def launch_auto_spotting_cf(self):
"""Launch Auto Spotting Cloud formation"""
return cf.CfnStack(self, "AutoSpotting",
template_url=variables.AUTO_SPOTTING_TEMPLATE_URL,
parameters={
"AllowedInstanceTypes": variables.AUTO_SPOTTING_ALLOW_INSTANCE_TYPES,
"Regions": variables.AUTO_SPOTTING_ALLOW_REGIONS,
"SpotPricePercentageBuffer": variables.AUTO_SPOTTING_PRICE_BUFFER,
"License": variables.AUTO_SPOTTING_LICENSE
})
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None:
super().__init__(scope, id, **kwargs)
eks_vpc = ec2.Vpc(self, "VPC", cidr="10.0.0.0/16")
self.node.apply_aspect(
core.Tag("kubernetes.io/cluster/cluster", "shared"))
eks_vpc.private_subnets[0].node.apply_aspect(
core.Tag("kubernetes.io/role/internal-elb", "1"))
eks_vpc.private_subnets[1].node.apply_aspect(
core.Tag("kubernetes.io/role/internal-elb", "1"))
eks_vpc.public_subnets[0].node.apply_aspect(
core.Tag("kubernetes.io/role/elb", "1"))
eks_vpc.public_subnets[1].node.apply_aspect(
core.Tag("kubernetes.io/role/elb", "1"))
# Create IAM Role For CodeBuild and Cloud9
codebuild_role = iam.Role(
self,
"BuildRole",
assumed_by=iam.CompositePrincipal(
iam.ServicePrincipal("codebuild.amazonaws.com"),
iam.ServicePrincipal("ec2.amazonaws.com")),
managed_policies=[
iam.ManagedPolicy.from_aws_managed_policy_name(
"AdministratorAccess")
])
instance_profile = iam.CfnInstanceProfile(
self, "InstanceProfile", roles=[codebuild_role.role_name])
# Create CodeBuild PipelineProject
build_project = codebuild.PipelineProject(
self,
"BuildProject",
role=codebuild_role,
build_spec=codebuild.BuildSpec.from_source_filename(
"buildspec.yml"))
# Create CodePipeline
pipeline = codepipeline.Pipeline(
self,
"Pipeline",
)
# Create Artifact
artifact = codepipeline.Artifact()
# S3 Source Bucket
source_bucket = s3.Bucket.from_bucket_attributes(
self,
"SourceBucket",
bucket_arn=core.Fn.join(
"",
["arn:aws:s3:::ee-assets-prod-",
core.Fn.ref("AWS::Region")]))
# Add Source Stage
pipeline.add_stage(
stage_name="Source",
actions=[
codepipeline_actions.S3SourceAction(
action_name="S3SourceRepo",
bucket=source_bucket,
bucket_key=
"modules/2cae1f20008d4fc5aaef294602649b98/v9/source.zip",
output=artifact,
trigger=codepipeline_actions.S3Trigger.NONE)
])
# Add CodeBuild Stage
pipeline.add_stage(
stage_name="Deploy",
actions=[
codepipeline_actions.CodeBuildAction(
action_name="CodeBuildProject",
project=build_project,
type=codepipeline_actions.CodeBuildActionType.BUILD,
input=artifact,
environment_variables={
'PublicSubnet1ID':
codebuild.BuildEnvironmentVariable(
value=eks_vpc.public_subnets[0].subnet_id),
'PublicSubnet2ID':
codebuild.BuildEnvironmentVariable(
value=eks_vpc.public_subnets[1].subnet_id),
'PrivateSubnet1ID':
codebuild.BuildEnvironmentVariable(
value=eks_vpc.private_subnets[0].subnet_id),
'PrivateSubnet2ID':
codebuild.BuildEnvironmentVariable(
value=eks_vpc.private_subnets[1].subnet_id),
'AWS_DEFAULT_REGION':
codebuild.BuildEnvironmentVariable(value=self.region),
'INSTANCEPROFILEID':
codebuild.BuildEnvironmentVariable(
value=instance_profile.ref),
'AWS_ACCOUNT_ID':
codebuild.BuildEnvironmentVariable(value=self.account)
})
])
cloud9_stack = cloudformation.CfnStack(
self,
"Cloud9Stack",
# template_url="https://aws-quickstart.s3.amazonaws.com/quickstart-cloud9-ide/templates/cloud9-ide-instance.yaml",
template_url=
"https://ee-assets-prod-us-east-1.s3.amazonaws.com/modules/2cae1f20008d4fc5aaef294602649b98/v9/cloud9-ide-instance.yaml",
parameters={
"C9InstanceType": "m5.large",
"C9Subnet": eks_vpc.public_subnets[0].subnet_id
})
pipeline.node.add_dependency(eks_vpc)
pipeline.node.add_dependency(cloud9_stack)
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None:
super().__init__(scope, id, **kwargs)
