def __init__(self, scope: core.Construct, id: str, vpc, public_subnet_a, public_subnet_c, public_subnet_d, **kwargs) -> None: super().__init__(scope, id, **kwargs) prefix = "test" # RedisSecurityGroup redis_security_group = ec2.CfnSecurityGroup( self, "RedisSecurityGroup", group_name="stg-test-redis01", group_description="HTTP traffic", vpc_id=vpc.ref, security_group_ingress=[{ "ipProtocol": "tcp", "fromPort": 6379, "toPort": 6379, "cidrIp": "192.168.0.0/16" }], security_group_egress=[{ "ipProtocol": "tcp", "fromPort": 0, "toPort": 65535, "cidrIp": "0.0.0.0/0" }], ) # MyDBSubnetGroup redis_subnet_group = redis.CfnSubnetGroup( self, "RedisSubnetGroup", cache_subnet_group_name="stg-test-redis01", description="stg-test-redis01", subnet_ids=[ public_subnet_a.ref, public_subnet_c.ref, public_subnet_d.ref ]) redis_params = { 'auto_minor_version_upgrade': True, 'engine': 'redis', 'at_rest_encryption_enabled': True, 'automatic_failover_enabled': False, 'engine_version': '4.0.10', 'cache_node_type': 'cache.t3.micro', 'num_cache_clusters': 1, 'replication_group_description': "stg-test-redis01", 'replication_group_id': "stg-test-redis01", 'security_group_ids': [redis_security_group.ref], 'cache_subnet_group_name': redis_subnet_group.ref } self.redis = redis.CfnReplicationGroup(self, 'stg-test-redis01', **redis_params) core.CfnOutput(self, "OutputVpc", value=vpc.ref) core.CfnOutput(self, "OutputRedis", value=self.redis.ref)
def __init__(self, scope: core.Construct, id: str, env, props, **kwargs) -> None: super().__init__(scope, id, **kwargs) vpc = props['vpc'] # create subnetgroup subnet_ids = [] for subnet in vpc.public_subnets: subnet_ids.append(subnet.subnet_id) subnets_group = cache.CfnSubnetGroup(self, f"{id}-subnet-group", subnet_ids=subnet_ids, description=f"{id}-subnet-group", cache_subnet_group_name=f"{id}-subnet-group") # create securitygroup sg_redis = props['sg_redis'] #TEMP without ASG # sg_redis = ec2.SecurityGroup( # self, # id="ecs-sample-redis", # vpc=props['vpc'], # security_group_name="ecs-sample-redis" # ) cache_parameter_group_name="default.redis5.0" redis = cache.CfnReplicationGroup(self, f"{id}-replication-group", replication_group_description=f"{id}-replication group", cache_node_type="cache.t3.micro", cache_parameter_group_name=cache_parameter_group_name, security_group_ids=[sg_redis.security_group_id], cache_subnet_group_name=subnets_group.cache_subnet_group_name, engine="redis", engine_version="5.0.4", # node_group_configuration num_node_groups=1, #shard replicas_per_node_group=1 #one replica ) redis.add_depends_on(subnets_group) self.output_props = props.copy() self.output_props['redis'] = redis
def __init__(self, scope: core.Construct, id: str, vpc, **kwargs) -> None: super().__init__(scope, id, **kwargs) self.sng = _ec.CfnSubnetGroup( self, "ecSubnetGroup", description="redisSubnetGroup", subnet_ids=vpc.select_subnets( subnet_type=_ec2.SubnetType.ISOLATED).subnet_ids, cache_subnet_group_name=f"{core.Aws.STACK_NAME}-ecSng") self.ec = _ec.CfnReplicationGroup( self, "redisCluster", replication_group_description="redisReplicationGroup", engine="redis", engine_version="5.0.6", cache_node_type="cache.t3.micro", automatic_failover_enabled=True, auto_minor_version_upgrade=True, cache_subnet_group_name=self.sng.cache_subnet_group_name, num_node_groups=3, security_group_ids=[vpc.sg.security_group_id])
