def create_service(self): t = self.template self.service = t.add_resource( ecs.Service("Service", **self.generate_service_kwargs())) self.add_output("ServiceArn", self.service.Ref()) self.add_output("ServiceName", self.service.GetAtt("Name"))
def test_allow_placement_strategy_constraint(self): task_definition = ecs.TaskDefinition( "mytaskdef", ContainerDefinitions=[ ecs.ContainerDefinition( Image="myimage", Memory="300", Name="mycontainer", ) ], Volumes=[ ecs.Volume(Name="my-vol"), ], ) ecs_service = ecs.Service( 'Service', Cluster='cluster', DesiredCount=2, PlacementStrategies=[ ecs.PlacementStrategy( Type="random", ) ], PlacementConstraints=[ ecs.PlacementConstraint( Type="distinctInstance", ) ], TaskDefinition=Ref(task_definition), ) ecs_service.to_dict()
def create_ecs_service(self): t = self.template t.add_resource( ecs.Service( 'FargateService', DependsOn=self.listener.title, Cluster=self.vars['ClusterName'], DesiredCount=self.vars['DesiredCount'], TaskDefinition=Ref(self.task_definition), LaunchType='FARGATE', NetworkConfiguration=ecs.NetworkConfiguration( AwsvpcConfiguration=ecs.AwsvpcConfiguration( Subnets=[ s.strip() for s in self.vars['Subnets'].split(',') ], SecurityGroups=[self.vars['SecurityGroup']], )), LoadBalancers=[ ecs.LoadBalancer( ContainerName=self.vars['ContainerName'], ContainerPort=self.vars['ContainerPort'], TargetGroupArn=Ref(self.target_group), ), ], )) return
def create_service(self): t = self.template self.service = t.add_resource( ecs.Service( "Service", Cluster=self.cluster, DesiredCount=self.count, LaunchType="FARGATE", NetworkConfiguration=ecs.NetworkConfiguration( AwsvpcConfiguration=ecs.AwsvpcConfiguration( SecurityGroups=[self.security_group], Subnets=self.subnets, ) ), ServiceName=self.service_name, TaskDefinition=self.task_definition.Ref(), ) ) t.add_output( Output( "ServiceArn", Value=self.service.Ref() ) ) t.add_output( Output( "ServiceName", Value=self.service.GetAtt("Name") ) )
def test_fargate_launch_type(self): task_definition = ecs.TaskDefinition( "mytaskdef", ContainerDefinitions=[ ecs.ContainerDefinition( Image="myimage", Memory="300", Name="mycontainer", ) ], Volumes=[ ecs.Volume(Name="my-vol"), ], ) ecs_service = ecs.Service( 'Service', Cluster='cluster', DesiredCount=2, PlacementStrategies=[ecs.PlacementStrategy(Type="random", )], LaunchType='FARGATE', NetworkConfiguration=ecs.NetworkConfiguration( AwsVpcConfiguration=ecs.AwsVpcConfiguration( AssignPublicIp='DISABLED', SecurityGroups=['sg-1234'], Subnets=['subnet-1234'])), PlacementConstraints=[ ecs.PlacementConstraint(Type="distinctInstance", ) ], TaskDefinition=Ref(task_definition), ) ecs_service.to_dict()
def create_service(self, t, task_definition): return t.add_resource(ecs.Service( self.resource_name_format % ('Service'), Cluster=ImportValue(Sub(self.imports_format % ('ECSCluster'))), DesiredCount=self.desired_count, DeploymentConfiguration=self.deployment_configuration, Role=Sub('arn:aws:iam::${AWS::AccountId}:role/ecsServiceRole'), TaskDefinition=Ref(task_definition), DependsOn=[] ))
def create_scheduler_service_resource(template, ecs_cluster_resource, scheduler_task_definition_resource, scheduler_task_count_parameter): return template.add_resource( ecs.Service('SchedulerService', ServiceName='scheduler', Cluster=Ref(ecs_cluster_resource), TaskDefinition=Ref(scheduler_task_definition_resource), DeploymentConfiguration=ecs.DeploymentConfiguration( MinimumHealthyPercent=0, MaximumPercent=100), DesiredCount=Ref(scheduler_task_count_parameter), LaunchType='EC2'))