# Set Parameters
SourceBucket = core.CfnParameter(
self,
"SourceBucket",
description="Source Bucket with nested cloudformation template.",
default="SourceBucket")
password = core.CfnParameter(
self,
"Password",
no_echo=True,
description="New account password",
min_length=1,
max_length=41,
constraint_description=
"the password must be between 1 and 41 characters",
default="Password")
db_password_parameters = core.CfnParameter(
self,
"DBPassword",
no_echo=True,
description="New account and RDS password",
min_length=1,
max_length=41,
constraint_description=
"the password must be between 1 and 41 characters",
default="DBPassword")
AppDomain = core.CfnParameter(
self,
"AppDomain",
description="Unique subdomain for cognito app.",
allowed_pattern="^[a-z0-9](?:[a-z0-9\-]{0,61}[a-z0-9])?$",
constraint_description=
"Domain names can only contain lower-case letters, numbers, and hyphens.",
default="appdomain")
# S3 Bucket
source_bucket = "sourcebucketname%s" % (core.Aws.ACCOUNT_ID)
# s3_bucket = s3.Bucket(
# self, "SourceBucket",
# bucket_name = source_bucket,
# removal_policy = core.RemovalPolicy.DESTROY
# )
# VPCStack
vpc_stack = cloudformation.CfnStack(
self,
"VPCStack",
template_url='https://%s.s3.amazonaws.com/VpcStack.template.json' %
(source_bucket),
timeout_in_minutes=5)
# IAMStack
iam_stack = cloudformation.CfnStack(
self,
"IAMStack",
template_url='https://%s.s3.amazonaws.com/IAMStack.template.json' %
(source_bucket),
timeout_in_minutes=5)
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None:
super().__init__(scope, id, **kwargs)
ami_id = os.environ.get('EKS_AMI_ID', 'ami-00a2e2e342bef0e5e')
k8s_version = os.environ.get('EKS_K8S_VERSION', '1.16')
name_id = f'eks-cdk-cluster-{k8s_version}'.replace('.', '-')
capacity = os.environ.get('EKS_CAPACITY', '10')
# template_url = os.environ.get('EKS_VPC_TEMPLATE', 'https://amazon-eks.s3.us-west-2.amazonaws.com/cloudformation/2020-05-08/amazon-eks-vpc-private-subnets.yaml')
nodegroup_template_url = os.environ.get('EKS_NODEGROUP_TEMPLATE', 'https://amazon-eks.s3.us-west-2.amazonaws.com/cloudformation/2020-05-08/amazon-eks-nodegroup.yaml')
ssh_key = os.environ.get('AWS_SSH_KEY', 'personal-us-west-2')
# The code that defines your stack goes here
'''
# Role
role = iam.Role(self, name_id,
assumed_by='eks.amazonaws.com'
external_id=name_id+'-eks-role',
)
'''
cluster_k8s_version = eks.KubernetesVersion.V1_16
if k8s_version == "1.15":
cluster_k8s_version = eks.KubernetesVersion.V1_15
elif k8s_version == "1.14":
cluster_k8s_version = eks.KubernetesVersion.V1_14
# Role
eks_role = iam.Role(self, name_id+'-role',
assumed_by=iam.ServicePrincipal('eks.amazonaws.com'),
role_name="EksRole")
eks_role.add_managed_policy(iam.ManagedPolicy.from_aws_managed_policy_name('AmazonEKSClusterPolicy'))
eks_role.add_managed_policy(iam.ManagedPolicy.from_aws_managed_policy_name('AmazonEKSServicePolicy'))
# Cluster
cluster = eks.Cluster(self, name_id,
default_capacity=0,
cluster_name=name_id+'-cluster',
masters_role=iam.AccountRootPrincipal(),
role=eks_role,
version=cluster_k8s_version,
vpc_subnets=[ec2.SubnetType.PUBLIC,]
)
# Node Group w/ ubuntu ami
cfn.CfnStack(self, name_id+'-nodes',
template_url=nodegroup_template_url,
parameters={
'ClusterName': cluster.cluster_name,
'ClusterControlPlaneSecurityGroup': cluster.connections.security_groups[0].security_group_id,
'NodeGroupName': name_id+'-nodegroup',
'NodeAutoScalingGroupMinSize': capacity,
'NodeAutoScalingGroupDesiredCapacity': capacity,
'NodeAutoScalingGroupMaxSize': capacity,
'NodeInstanceType': 'm5.large',
'NodeImageId': ami_id,
'KeyName': ssh_key,
'VpcId': cluster.vpc.vpc_id,
'Subnets': ','.join([x.subnet_id for x in cluster.vpc.public_subnets]),
},
)
'''