def __init__(self, scope: core.Construct, id: str, **kwargs) -> None:
super().__init__(scope, id, **kwargs)
ZachECSName= self.__class__.__name__
vpc = ec2.Vpc(
self, ZachECSName+"Vpc",
max_azs=2
)
asg = autoscaling.AutoScalingGroup(
self, ZachECSName+"SCG" ,
instance_type=ec2.InstanceType("t3a.nano"),
machine_image=ecs.EcsOptimizedAmi(),
associate_public_ip_address=True,
update_type=autoscaling.UpdateType.REPLACING_UPDATE,
desired_capacity=3,
vpc=vpc,
vpc_subnets={'subnetType': ec2.SubnetType.PUBLIC}
)
cluster = ecs.Cluster(
self, ZachECSName+"Cluster",
vpc=vpc
)
cluster.add_auto_scaling_group(asg)
cluster.add_capacity(ZachECSName+"AutoScalingGroup",
instance_type=ec2.InstanceType("t3a.nano"))
def create_asg(self, vpc):
asg = autoscaling.AutoScalingGroup(
self,
'SingleInstanceAsg',
vpc=vpc,
machine_image=ecs.EcsOptimizedAmi(),
instance_type=ec2.InstanceType('t2.micro'),
vpc_subnets=ec2.SubnetSelection(subnet_type=ec2.SubnetType.PUBLIC),
associate_public_ip_address=True,
# We only need 1 instance in the ASG
max_capacity=1,
desired_capacity=1,
)
security_group = ec2.SecurityGroup(
self,
'GhostSg',
vpc=vpc,
)
# Allow ingress traffic to port 80
security_group.add_ingress_rule(
peer=ec2.Peer.any_ipv4(),
connection=ec2.Port.tcp(80),
)
# Allow NFS traffic for mounting EFS volumes
security_group.add_ingress_rule(peer=ec2.Peer.ipv4('10.0.0.0/16'),
connection=ec2.Port.tcp(2049))
asg.add_security_group(security_group)
return asg
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None:
super().__init__(scope, id, *kwargs)
# Create a cluster
vpc = ec2.Vpc(self, "MicFinVpc", max_azs=2)
cluster = ecs.Cluster(self, 'EcsCluster', vpc=vpc)
cluster.add_capacity(
"DefaultAutoScalingGroup",
instance_type=ec2.InstanceType("t2.micro"),
machine_image=ecs.EcsOptimizedAmi(),
update_type=autoscaling.UpdateType.REPLACING_UPDATE,
desired_capacity=1)
# Create Task Definition
task_definition = ecs.Ec2TaskDefinition(self, "TaskDef")
container = task_definition.add_container(
"web",
image=ecs.ContainerImage.from_registry(
"210525354699.dkr.ecr.ap-southeast-1.amazonaws.com/micfin-repo"
),
memory_limit_mib=512,
logging=ecs.LogDrivers.awslogs({streamPrefix: 'EventDemo'}))
port_mapping = ecs.PortMapping(container_port=80,
host_port=8080,
protocol=ecs.Protocol.TCP)
container.add_port_mappings(port_mapping)
# Create Service
service = ecs.Ec2Service(self,
"Service",
cluster=cluster,
task_definition=task_definition)
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None:
super().__init__(scope, id, *kwargs)
vpc = ec2.Vpc(
self, "MyVpc",
max_azs=2
)
asg = autoscaling.AutoScalingGroup(
self, "MyFleet",
instance_type=ec2.InstanceType("t2.micro"),
machine_image=ecs.EcsOptimizedAmi(),
associate_public_ip_address=True,
update_type=autoscaling.UpdateType.REPLACING_UPDATE,
desired_capacity=3,
vpc=vpc,
vpc_subnets={ 'subnet_type': ec2.SubnetType.PUBLIC },
)
cluster = ecs.Cluster(
self, 'EcsCluster',
vpc=vpc
)
cluster.add_auto_scaling_group(asg)
cluster.add_capacity("DefaultAutoScalingGroup",
instance_type=ec2.InstanceType("t2.micro"))
def __init__(
self,
scope: core.Construct,
id: str,
**kwargs,
) -> None:
super().__init__(
scope,
id,
**kwargs,
)
# add ingress rule on port 22 for SSH
ec2.SecurityGroup.from_security_group_id(
self,
"DefaultSecurityGroupForIngress",
scope.vpc.vpc_default_security_group,
).add_ingress_rule(
ec2.Peer.any_ipv4(),
ec2.Port.tcp(22),
)
self.asg = autoscaling.AutoScalingGroup(
self,
"AutoScalingGroup",
instance_type=ec2.InstanceType("t2.micro"),
machine_image=ecs.EcsOptimizedAmi(),
security_group=ec2.SecurityGroup.from_security_group_id(
self,
"DefaultSecurityGroupId",
scope.vpc.vpc_default_security_group,
),
associate_public_ip_address=True,
update_type=autoscaling.UpdateType.REPLACING_UPDATE,