def create_service(self): t = self.template self.service = t.add_resource( ecs.Service( "Service", Cluster=self.cluster, DesiredCount=self.count, LaunchType="EC2", ServiceName=self.service_name, TaskDefinition=self.task_definition.Ref(), ) ) self.add_output("ServiceArn", self.service.Ref()) self.add_output("ServiceName", self.service.GetAtt("Name"))
def add_service(self, **kwargs): port = kwargs['Port'] or None if port: ecs_service = ecs.Service( kwargs['Name'] + 'service', Cluster=Ref(kwargs['Cluster']), TaskDefinition=Ref(kwargs['Task']), Role=Ref(kwargs['Role']), DesiredCount=1, LoadBalancers=[ ecs.LoadBalancer(ContainerName=kwargs['Name'], ContainerPort=port, LoadBalancerName=Ref(kwargs['ELB'])) ]) self.add_elb_dns_alias(kwargs['ELB'], kwargs['Name'], kwargs['Zone']) return (self.add_resource(ecs_service)) else: ecs_service = ecs.Service(kwargs['Name'] + 'service', Cluster=Ref(kwargs['Cluster']), TaskDefinition=Ref(kwargs['Task']), DesiredCount=1) return (self.add_resource(ecs_service))
def add_ecs(self, name, image, cpu, memory, container_port, alb_port, envvars, cidr, hosted_zone): """ Helper method creates ingress given a source cidr range and a set of ports @param name [string] Name of the service @param image [string] Docker image name @param memory [int] Sets the memory size of the service @param envvars [list] List of envvars @param cidr [string] Range of addresses for this vpc @param hosted_zone [string] Name of the hosted zone the elb will be mapped to """ print "Creating ECS" self.internal_security_group = self.add_sg_with_cidr_port_list( "ASGSG", "Security Group for ECS", 'vpcId', cidr, [{ "80": "80" }]) self.public_lb_security_group = self.add_sg_with_cidr_port_list( "ELBSG", "Security Group for accessing ECS publicly", 'vpcId', '0.0.0.0/0', [{ "443": "443" }]) container_def = ecs.ContainerDefinition( name + 'containerdef', Name=name, Image=image, Cpu=cpu, Memory=memory, PortMappings=[ecs.PortMapping(ContainerPort=container_port)]) task_def = self.add_resource( ecs.TaskDefinition(name + 'taskdef', Cpu=cpu, Memory=memory, RequiresCompatibilities=['FARGATE'], NetworkMode='awsvpc', ContainerDefinitions=[container_def])) self.add_resource( ecs.Service(name + 'service', Cluster=Ref(cluster), LaunchType='FARGATE', TaskDefinition=Ref(task_def), DesiredCount=1))
def create_service(self): t = self.template grace_period = self.health_check_grace_period_seconds self.service = t.add_resource( ecs.Service( "Service", Cluster=self.cluster, DeploymentConfiguration=self.deployment_configuration, DesiredCount=self.count, HealthCheckGracePeriodSeconds=grace_period, LaunchType=self.launch_type, LoadBalancers=self.generate_load_balancers(), NetworkConfiguration=self.network_configuration, PlacementConstraints=self.placement_constraints, TaskDefinition=self.task_definition.Ref(), )) self.add_output("ServiceArn", self.service.Ref()) self.add_output("ServiceName", self.service.GetAtt("Name"))
