + Resources: DefaultContainerBucket: @@ -291,7 +299,7 @@ Resources: pre_build: commands: - printenv - - TAG="$ENVIRONMENT_NAME.$(date +%Y-%m-%d).$(echo $CODEBUILD_RESOLVED_SOURCE_VERSION | head -c 8)" + - TAG="$REPOSITORY_NAME.$REPOSITORY_BRANCH.$ENVIRONMENT_NAME.$(date +%Y-%m-%d.%H.%M.%S).$(echo $CODEBUILD_RESOLVED_SOURCE_VERSION | head -c 8)" - $(aws ecr get-login --no-include-email) build: commands: @@ -308,12 +316,14 @@ Resources: Type: LINUX_CONTAINER Image: !Ref CodeBuildDockerImage EnvironmentVariables: - - Name: AWS_DEFAULT_REGION - Value: !Ref AWS::Region - Name: REPOSITORY_URI Value: !Sub ${AWS::AccountId}.dkr.ecr.${AWS::Region}.amazonaws.com/${EcrDockerRepository} - Name: ENVIRONMENT_NAME Value: !Ref EnvironmentName + - Name: REPOSITORY_NAME + Value: !Ref GitHubSourceRepo + - Name: REPOSITORY_BRANCH + Value: !Ref GitHubBranch Name: !Ref AWS::StackName ServiceRole: !Ref CodeBuildServiceRole @@ -471,8 +481,12 @@ Resources: SecurityGroups: - Fn::ImportValue: !Sub ${NetworkStackName}-ELBSecurityGroupID Tags: - - Key: Name + - Key: Stack Value: !Ref AWS::StackName + - Key: Environment + Value: !Ref EnvironmentName + - Key: FargateCluster + Value: !Ref FargateEcsCluster AlbRoute53Record: Type: AWS::Route53::RecordSet @@ -506,13 +520,22 @@ Resources: - Key: deregistration_delay.timeout_seconds Value: 300 TargetType: ip + Tags: + - Key: Repository + Value: !Ref GitHubSourceRepo + - Key: Branch + Value: !Ref GitHubBranch + - Key: Stack + Value: !Ref AWS::StackName + - Key: Environment + Value: !Ref EnvironmentName DependsOn: ApplicationLoadBalancer - # The namespace in Amazon CloudWatch Logs + # The namespace in Amazon CloudWatch Logs - see https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatchLogsConcepts.html DefaultLogGroup: Type: AWS::Logs::LogGroup Properties: - LogGroupName: !Sub /fargate/app/${GitHubSourceRepo}-${AWS::StackName} + LogGroupName: !Sub /fargate/app/${EnvironmentName}/${GitHubSourceRepo}/${GitHubBranch} RetentionInDays: !Ref ContainerLogRetentionInDays DefaultTaskRole: @@ -581,6 +604,8 @@ Resources: Value: !If [ IsDbStackSet, "Fn::ImportValue": !Sub "${DatabaseStackName}-DatabaseURL", "" ] - Name: DATABASE_USER Value: !If [ IsDbStackSet, "Fn::ImportValue": !Sub "${DatabaseStackName}-DatabaseUser", "" ] + - Name: LOAD_BALANCER_DNS + Value: !If [ CreateRoute53Record, !Ref LoadBalancerDomainName, !GetAtt ApplicationLoadBalancer.DNSName ] LogConfiguration: LogDriver: awslogs Options: @@ -657,10 +682,10 @@ Resources: - DefaultFargateService - ServiceAutoScalingRole - DefaultServiceScaleUpPolicy: + DefaultServiceScaleOutPolicy: Type: AWS::ApplicationAutoScaling::ScalingPolicy Properties: - PolicyName: ScaleUpPolicy + PolicyName: ScaleOutPolicy PolicyType: StepScaling ScalingTargetId: !Ref DefaultServiceScalingTarget StepScalingPolicyConfiguration: @@ -672,10 +697,10 @@ Resources: MetricIntervalLowerBound: 0 DependsOn: DefaultServiceScalingTarget - DefaultServiceScaleDownPolicy: + DefaultServiceScaleInPolicy: Type: AWS::ApplicationAutoScaling::ScalingPolicy Properties: - PolicyName: ScaleDownPolicy + PolicyName: ScaleInPolicy PolicyType: StepScaling ScalingTargetId: !Ref DefaultServiceScalingTarget StepScalingPolicyConfiguration: @@ -687,16 +712,17 @@ Resources: MetricIntervalUpperBound: 0 DependsOn: DefaultServiceScalingTarget - DefaulServiceScaleUpAlarm: + DefaulServiceScaleOutAlarm: Type: AWS::CloudWatch::Alarm Properties: - EvaluationPeriods: 1 + EvaluationPeriods: !Ref DefaultServiceScaleEvaluationPeriods Statistic: Average - Threshold: !Ref DefaultServiceCpuScaleUpThreshold + TreatMissingData: notBreaching + Threshold: !Ref DefaultServiceCpuScaleOutThreshold AlarmDescription: Alarm to add capacity if CPU is high Period: 60 