desired_capacity=1,
vpc=scope.vpc,
key_name=os.environ.get("KEY_NAME"),
vpc_subnets={'subnet_type': ec2.SubnetType.PUBLIC},
)
self.cluster = scope.cluster
self.cluster.add_auto_scaling_group(self.asg)
self.bastion_host_task = ecs.Ec2TaskDefinition(self, "BastionHostTask")
self.bastion_host_task.add_container(
"BastionHostContainer",
image=scope.image,
command=["/start_prod.sh"],
environment=scope.variables.regular_variables,
memory_reservation_mib=128
# secrets=scope.variables.secret_variables,
)
self.bastion_host_service = ecs.Ec2Service(
self,
"BastionHostService",
task_definition=self.bastion_host_task,
cluster=self.cluster,
)
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None:
super().__init__(scope, id, **kwargs)
vpc = ec2.Vpc(
scope=self,
id="ECS-VPC",
enable_dns_hostnames=True,
enable_dns_support=True,
cidr=constants.VPC_CIDR,
max_azs=2,
subnet_configuration=[
ec2.SubnetConfiguration(
name='dmz',
subnet_type=ec2.SubnetType.PUBLIC
),
ec2.SubnetConfiguration(
name='trust',
subnet_type=ec2.SubnetType.PRIVATE
),
# ec2.SubnetConfiguration(
# name='isolated',
# subnet_type=ec2.SubnetType.ISOLATED,
# ),
],
)
self.vpc = vpc
cluster = ecs.Cluster(
scope=self,
id='ECS-CLUSTER',
vpc=vpc,
cluster_name=constants.ECS_CLUSTER_NAME
)
asg = autoscaling.AutoScalingGroup(
self,
"ASG",
vpc=vpc,
key_name=constants.SSH_KEY_NAME,
block_devices=[
autoscaling.BlockDevice(
device_name="/dev/xvda",
volume=autoscaling.BlockDeviceVolume(ebs_device=autoscaling.EbsDeviceProps(
delete_on_termination=True,
volume_type=autoscaling.EbsDeviceVolumeType.GP2,
volume_size=100,
)),
),
# autoscaling.BlockDevice(
# device_name="/dev/xvdb",
# volume=autoscaling.BlockDeviceVolume(ebs_device=autoscaling.EbsDeviceProps(
# delete_on_termination=True,
# volume_type=autoscaling.EbsDeviceVolumeType.GP2,
# volume_size=50,
# )),
# ),
],
vpc_subnets=ec2.SubnetSelection(
subnet_type=ec2.SubnetType.PRIVATE),
instance_type=ec2.InstanceType("t2.xlarge"),
machine_image=ecs.EcsOptimizedAmi(
generation=ec2.AmazonLinuxGeneration.AMAZON_LINUX_2),
min_capacity=2,
)
with open( os.path.join("ecs", "userData.sh" )) as f:
user_data = f.read()
asg.add_user_data(user_data)
cluster.add_auto_scaling_group(asg)
self.cluster = cluster
def __init__(self, scope: core.Construct, id: str, vpc, **kwargs) -> None:
super().__init__(scope, id, **kwargs)
cluster = ecs.Cluster(
self, 'EKSGraviton2',
vpc=vpc,
container_insights=True
)
task_definition = ecs.Ec2TaskDefinition(
self, "TaskDef")
container_uri = ssm.StringParameter.value_for_string_parameter(self ,"graviton_lab_container_uri")
ecs_ami = ecs.EcsOptimizedAmi(generation=ec2.AmazonLinuxGeneration.AMAZON_LINUX_2,
hardware_type=ecs.AmiHardwareType.ARM)
asg_ecs = cluster.add_capacity("G2AutoScalingGroup",
instance_type=ec2.InstanceType("m6g.2xlarge"),
machine_image=ecs_ami
)
container = task_definition.add_container(
"web",
image=ecs.ContainerImage.from_registry(container_uri),
memory_limit_mib=512,
logging=ecs.LogDrivers.firelens(
options={
"Name": "cloudwatch",
"log_key": "log",
"region": "us-east-1",
"delivery_stream": "my-stream",
"log_group_name": "firelens-fluent-bit",
"auto_create_group": "true",
"log_stream_prefix": "from-fluent-bit"}
)
)
port_mapping = ecs.PortMapping(
container_port=3000,
host_port=8080,
protocol=ecs.Protocol.TCP
)
container.add_port_mappings(port_mapping)
# Create Service
service = ecs.Ec2Service(
self, "Service",
cluster=cluster,
task_definition=task_definition
)
# Create ALB
lb = elbv2.ApplicationLoadBalancer(
self, "LB",
vpc=vpc,
internet_facing=True
)
listener = lb.add_listener(
"PublicListener",
port=80,
open=True
)
# Attach ALB to ECS Service
listener.add_targets(
"ECS",
port=80,
targets=[service]
)
core.CfnOutput(
self, "LoadBalancerDNS",
value=lb.load_balancer_dns_name
)