def ECS_Service(key): # Resources R_SG = SecurityGroupEcsService("SecurityGroupEcsService") if "External" in cfg.LoadBalancer: SGRule = SecurityGroupRuleEcsService(scheme="External") R_SG.SecurityGroupIngress.append(SGRule) if "Internal" in cfg.LoadBalancer: SGRule = SecurityGroupRuleEcsService(scheme="Internal") R_SG.SecurityGroupIngress.append(SGRule) add_obj(R_SG) for n, v in getattr(cfg, key).items(): if not v["IBOX_ENABLED"]: continue mapname = f"{key}{n}" # delete not used LoadBalancers configuration, so that auto_get_props # do not find it for m in ["External", "Internal"]: if m not in cfg.LoadBalancer: del v["LoadBalancers"][m] if not v["LoadBalancers"]: # delete if empty to maintain compatibility with previous conf del v["LoadBalancers"] r_Service = ecs.Service(mapname) auto_get_props(r_Service) if cfg.LoadBalancer: r_Service.Role = If("NetworkModeAwsVpc", Ref("AWS::NoValue"), get_expvalue("RoleECSService")) # When creating a service that specifies multiple target groups, # the Amazon ECS service-linked role must be created. # The role is created by omitting the Role property # in AWS CloudFormation if all(k in cfg.LoadBalancer for k in ["External", "Internal"]): r_Service.Role = Ref("AWS::NoValue") add_obj(r_Service)
def test_allow_string_cluster(self): task_definition = ecs.TaskDefinition( "mytaskdef", ContainerDefinitions=[ ecs.ContainerDefinition( Image="myimage", Memory="300", Name="mycontainer", ) ], Volumes=[ ecs.Volume(Name="my-vol"), ], ) ecs_service = ecs.Service( 'Service', Cluster='cluster', DesiredCount=2, TaskDefinition=Ref(task_definition), ) ecs_service.JSONrepr()
def test_allow_scheduling_strategy(self): task_definition = ecs.TaskDefinition( "mytaskdef", ContainerDefinitions=[ ecs.ContainerDefinition( Image="myimage", Memory="300", Name="mycontainer", ) ], Volumes=[ ecs.Volume(Name="my-vol"), ], ) ecs_service = ecs.Service( 'Service', Cluster='cluster', DesiredCount=2, TaskDefinition=Ref(task_definition), SchedulingStrategy=ecs.SCHEDULING_STRATEGY_DAEMON) ecs_service.to_dict()
def gen_service(self): load_balancer = ecs.LoadBalancer( ContainerName=self.service_name, ContainerPort=80, TargetGroupArn=Ref(self.target_group), ) # We put this service in public subnets because for demo purposes, # we only created public subnets. In a real application, you would # almost certainly put this in a private subnet. network_configuration = ecs.NetworkConfiguration( AwsvpcConfiguration=ecs.AwsvpcConfiguration( AssignPublicIp="ENABLED", Subnets=[ self.import_value("vpc", "PublicSubnet0"), self.import_value("vpc", "PublicSubnet1"), ], SecurityGroups=[ self.import_value("load-balancer", "WebAppMembershipSecurityGroup"), self.import_value("load-balancer", "WebAppSecurityGroup"), ], )) self.service = ecs.Service( "Service", ServiceName=self.service_name, Cluster=Ref(self.cluster), DeploymentConfiguration=ecs.DeploymentConfiguration( MinimumHealthyPercent=100, MaximumPercent=200), DesiredCount=1, LaunchType="FARGATE", LoadBalancers=[load_balancer], NetworkConfiguration=network_configuration, SchedulingStrategy="REPLICA", TaskDefinition=Ref(self.task_definition), ) self.template.add_resource(self.service)
def create_api_service_resource(template, ecs_cluster_resource, api_task_definition_resource, api_task_count_parameter, api_tarcreate_group_resource, ecs_service_role_resource, load_balancer_listener_resource): return template.add_resource( ecs.Service( 'ApiService', ServiceName='api', Cluster=Ref(ecs_cluster_resource), TaskDefinition=Ref(api_task_definition_resource), DeploymentConfiguration=ecs.DeploymentConfiguration( MinimumHealthyPercent=100, MaximumPercent=200 ), DesiredCount=Ref(api_task_count_parameter), LaunchType='EC2', LoadBalancers=[ecs.LoadBalancer( ContainerName='api', ContainerPort=80, TargetGroupArn=Ref(api_tarcreate_group_resource) )], Role=Ref(ecs_service_role_resource), DependsOn=[load_balancer_listener_resource] ) )