AlarmActions: - - !Ref DefaultServiceScaleUpPolicy + - !Ref DefaultServiceScaleOutPolicy Namespace: AWS/ECS Dimensions: - Name: ClusterName @@ -707,18 +733,19 @@ Resources: MetricName: CPUUtilization DependsOn: - DefaultFargateService - - DefaultServiceScaleUpPolicy + - DefaultServiceScaleOutPolicy - DefaulServiceScaleDownAlarm: + DefaulServiceScaleInAlarm: Type: AWS::CloudWatch::Alarm Properties: - EvaluationPeriods: 1 + EvaluationPeriods: !Ref DefaultServiceScaleEvaluationPeriods Statistic: Average - Threshold: !Ref DefaultServiceCpuScaleDownThreshold + TreatMissingData: notBreaching + Threshold: !Ref DefaultServiceCpuScaleInThreshold AlarmDescription: Alarm to reduce capacity if container CPU is low Period: 300 AlarmActions: - - !Ref DefaultServiceScaleDownPolicy + - !Ref DefaultServiceScaleInPolicy Namespace: AWS/ECS Dimensions: - Name: ClusterName @@ -729,7 +756,7 @@ Resources: MetricName: CPUUtilization DependsOn: - DefaultFargateService - - DefaultServiceScaleDownPolicy + - DefaultServiceScaleInPolicy LoadBalancerListener: Type: AWS::ElasticLoadBalancingV2::Listener @@ -751,8 +778,7 @@ Resources: Type: AWS::CloudWatch::Alarm Condition: IsLBAlarmEnabled Properties: - AlarmName: LoadBalancer Latency Alarm - AlarmDescription: !Sub LB latency is over ${LoadBalancerLatencySeconds} for ${LoadBalancerAlarmEvaluationPeriods} period(s) of ${LoadBalancerAlarmEvaluationPeriodSeconds} seconds + AlarmDescription: !Sub LB latency is over ${LoadBalancerLatencySeconds} second(s) for ${LoadBalancerAlarmEvaluationPeriods} period(s) of ${LoadBalancerAlarmEvaluationPeriodSeconds} seconds TreatMissingData: notBreaching AlarmActions: - !Ref LoadBalancerAlarmTopic @@ -811,12 +837,12 @@ Outputs: DefaultFargateServiceArn: Value: !Ref DefaultFargateService Export: - Name: !Sub ${AWS::StackName}DefaultFargateServiceArn + Name: !Sub ${AWS::StackName}-DefaultFargateServiceArn DefaultFargateServiceName: Value: !GetAtt DefaultFargateService.Name Export: - Name: !Sub ${AWS::StackName}DefaultFargateServiceName + Name: !Sub ${AWS::StackName}-DefaultFargateServiceName ApplicationLoadBalancerArn: Value: !Ref ApplicationLoadBalancer @@ -824,7 +850,7 @@ Outputs: Name: !Sub ${AWS::StackName}-ApplicationLoadBalancerArn ApplicationLoadBalancerDnsName: - Value: !GetAtt ApplicationLoadBalancer.DNSName + Value: !If [ CreateRoute53Record, !Ref LoadBalancerDomainName, !GetAtt ApplicationLoadBalancer.DNSName ] Export: Name: !Sub ${AWS::StackName}-ApplicationLoadBalancerDnsName @@ -833,6 +859,11 @@ Outputs: Export: Name: !Sub ${AWS::StackName}-ApplicationLoadBalancerName + ApplicationLoadBalancerListenerArn: + Value: !Ref LoadBalancerListener + Export: + Name: !Sub ${AWS::StackName}-ApplicationLoadBalancerListenerArn + LoadBalancerAlarmTopicArn: Description: LoadBalancer Alarm Topic ARN Value: !Ref LoadBalancerAlarmTopic @@ -847,3 +878,13 @@ Outputs: Export: Name: !Sub ${AWS::StackName}-LoadBalancerAlarmTopicName + CodePipelineArtifactBucketName: + Value: !Ref CodePipelineArtifactBucket + Export: + Name: !Sub ${AWS::StackName}-CodePipelineArtifactBucket + + CodePipelineArtifactBucketArn: + Value: !GetAtt CodePipelineArtifactBucket.Arn + Export: + Name: !Sub ${AWS::StackName}-CodePipelineArtifactBucketArn + diff --git a/vpc-bastion-eb-rds.cfn.yml b/vpc-bastion-eb-rds.cfn.yml index b722ea6a..4482a20b 100644 --- a/vpc-bastion-eb-rds.cfn.yml +++ b/vpc-bastion-eb-rds.cfn.yml @@ -9,7 +9,7 @@ Parameters: TemplateBucket: Type: String - Default: awslabs-startup-kit-templates-deploy-v2 + Default: awslabs-startup-kit-templates-deploy-v3 Description: The template bucket for the CloudFormation templates EnvironmentName: diff --git a/vpc-bastion-fargate-rds.cfn.yml b/vpc-bastion-fargate-rds.cfn.yml index 