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None: super().__init__(scope, id, **kwargs) # The code that defines your stack goes here vpc = aws_ec2.Vpc(self, 'RedisVPC', max_azs=2) sg_use_elasticache = aws_ec2.SecurityGroup( self, 'RedisClientSG', vpc=vpc, allow_all_outbound=True, description='security group for redis client', security_group_name='use-default-redis') core.Tags.of(sg_use_elasticache).add('Name', 'use-default-redis') sg_elasticache = aws_ec2.SecurityGroup( self, 'RedisServerSG', vpc=vpc, allow_all_outbound=True, description='security group for redis', security_group_name='default-redis-server') core.Tags.of(sg_elasticache).add('Name', 'redis-server') sg_elasticache.add_ingress_rule(peer=sg_use_elasticache, connection=aws_ec2.Port.tcp(6379), description='use-default-redis') elasticache_subnet_group = aws_elasticache.CfnSubnetGroup( self, 'RedisSubnetGroup', description='subnet group for redis', subnet_ids=vpc.select_subnets( subnet_type=aws_ec2.SubnetType.PRIVATE).subnet_ids, cache_subnet_group_name='default-redis') redis_param_group = aws_elasticache.CfnParameterGroup( self, 'RedisParamGroup', cache_parameter_group_family='redis5.0', description='parameter group for redis5.0', properties={ 'databases': '256', # database: 16 (default) 'tcp-keepalive': '0', #tcp-keepalive: 300 (default) 'maxmemory-policy': 'volatile-ttl' #maxmemory-policy: volatile-lru (default) }) redis_primary_only = aws_elasticache.CfnCacheCluster( self, 'RedisCache', cache_node_type='cache.t3.small', #XXX: NumCacheNodes should be 1 if engine is redis num_cache_nodes=1, engine='redis', engine_version='5.0.5', auto_minor_version_upgrade=False, cluster_name='elasticache-redis', snapshot_retention_limit=3, snapshot_window='17:00-19:00', preferred_maintenance_window='mon:19:00-mon:20:30', #XXX: Elasticache.CfnParameterGroup cannot be initialized with a parameter_group_name # https://github.com/aws-cloudformation/aws-cloudformation-coverage-roadmap/issues/484 # https://github.com/aws/aws-cdk/issues/8180 cache_parameter_group_name=redis_param_group.ref, cache_subnet_group_name=elasticache_subnet_group. cache_subnet_group_name, vpc_security_group_ids=[sg_elasticache.security_group_id], tags=[ core.CfnTag(key='Name', value='redis-primary-only'), core.CfnTag(key='desc', value='primary only redis') ]) #XXX: Subnet group must exist before ElastiCache is created redis_primary_only.add_depends_on(elasticache_subnet_group) redis_with_replicas = aws_elasticache.CfnReplicationGroup( self, 'RedisCacheWithReplicas', cache_node_type='cache.t3.small', engine='redis', engine_version='5.0.5', snapshot_retention_limit=3, snapshot_window='19:00-21:00', preferred_maintenance_window='mon:21:00-mon:22:30', automatic_failover_enabled=True, auto_minor_version_upgrade=False, multi_az_enabled=True, replication_group_description='redis with replicas', replicas_per_node_group=1, cache_parameter_group_name=redis_param_group.ref, cache_subnet_group_name=elasticache_subnet_group. cache_subnet_group_name, security_group_ids=[sg_elasticache.security_group_id], tags=[ core.CfnTag(key='Name', value='redis-with-replicas'), core.CfnTag(key='desc', value='primary-replica redis') ]) redis_with_replicas.add_depends_on(elasticache_subnet_group) redis_cluster_param_group = aws_elasticache.CfnParameterGroup( self, 'RedisClusterParamGroup', cache_parameter_group_family='redis5.0', description='parameter