def test_allow_ref_cluster(self): task_definition = ecs.TaskDefinition( "mytaskdef", ContainerDefinitions=[ ecs.ContainerDefinition( Image="myimage", Memory="300", Name="mycontainer", ) ], Volumes=[ ecs.Volume(Name="my-vol"), ], ) cluster = ecs.Cluster("mycluster") ecs_service = ecs.Service( 'Service', Cluster=Ref(cluster), DesiredCount=2, TaskDefinition=Ref(task_definition), ) ecs_service.to_dict()
- Spread to several AZs for HA - Binpack to minimize number of required hosts per AZ """ service = t.add_resource( ecs.Service( "Service", Cluster=ImportValue(Sub("${EcsStack}-Cluster")), DependsOn=service_role, DesiredCount=Ref(autoscaling_min), LoadBalancers=[ ecs.LoadBalancer(ContainerName=Ref(container_name), ContainerPort=Ref(container_port), TargetGroupArn=Ref(target_group)), ], PlacementStrategies=[ ecs.PlacementStrategy(Type="spread", Field="attribute:ecs.availability-zone"), ecs.PlacementStrategy(Type="binpack", Field="memory"), ], Role=Ref(service_role), TaskDefinition=Ref(task_definition), DeploymentConfiguration=ecs.DeploymentConfiguration( MaximumPercent="100", MinimumHealthyPercent="50"), PlacementConstraints=[ ecs.PlacementConstraint(Type="distinctInstance") ], )) """ Make the service a ScalableTarget """ # scalable_target = t.add_resource(applicationautoscaling.ScalableTarget(
def main(): template = Template() template.add_resource( ecs.Cluster("ECSCluster", ClusterName="WorldCheckCluster")) template.add_resource( iam.Role("ECSTaskRole", AssumeRolePolicyDocument={ "Version": "2012-10-17", "Statement": [{ "Effect": "Allow", "Principal": { "Service": ["ecs-tasks.amazonaws.com"] }, "Action": ["sts:AssumeRole"] }] })) template.add_resource( iam.Role( "ECSServiceSchedulerRole", AssumeRolePolicyDocument={ "Version": "2012-10-17", "Statement": [{ "Effect": "Allow", "Principal": { "Service": ["ecs.amazonaws.com"] }, "Action": ["sts:AssumeRole"] }] }, Policies=[ iam.Policy(PolicyDocument={ "Version": "2012-10-17", "Statement": [{ "Effect": "Allow", "Action": [ "ec2:Describe*", "elasticloadbalancing:DeregisterInstancesFromLoadBalancer", "elasticloadbalancing:DeregisterTargets", "elasticloadbalancing:Describe*", "elasticloadbalancing:RegisterInstancesWithLoadBalancer", "elasticloadbalancing:RegisterTargets" ], "Resource": "*" }] }, PolicyName="ecs-service") ])) template.add_resource( iam.Role("EC2InstanceRole", AssumeRolePolicyDocument={ "Version": "2012-10-17", "Statement": [{ "Effect": "Allow", "Principal": { "Service": ["ec2.amazonaws.com"] }, "Action": ["sts:AssumeRole"] }] }, Policies=[ iam.Policy(PolicyDocument={ "Version": "2012-10-17", "Statement": [{ "Effect": "Allow", "Action": [ "ecs:CreateCluster", "ecs:DeregisterContainerInstance", "ecs:DiscoverPollEndpoint", "ecs:Poll", "ecs:RegisterContainerInstance", "ecs:StartTelemetrySession", "ecr:GetAuthorizationToken", "ecr:BatchGetImage", "ecr:GetDownloadUrlForLayer", "ecs:Submit*", "logs:CreateLogStream", "logs:PutLogEvents", "ec2:DescribeTags", "cloudwatch:PutMetricData" ], "Resource": "*" }] }, PolicyName="ecs-service") ])) template.add_resource( iam.InstanceProfile("EC2InstanceProfile", Roles=[Ref("EC2InstanceRole")])) with open("user-data.sh", "r") as f: user_data_content = f.readlines() template.add_resource( ec2.Instance( "EC2Instance", ImageId="ami-13f7226a", InstanceType="t2.micro", SecurityGroups=["default"], UserData=Base64(Join('', [Sub(x) for x in user_data_content])), IamInstanceProfile=Ref("EC2InstanceProfile"), )) template.add_resource( ecs.TaskDefinition( "ECSTaskDefinition", TaskRoleArn=Ref("ECSTaskRole"), ContainerDefinitions=[ ecs.ContainerDefinition( Name="SimpleServer", Memory="128", Image="abbas123456/simple-server:latest", PortMappings=[ecs.PortMapping(ContainerPort=8000)], ) ])) template.add_resource( elb.TargetGroup( "ECSTargetGroup", VpcId="vpc-925497f6", Port=8000, Protocol="HTTP", )) template.add_resource( elb.LoadBalancer( "LoadBalancer", Subnets=["subnet-a321c8fb", "subnet-68fa271e", "subnet-689d350c"], SecurityGroups=["sg-0202bd65"])) template.add_resource( elb.Listener( "LoadBalancerListener", DefaultActions=[ elb.Action(Type="forward", TargetGroupArn=Ref("ECSTargetGroup")) ], LoadBalancerArn=Ref("LoadBalancer"), Port=80, Protocol="HTTP", )) template.add_resource( ecs.Service("ECSService", Cluster=Ref("ECSCluster"), DesiredCount=1, LoadBalancers=[ ecs.LoadBalancer(ContainerPort=8000, ContainerName="SimpleServer", TargetGroupArn=Ref("ECSTargetGroup")) ], Role=Ref("ECSServiceSchedulerRole"), TaskDefinition=Ref("ECSTaskDefinition"), DependsOn="LoadBalancerListener")) return template.to_json()
])) ECSService = template.add_resource( ecs.Service( 'ECSService', ServiceName='ws-currency-exchange-service-h2-appmesh', Cluster=GetAtt(ECSCluster, 'Arn'), ServiceRegistries=[ ecs.ServiceRegistry( RegistryArn= 'arn:aws:servicediscovery:us-east-2:445114057331:service/srv-yv4x7pmjmrx6kehz' ) ], DesiredCount=1, LaunchType='FARGATE', PlatformVersion='LATEST', TaskDefinition= 'arn:aws:ecs:us-east-2:445114057331:task-definition/aws-currency-exchange-service-h2-xray:3', DeploymentConfiguration=ecs.DeploymentConfiguration( MaximumPercent=200, MinimumHealthyPercent=100), Role= 'arn:aws:iam::445114057331:role/aws-service-role/ecs.amazonaws.com/AWSServiceRoleForECS', NetworkConfiguration=ecs. NetworkConfiguration(AwsvpcConfiguration=ecs.AwsvpcConfiguration( AssignPublicIp='ENABLED', SecurityGroups=[Ref(EC2SecurityGroup11)], Subnets=['subnet-0c86eeb5d3ab2e031', 'subnet-08d3101feec0e17da'])), SchedulingStrategy='REPLICA')) ECSService2 = template.add_resource( ecs.Service(
'SourceSecurityGroupId': ImportValue(Sub('${CoreStack}-LoadBalancer-SG-ID')), }], )) keycloakService = t.add_resource( ecs.Service('KeycloakService', Cluster=ImportValue(Sub('${CoreStack}-ECS-Cluster')), TaskDefinition=keycloakTask.Ref(), DesiredCount=1, LoadBalancers=[ ecs.LoadBalancer( ContainerName='keycloak', ContainerPort=8080, TargetGroupArn=keycloakTargetGroup.Ref(), ) ], NetworkConfiguration=ecs.NetworkConfiguration( AwsvpcConfiguration=ecs.AwsvpcConfiguration( SecurityGroups=[ ImportValue(Sub('${CoreStack}-RDS-Access-SG-ID')), keycloakServiceSG.GetAtt('GroupId'), ], Subnets=[ImportValue(Sub('${CoreStack}-SubnetID'))], ), ))) # Save File with open('template.yml', 'w') as f: f.write(t.to_yaml())
) ) ] )) Service = t.add_resource(ecs.Service( "Service", DependsOn=ALBListener, Cluster=Ref(ECSCluster), DesiredCount=1, TaskDefinition=Ref(TaskDefinition), LaunchType="FARGATE", LoadBalancers=[ ecs.LoadBalancer( ContainerName="nginx-container", ContainerPort=80, TargetGroupArn=Ref(ALBTargetGroup) ) ], NetworkConfiguration=ecs.NetworkConfiguration( AwsvpcConfiguration=ecs.AwsvpcConfiguration( AssignPublicIp="ENABLED", Subnets=[Ref(PubSubnetAz1), Ref(PubSubnetAz2)], SecurityGroups=[Ref(TaskSecurityGroup)], ) ) )) # Output the ALB/Service URL t.add_output(Output( "ALBURL", Description="URL of the ALB",