33bc3ac7..529b4231 100644 --- a/vpc-bastion-fargate-rds.cfn.yml +++ b/vpc-bastion-fargate-rds.cfn.yml @@ -9,7 +9,7 @@ Parameters: TemplateBucket: Type: String - Default: awslabs-startup-kit-templates-deploy-v2 + Default: awslabs-startup-kit-templates-deploy-v3 Description: The template bucket for the CloudFormation templates # vpc.cfn.yml parameters @@ -98,7 +98,7 @@ Parameters: LoadBalancerLatencySeconds: Description: LoadBalancer latency threshold, in seconds Type: Number - Default: 1 + Default: 2 MinValue: 1 ConstraintDescription: Must be atleast one @@ -178,15 +178,22 @@ Parameters: MaxValue: 30720 ConstraintDescription: "Value must be between 512 and 30720 - see: https://aws.amazon.com/fargate/pricing/" - DefaultServiceCpuScaleUpThreshold: + # Scaling params + DefaultServiceScaleEvaluationPeriods: + Description: The number of periods over which data is compared to the specified threshold + Type: Number + Default: 2 + MinValue: 2 + + DefaultServiceCpuScaleOutThreshold: Type: Number - Description: Average CPU % value to trigger auto scaling up + Description: Average CPU % value to trigger auto scaling out Default: 50 MinValue: 0 MaxValue: 100 ConstraintDescription: Value must be between 0 and 100 - DefaultServiceCpuScaleDownThreshold: + DefaultServiceCpuScaleInThreshold: Type: Number Description: Average CPU % value to trigger auto scaling down Default: 25 @@ -203,7 +210,7 @@ Parameters: DefaultTaskMaxContainerCount: Type: Number - Description: Maximum number of containers to run for the service when auto scaling up + Description: Maximum number of containers to run for the service when auto scaling out Default: 2 MinValue: 1 ConstraintDescription: Value must be at least one @@ -440,8 +447,9 @@ Metadata: - HealthCheckPath - DefaultContainerCpu - DefaultContainerMemory - - DefaultServiceCpuScaleUpThreshold - - DefaultServiceCpuScaleDownThreshold + - DefaultServiceScaleEvaluationPeriods + - DefaultServiceCpuScaleOutThreshold + - DefaultServiceCpuScaleInThreshold - DefaultTaskMinContainerCount - DefaultTaskMaxContainerCount - ContainerLogRetentionInDays @@ -511,10 +519,12 @@ Metadata: default: CPU DefaultContainerMemory: default: Memory - DefaultServiceCpuScaleUpThreshold: - default: Scale Up CPU - DefaultServiceCpuScaleDownThreshold: - default: Scale Down CPU + DefaultServiceScaleEvaluationPeriods: + default: Scale Periods + DefaultServiceCpuScaleOutThreshold: + default: Scale Out CPU + DefaultServiceCpuScaleInThreshold: + default: Scale In CPU DefaultTaskMinContainerCount: default: Min Containers DefaultTaskMaxContainerCount: @@ -674,8 +684,9 @@ Resources: SeedDockerImage: !Ref SeedDockerImage DefaultContainerCpu: !Ref DefaultContainerCpu DefaultContainerMemory: !Ref DefaultContainerMemory - DefaultServiceCpuScaleUpThreshold: !Ref DefaultServiceCpuScaleUpThreshold - DefaultServiceCpuScaleDownThreshold: !Ref DefaultServiceCpuScaleDownThreshold + DefaultServiceScaleEvaluationPeriods: !Ref DefaultServiceScaleEvaluationPeriods + DefaultServiceCpuScaleOutThreshold: !Ref DefaultServiceCpuScaleOutThreshold + DefaultServiceCpuScaleInThreshold: !Ref DefaultServiceCpuScaleInThreshold DefaultTaskMinContainerCount: !Ref DefaultTaskMinContainerCount DefaultTaskMaxContainerCount: !Ref DefaultTaskMaxContainerCount ContainerLogRetentionInDays: !Ref ContainerLogRetentionInDays diff --git a/vpc-bastion-fargate.cfn.yml b/vpc-bastion-fargate.cfn.yml index 8c9ca2dc..2baac7ec 100644 --- a/vpc-bastion-fargate.cfn.yml +++ b/vpc-bastion-fargate.cfn.yml @@ -9,7 +9,7 @@ Parameters: TemplateBucket: Type: String - Default: awslabs-startup-kit-templates-deploy-v2 + Default: awslabs-startup-kit-templates-deploy-v3 Description: The template bucket for the CloudFormation templates # vpc.cfn.yml