group for redis5.0 cluster', properties={ 'cluster-enabled': 'yes', # Enable cluster mode 'tcp-keepalive': '0', #tcp-keepalive: 300 (default) 'maxmemory-policy': 'volatile-ttl' #maxmemory-policy: volatile-lru (default) }) redis_cluster = aws_elasticache.CfnReplicationGroup( self, 'RedisCluster', cache_node_type='cache.t3.small', engine='redis', engine_version='5.0.5', snapshot_retention_limit=3, snapshot_window='19:00-21:00', preferred_maintenance_window='mon:21:00-mon:22:30', automatic_failover_enabled=True, auto_minor_version_upgrade=False, #XXX: Each Node Group needs to have at least one replica for Multi-AZ enabled Replication Group multi_az_enabled=False, replication_group_description='redis5.0 cluster on', num_node_groups=3, cache_parameter_group_name=redis_cluster_param_group.ref, cache_subnet_group_name=elasticache_subnet_group. cache_subnet_group_name, security_group_ids=[sg_elasticache.security_group_id], tags=[ core.CfnTag(key='Name', value='redis-cluster'), core.CfnTag(key='desc', value='primary-replica redis') ]) redis_cluster.add_depends_on(elasticache_subnet_group)
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None: super().__init__(scope, id, **kwargs) prefix = "test" cidr = "192.168.0.0/16" # def name(s): return "{0}/{1}".format(prefix, s) def name(s): return "{0} {1}".format(prefix, s) # VPC self.vpc = ec2.CfnVPC(self, "vpc", cidr_block=cidr, enable_dns_hostnames=True, enable_dns_support=True, tags=[core.CfnTag(key="Name", value=prefix)]) # InternetGateway igw = ec2.CfnInternetGateway( self, "igw", tags=[core.CfnTag(key="Name", value=prefix)]) igw_attachment = ec2.CfnVPCGatewayAttachment( self, "igw_attachment", vpc_id=self.vpc.ref, internet_gateway_id=igw.ref) dhcpoptions = ec2.CfnDHCPOptions( self, "dhcpoptions", domain_name="ec2.internal " + prefix, domain_name_servers=["AmazonProvidedDNS"], tags=[core.CfnTag(key="Name", value=prefix)]) dhcpoptionsassociation = ec2.CfnVPCDHCPOptionsAssociation( self, "dhcpoptionsassociation", dhcp_options_id=dhcpoptions.ref, vpc_id=self.vpc.ref) # PrivateSubnetA # private_subnet_a = ec2.CfnSubnet( # self, "private_a", # vpc_id=vpc.ref, # cidr_block="192.168.0.0/24", # availability_zone="ap-northeast-1a", # tags=[ # core.CfnTag(key="Name", value=name("private_a")) # ] # ) # PrivateSubnetC # private_subnet_c = ec2.CfnSubnet( # self, "private_c", # vpc_id=vpc.ref, # cidr_block="192.168.1.0/24", # availability_zone="ap-northeast-1c", # tags=[ # core.CfnTag(key="Name", value=name("private_c")) # ] # ) # PublicSubnetA self.public_subnet_a = ec2.CfnSubnet( self, "public_a", vpc_id=self.vpc.ref, cidr_block="192.168.0.0/20", # availability_zone="ap-northeast-1a", availability_zone="us-east-1a", tags=[core.CfnTag(key="Name", value=prefix + " public_a")]) # PublicSubnetC self.public_subnet_c = ec2.CfnSubnet( self, "public_c", vpc_id=self.vpc.ref, cidr_block="192.168.16.0/20", availability_zone="us-east-1c", tags=[core.CfnTag(key="Name", value=prefix + " public_c")]) self.public_subnet_d = ec2.CfnSubnet( self, "public_d", vpc_id=self.vpc.ref, cidr_block="192.168.32.0/20", availability_zone="us-east-1d", tags=[core.CfnTag(key="Name", value=prefix + " public_d")]) # EIP1 (for NATGW) # eip1 = ec2.CfnEIP( # self, "eip1", # domain="vpc", # ) # eip1.add_depends_on(igw_attachment) # EIP2 (for NATGW) # eip2 = ec2.CfnEIP( # self, "eip2", # domain="vpc", # ) # eip2.add_depends_on(igw_attachment) # NatGatewayA # natgw_a = ec2.CfnNatGateway( # self, "natgw_a", # allocation_id=eip1.attr_allocation_id, # subnet_id=self.public_subnet_a.ref, # tags=[ # core.CfnTag(key="Name", value=name("natgw_a")) # ] # ) # NatGatewayC # natgw_c = ec2.CfnNatGateway( # self, "natgw_c", # allocation_id=eip2.attr_allocation_id, # subnet_id=public_subnet_c.ref, # tags=[ # core.CfnTag(key="Name", value=name("natgw_c")) # ] # ) # RouteTable of PrivateSubnetA # rtb_private_a = ec2.CfnRouteTable( # self, "rtb_private_a", # vpc_id=vpc.ref, # tags=[ # core.CfnTag(key="Name", value=name("rtb_private_a")) # ] # ) # ec2.CfnSubnetRouteTableAssociation( # self, "rtb_private_a_association", # route_table_id=rtb_private_a.ref, # subnet_id=private_subnet_a.ref # ) # ec2.CfnRoute( # self, "route_private_a", # route_table_id=rtb_private_a.ref, # destination_cidr_block="0.0.0.0/0", # nat_gateway_id=natgw_a.ref # ) # RouteTable of PrivateSubnetC # rtb_private_c = ec2.CfnRouteTable( # self, "rtb_private_c", # vpc_id=vpc.ref, # tags=[ # core.CfnTag(key="Name", value=name("rtb_private_c")) # ] # ) # ec2.CfnSubnetRouteTableAssociation( # self, "rtb_private_c_association", # route_table_id=rtb_private_c.ref, # subnet_id=private_subnet_c.ref # ) # ec2.CfnRoute( # self, "route_private_c", # route_table_id=rtb_private_c.ref, # destination_cidr_block="0.0.0.0/0", # nat_gateway_id=natgw_c.ref # ) # RouteTable of PublicSubnetA self.rtb_public_a = ec2.CfnRouteTable( self, "rtb_public_a", vpc_id=self.vpc.ref, tags=[core.CfnTag(key="Name", value=prefix + "rtb_public_a")]) ec2.CfnSubnetRouteTableAssociation( self, "rtb_public_a_association", route_table_id=self.rtb_public_a.ref, subnet_id=self.public_subnet_a.ref) ec2.CfnSubnetRouteTableAssociation( self, "rtb_public_c_association", route_table_id=self.rtb_public_a.ref, subnet_id=self.public_subnet_c.ref) ec2.CfnSubnetRouteTableAssociation( self, "rtb_public_d_association", route_table_id=self.rtb_public_a.ref, subnet_id=self.public_subnet_d.ref) ec2.CfnRoute(self, "route_public_a", route_table_id=self.rtb_public_a.ref, destination_cidr_block="0.0.0.0/0", gateway_id=igw.ref) # RouteTable of PublicSubnetC # rtb_public_c = ec2.CfnRouteTable( # self, "rtb_public_c", # vpc_id=vpc.ref, # tags=[ # core.CfnTag(key="Name", value=name("rtb_public_c")) # ] # ) # ec2.CfnSubnetRouteTableAssociation( # self, "rtb_public_c_association", # route_table_id=rtb_public_c.ref, # subnet_id=public_subnet_c.ref # ) # ec2.CfnRoute( # self, "route_public_c", # route_table_id=rtb_public_c.ref, # destination_cidr_block="0.0.0.0/0", # gateway_id=igw.ref # ) # ami_id = ec2.AmazonLinuxImage(generation = ec2.AmazonLinuxGeneration.AMAZON_LINUX_2).get_image(self).image_id # security_group = ec2.SecurityGroup( # self, # id='test', # vpc=self.vpc, # security_group_name='test-security-group' # ) # security_group.add_ingress_rule( # peer=ec2.Peer.ipv4(cidr), # connection=ec2.Port.tcp(22), # ) # red_web_inst = ec2.CfnInstance(self, # "testInstance01", # image_id = ami_id, # instance_type = "t3a.micro", # monitoring = False, # key_name = "stg-intrinio-www01", # security_group_ids=[security_group.security_group_id], # block_device_mappings = [{ # "deviceName": "/dev/xvda", # "ebs": { # "volumeSize": 10, # "volumeType": "io1", # "iops": 150, # "deleteOnTermination": True # } # } # ], # tags = [ # { "key": "Name", "value": prefix } # ], # network_interfaces = [{ # "deviceIndex": "0", # "associatePublicIpAddress": True, # "subnetId": self.public_subnet_a.ref, # # "groupSet": [web_sg.security_group_id] # }], #https: //github.com/aws/aws-cdk/issues/3419 # ) # RedisSecurityGroup redis_security_group = ec2.CfnSecurityGroup( self, "RedisSecurityGroup", group_name="stg-test-redis01", group_description="HTTP traffic", vpc_id=self.vpc.ref, security_group_ingress=[{ "ipProtocol": "tcp", "fromPort": 6379, "toPort": 6379, "cidrIp": "192.168.0.0/16" }], security_group_egress=[{ "ipProtocol": "tcp", "fromPort": 0, "toPort": 65535, "cidrIp": "0.0.0.0/0" }], ) # MyDBSubnetGroup redis_subnet_group = redis.CfnSubnetGroup( self, "RedisSubnetGroup", cache_subnet_group_name="stg-test-redis01", description="stg-test-redis01", subnet_ids=[ self.public_subnet_a.ref, self.public_subnet_c.ref, self.public_subnet_d.ref ]) redis_params = { 'auto_minor_version_upgrade': True, 'engine': 'redis', 'at_rest_encryption_enabled': True, 'automatic_failover_enabled': False, 'engine_version': '4.0.10', 'cache_node_type': 'cache.t3.micro', 'num_cache_clusters': 1, 'replication_group_description': "stg-test-redis01", 'security_group_ids': [redis_security_group.ref], 'cache_subnet_group_name': redis_subnet_group.ref } self.redis = redis.CfnReplicationGroup(self, 'staff-redis', **redis_params) core.CfnOutput(self, "OutputVpc", value=self.vpc.ref) core.CfnOutput(self, "OutputRedis", value=self.redis.ref)
def create_redis(stack, vpc, is_group=False): print(vpc.private_subnets) subnetGroup = ec.CfnSubnetGroup( stack, "RedisClusterPrivateSubnetGroup-test", cache_subnet_group_name="recommendations-redis-subnet-group-test", description="Redis subnet for recommendations", subnet_ids=[subnet.subnet_id for subnet in vpc.private_subnets] ) redis_security_group = ec2.SecurityGroup( stack, "redis-security-group-test", vpc=vpc ) redis_connections = ec2.Connections( security_groups=[redis_security_group], default_port=ec2.Port.tcp(6379) ) redis_connections.allow_from_any_ipv4(port_range=ec2.Port.tcp(6379)) if is_group: #group redis = ec.CfnReplicationGroup( stack, "RecommendationsRedisCacheCluster", engine="redis", cache_node_type="cache.t2.small", replicas_per_node_group=1, num_node_groups=3, replication_group_description="redis-gw-test", automatic_failover_enabled=True, security_group_ids=[redis_security_group.security_group_id], cache_subnet_group_name=subnetGroup.cache_subnet_group_name ) else: # one node redis = ec.CfnCacheCluster( stack, "RecommendationsRedisCacheCluster", engine="redis", cache_node_type="cache.t2.small", num_cache_nodes=1, cluster_name="redis-gw-test", vpc_security_group_ids=[redis_security_group.security_group_id], cache_subnet_group_name=subnetGroup.cache_subnet_group_name ) # no python sample, this is nodejs sample for group mode ''' const redisReplication = new CfnReplicationGroup( this, `RedisReplicaGroup`, { engine: "redis", cacheNodeType: "cache.m5.xlarge", replicasPerNodeGroup: 1, numNodeGroups: 3, automaticFailoverEnabled: true, autoMinorVersionUpgrade: true, replicationGroupDescription: "cluster redis di produzione", cacheSubnetGroupName: redisSubnetGroup.cacheSubnetGroupName } ); ''' redis.add_depends_on(subnetGroup) if is_group: return redis.attr_primary_end_point_address,redis.attr_primary_end_point_port else: return redis.attr_redis_endpoint_address, redis.attr_redis_endpoint_port