def create_ecs_resources(self): t = self.template # Give the instances access that the Empire daemon needs. t.add_resource( PolicyType( "AccessPolicy", PolicyName="empire", PolicyDocument=empire_policy({ "Environment": Ref("Environment"), "CustomResourcesTopic": Ref("CustomResourcesTopic"), "CustomResourcesQueue": (GetAtt("CustomResourcesQueue", "Arn")), "TemplateBucket": (Join("", ["arn:aws:s3:::", Ref("TemplateBucket"), "/*"])) }), Roles=[Ref("InstanceRole")])) t.add_resource( sns.Topic( EVENTS_TOPIC, DisplayName="Empire events", Condition="CreateSNSTopic", )) t.add_output( Output("EventsSNSTopic", Value=Ref(EVENTS_TOPIC), Condition="CreateSNSTopic")) # Add SNS Events policy if Events are enabled t.add_resource( PolicyType("SNSEventsPolicy", PolicyName="EmpireSNSEventsPolicy", Condition="EnableSNSEvents", PolicyDocument=sns_events_policy( If("CreateSNSTopic", Ref(EVENTS_TOPIC), Ref("EventsSNSTopicName"))), Roles=[Ref("InstanceRole")])) # Add run logs policy if run logs are enabled t.add_resource( PolicyType("RunLogsPolicy", PolicyName="EmpireRunLogsPolicy", Condition="EnableCloudwatchLogs", PolicyDocument=runlogs_policy( If("CreateRunLogsGroup", Ref(RUN_LOGS), Ref("RunLogsCloudwatchGroup"))), Roles=[Ref("InstanceRole")])) # Allow the controller to write empire events to kinesis if kinesis is # enabled. t.add_resource( PolicyType("AppEventStreamPolicy", PolicyName="EmpireAppEventStreamPolicy", Condition="EnableAppEventStream", PolicyDocument=logstream_policy(), Roles=[Ref("InstanceRole")])) t.add_resource( ecs.TaskDefinition( "TaskDefinition", Volumes=[ ecs.Volume( Name="dockerSocket", Host=ecs.Host(SourcePath="/var/run/docker.sock")), ecs.Volume(Name="dockerCfg", Host=ecs.Host(SourcePath="/root/.dockercfg")) ], ContainerDefinitions=[ ecs.ContainerDefinition( Command=["server", "-automigrate=true"], Name="empire", Environment=self.get_empire_environment(), Essential=True, Image=Ref("DockerImage"), MountPoints=[ ecs.MountPoint( SourceVolume="dockerSocket", ContainerPath="/var/run/docker.sock", ReadOnly=False), ecs.MountPoint(SourceVolume="dockerCfg", ContainerPath="/root/.dockercfg", ReadOnly=False) ], PortMappings=[ ecs.PortMapping(HostPort=8081, ContainerPort=8081) ], Cpu=Ref("TaskCPU"), Memory=Ref("TaskMemory")) ])) t.add_resource( Role("ServiceRole", AssumeRolePolicyDocument=get_ecs_assumerole_policy(), Path="/", Policies=[ Policy(PolicyName="ecs-service-role", PolicyDocument=service_role_policy()) ])) t.add_resource( ecs.Service( "Service", Cluster=Ref("ControllerCluster"), DeploymentConfiguration=ecs.DeploymentConfiguration( MaximumPercent=Ref("ServiceMaximumPercent"), MinimumHealthyPercent=Ref("ServiceMinimumHealthyPercent"), ), DesiredCount=Ref("DesiredCount"), LoadBalancers=[ ecs.LoadBalancer(ContainerName="empire", ContainerPort=8081, LoadBalancerName=Ref("LoadBalancer")) ], Role=Ref("ServiceRole"), TaskDefinition=Ref("TaskDefinition")))
t.add_resource( ecs.Service( "service", Cluster=ImportValue( Join( "-", [Select(0, Split("-", Ref("AWS::StackName"))), "cluster-id"])), DesiredCount=1, TaskDefinition=Ref("task"), PortMappings=[ecs.PortMapping(ContainerPort=3000)], Environment=[Environment(Name='HELLOWORLD_VERSION', Value=Ref("Tag"))], LogConfiguration=LogConfiguration(LogDriver="awslogs", Options={ 'awslogs-group': "/aws/ecs/helloworld", 'awslogs-region': Ref("AWS::Region"), }), LoadBalancers=[ ecs.LoadBalancer( ContainerName="helloworld", ContainerPort=3000, TargetGroupArn=ImportValue( Join("-", [ Select(0, Split("-", Ref("AWS::StackName"))), "alb-helloworld-target-group" ]), ), ) ], Role=Ref("ServiceRole")))
Path="/", ManagedPolicyArns=[ 'arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceRole' ])) ecsservice = t.add_resource( ecs.Service( "service", Cluster=ImportValue( Join( "-", [Select(0, Split("-", Ref("AWS::StackName"))), "cluster-id"])), DesiredCount=DesiredTaskCapacity, TaskDefinition=Ref("task"), LoadBalancers=[ ecs.LoadBalancer( ContainerName=Select(1, Split("-", Ref("AWS::StackName"))), ContainerPort=3000, TargetGroupArn=ImportValue( Join("-", [ Select(0, Split("-", Ref("AWS::StackName"))), Select(1, Split("-", Ref("AWS::StackName"))), "tg" ]), ), ) ], Role=Ref("ServiceRole"))) # Configure application scaling ## Start with application autoscaling role appscalingrole = t.add_resource( Role("ApplicationScalingRole", AssumeRolePolicyDocument=Policy(Statement=[
Principal=Principal("Service", ["ecs.amazonaws.com"])) ]), Path="/", ManagedPolicyArns=[ 'arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceRole' ])) t.add_resource( ecs.Service( "service", Cluster=ImportValue( Join( "-", [Select(0, Split("-", Ref("AWS::StackName"))), "cluster-id"])), DesiredCount=1, TaskDefinition=Ref("task"), LoadBalancers=[ ecs.LoadBalancer( ContainerName="helloworld", ContainerPort=3000, TargetGroupArn=ImportValue( Join("-", [ Select(0, Split("-", Ref("AWS::StackName"))), "alb-target-group" ]), ), ) ], Role=Ref("ServiceRole"))) print(t.to_json())
) ] ) ) api_service = template.add_resource( ecs.Service( 'ApiService', ServiceName='api', Cluster=Ref(ecs_cluster), TaskDefinition=Ref(api_task_definition), DeploymentConfiguration=ecs.DeploymentConfiguration( MinimumHealthyPercent=100, MaximumPercent=200 ), DesiredCount=Ref(api_task_count), LaunchType='EC2', LoadBalancers=[ecs.LoadBalancer( ContainerName='api', ContainerPort=80, TargetGroupArn=Ref(api_target_group) )], Role=Ref(ecs_service_role), DependsOn=[load_balancer_listener] ) ) queue_worker_service = template.add_resource( ecs.Service( 'QueueWorkerService', ServiceName='queue-worker',
} contdef.LogConfiguration = logconf taskdef.ContainerDefinitions = [contdef] taskdef.Cpu = "256" taskdef.Family = "jicket-task" taskdef.RequiresCompatibilities = ["FARGATE"] taskdef.NetworkMode = "awsvpc" taskdef.Memory = "512" taskdef.ExecutionRoleArn = executionrolearn t.add_resource(taskdef) # ECS Service # ============= service = ecs.Service("JicketService") service.Cluster = Ref(cluster.title) service.DesiredCount = 1 service.LaunchType = "FARGATE" service.ServiceName = "Jicket-Service" service.TaskDefinition = Ref(taskdef.title) vpcconf = ecs.AwsvpcConfiguration() vpcconf.Subnets = [jicketsubnet] vpcconf.AssignPublicIp = "ENABLED" service.NetworkConfiguration = ecs.NetworkConfiguration( AwsvpcConfiguration=vpcconf) t.add_resource(service) t_json = t.to_json() with open("jicket-ecs.json", "w") as f:
t.add_resource( Role( "ServiceRole", AssumeRolePolicyDocument=Policy(Statement=[ Statement(Effect=Allow, Action=[AssumeRole], Principal=Principal("Service", ["ecs.amazonaws.com"])) ]), Path="/", ManagedPolicyArns=[ 'arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceRole' ])) t.add_resource( ecs.Service( "service", Cluster="staging-cluster2-ECSCluster-1QOGTB2P6NH1P", DesiredCount=1, TaskDefinition=Ref("task"), LoadBalancers=[ ecs.LoadBalancer( ContainerName="helloworld", ContainerPort=3000, TargetGroupArn= "arn:aws:elasticloadbalancing:us-east-1:713832673520:targetgroup/stagi-Targe-TG2C4W6OI4TH/de6ec52d6c086628", ) ], Role=Ref("ServiceRole"))) print(t.to_json())