parameters @@ -148,17 +148,24 @@ Parameters: MaxValue: 30720 ConstraintDescription: "Value must be between 512 and 30720 - see: https://aws.amazon.com/fargate/pricing/" - DefaultServiceCpuScaleUpThreshold: + # Scaling params + DefaultServiceScaleEvaluationPeriods: + Description: The number of periods over which data is compared to the specified threshold Type: Number - Description: Average CPU % value to trigger auto scaling up + Default: 2 + MinValue: 2 + + DefaultServiceCpuScaleOutThreshold: + Type: Number + Description: Average CPU % value to trigger auto scaling out Default: 50 MinValue: 0 MaxValue: 100 ConstraintDescription: Value must be between 0 and 100 - DefaultServiceCpuScaleDownThreshold: + DefaultServiceCpuScaleInThreshold: Type: Number - Description: Average CPU % value to trigger auto scaling down + Description: Average CPU % value to trigger auto scaling in Default: 25 MinValue: 0 MaxValue: 100 @@ -173,7 +180,7 @@ Parameters: DefaultTaskMaxContainerCount: Type: Number - Description: Maximum number of containers to run for the service when auto scaling up + Description: Maximum number of containers to run for the service when auto scaling out Default: 2 MinValue: 1 ConstraintDescription: Value must be at least one @@ -225,7 +232,7 @@ Parameters: LoadBalancerLatencySeconds: Description: LoadBalancer latency threshold, in seconds Type: Number - Default: 1 + Default: 2 MinValue: 1 ConstraintDescription: Must be at least one @@ -268,8 +275,9 @@ Metadata: - HealthCheckPath - DefaultContainerCpu - DefaultContainerMemory - - DefaultServiceCpuScaleUpThreshold - - DefaultServiceCpuScaleDownThreshold + - DefaultServiceScaleEvaluationPeriods + - DefaultServiceCpuScaleOutThreshold + - DefaultServiceCpuScaleInThreshold - DefaultTaskMinContainerCount - DefaultTaskMaxContainerCount - ContainerLogRetentionInDays @@ -339,9 +347,11 @@ Metadata: default: CPU DefaultContainerMemory: default: Memory - DefaultServiceCpuScaleUpThreshold: + DefaultServiceScaleEvaluationPeriods: + default: Scale Periods + DefaultServiceCpuScaleOutThreshold: default: Scale Up CPU - DefaultServiceCpuScaleDownThreshold: + DefaultServiceCpuScaleInThreshold: default: Scale Down CPU DefaultTaskMinContainerCount: default: Min Containers @@ -419,8 +429,9 @@ Resources: SeedDockerImage: !Ref SeedDockerImage DefaultContainerCpu: !Ref DefaultContainerCpu DefaultContainerMemory: !Ref DefaultContainerMemory - DefaultServiceCpuScaleUpThreshold: !Ref DefaultServiceCpuScaleUpThreshold - DefaultServiceCpuScaleDownThreshold: !Ref DefaultServiceCpuScaleDownThreshold + DefaultServiceScaleEvaluationPeriods: !Ref DefaultServiceScaleEvaluationPeriods + DefaultServiceCpuScaleOutThreshold: !Ref DefaultServiceCpuScaleOutThreshold + DefaultServiceCpuScaleInThreshold: !Ref DefaultServiceCpuScaleInThreshold DefaultTaskMinContainerCount: !Ref DefaultTaskMinContainerCount DefaultTaskMaxContainerCount: !Ref DefaultTaskMaxContainerCount ContainerLogRetentionInDays: !Ref ContainerLogRetentionInDays diff --git a/vpc-bastion.cfn.yml b/vpc-bastion.cfn.yml index bfba0025..de3986da 100644 --- a/vpc-bastion.cfn.yml +++ b/vpc-bastion.cfn.yml @@ -9,7 +9,7 @@ Parameters: TemplateBucket: Type: String - Default: awslabs-startup-kit-templates-deploy-v2 + Default: awslabs-startup-kit-templates-deploy-v3 Description: The template bucket for the CloudFormation templates AvailabilityZone1: diff --git a/vpc.cfn.yml b/vpc.cfn.yml index 12f2f889..bcdcc40b 100644 --- a/vpc.cfn.yml +++ b/vpc.cfn.yml @@ -8,7 +8,7 @@ Parameters: TemplateBucket: Type: String - Default: awslabs-startup-kit-templates-deploy-v2 + Default: awslabs-startup-kit-templates-deploy-v3 Description: The template bucket for the CloudFormation templates AvailabilityZone1: