def create_service(self):
t = self.template
self.service = t.add_resource(
ecs.Service(
"Service",
Cluster=self.cluster,
DesiredCount=self.count,
LaunchType="FARGATE",
NetworkConfiguration=ecs.NetworkConfiguration(
AwsvpcConfiguration=ecs.AwsvpcConfiguration(
SecurityGroups=[self.security_group],
Subnets=self.subnets,
)
),
ServiceName=self.service_name,
TaskDefinition=self.task_definition.Ref(),
)
)
t.add_output(
Output(
"ServiceArn",
Value=self.service.Ref()
)
)
t.add_output(
Output(
"ServiceName",
Value=self.service.GetAtt("Name")
)
)
def test_fargate_launch_type(self):
task_definition = ecs.TaskDefinition(
"mytaskdef",
ContainerDefinitions=[
ecs.ContainerDefinition(
Image="myimage",
Memory="300",
Name="mycontainer",
)
],
Volumes=[
ecs.Volume(Name="my-vol"),
],
)
ecs_service = ecs.Service(
'Service',
Cluster='cluster',
DesiredCount=2,
PlacementStrategies=[ecs.PlacementStrategy(Type="random", )],
LaunchType='FARGATE',
NetworkConfiguration=ecs.NetworkConfiguration(
AwsvpcConfiguration=ecs.AwsvpcConfiguration(
AssignPublicIp='DISABLED',
SecurityGroups=['sg-1234'],
Subnets=['subnet-1234'])),
PlacementConstraints=[
ecs.PlacementConstraint(Type="distinctInstance", )
],
TaskDefinition=Ref(task_definition),
)
ecs_service.to_dict()
def create_ecs_service(self):
t = self.template
t.add_resource(
ecs.Service(
'FargateService',
DependsOn=self.listener.title,
Cluster=self.vars['ClusterName'],
DesiredCount=self.vars['DesiredCount'],
TaskDefinition=Ref(self.task_definition),
LaunchType='FARGATE',
NetworkConfiguration=ecs.NetworkConfiguration(
AwsvpcConfiguration=ecs.AwsvpcConfiguration(
Subnets=[
s.strip() for s in self.vars['Subnets'].split(',')
],
SecurityGroups=[self.vars['SecurityGroup']],
)),
LoadBalancers=[
ecs.LoadBalancer(
ContainerName=self.vars['ContainerName'],
ContainerPort=self.vars['ContainerPort'],
TargetGroupArn=Ref(self.target_group),
),
],
))
return
def gen_service(self):
load_balancer = ecs.LoadBalancer(
ContainerName=self.service_name,
ContainerPort=80,
TargetGroupArn=Ref(self.target_group),
)
# We put this service in public subnets because for demo purposes,
# we only created public subnets. In a real application, you would
# almost certainly put this in a private subnet.
network_configuration = ecs.NetworkConfiguration(
AwsvpcConfiguration=ecs.AwsvpcConfiguration(
AssignPublicIp="ENABLED",
Subnets=[
self.import_value("vpc", "PublicSubnet0"),
self.import_value("vpc", "PublicSubnet1"),
],
SecurityGroups=[
self.import_value("load-balancer",
"WebAppMembershipSecurityGroup"),
self.import_value("load-balancer", "WebAppSecurityGroup"),
],
))
self.service = ecs.Service(
"Service",
ServiceName=self.service_name,
Cluster=Ref(self.cluster),
DeploymentConfiguration=ecs.DeploymentConfiguration(
MinimumHealthyPercent=100, MaximumPercent=200),
DesiredCount=1,
LaunchType="FARGATE",
LoadBalancers=[load_balancer],
NetworkConfiguration=network_configuration,
SchedulingStrategy="REPLICA",
TaskDefinition=Ref(self.task_definition),
)
self.template.add_resource(self.service)
def network_configuration(self):
return ecs.NetworkConfiguration(
AwsvpcConfiguration=ecs.AwsvpcConfiguration(
SecurityGroups=[self.security_group],
Subnets=self.subnets,
))
taskdef.ContainerDefinitions = [contdef]
taskdef.Cpu = "256"
taskdef.Family = "jicket-task"
taskdef.RequiresCompatibilities = ["FARGATE"]
taskdef.NetworkMode = "awsvpc"
taskdef.Memory = "512"
taskdef.ExecutionRoleArn = executionrolearn
t.add_resource(taskdef)
# ECS Service
# =============
service = ecs.Service("JicketService")
service.Cluster = Ref(cluster.title)
service.DesiredCount = 1
service.LaunchType = "FARGATE"
service.ServiceName = "Jicket-Service"
service.TaskDefinition = Ref(taskdef.title)
vpcconf = ecs.AwsvpcConfiguration()
vpcconf.Subnets = [jicketsubnet]
vpcconf.AssignPublicIp = "ENABLED"
service.NetworkConfiguration = ecs.NetworkConfiguration(
AwsvpcConfiguration=vpcconf)
t.add_resource(service)
t_json = t.to_json()
with open("jicket-ecs.json", "w") as f:
print(t_json)
f.write(t_json)
"Service",
DependsOn=ALBListener,
Cluster=Ref(ECSCluster),
DesiredCount=1,
TaskDefinition=Ref(TaskDefinition),
LaunchType="FARGATE",
LoadBalancers=[
ecs.LoadBalancer(
ContainerName="nginx-container",
ContainerPort=80,
TargetGroupArn=Ref(ALBTargetGroup)
)
],
NetworkConfiguration=ecs.NetworkConfiguration(
AwsvpcConfiguration=ecs.AwsvpcConfiguration(
AssignPublicIp="ENABLED",
Subnets=[Ref(PubSubnetAz1), Ref(PubSubnetAz2)],
SecurityGroups=[Ref(TaskSecurityGroup)],
)
)
))
# Output the ALB/Service URL
t.add_output(Output(
"ALBURL",
Description="URL of the ALB",
Value=Join("", ["http://", GetAtt(ALB, "DNSName")]),
))
print(t.to_json())
def add_resources(self):
"""Add resources to template."""
class EcsServiceWithHealthCheckGracePeriodSeconds(ecs.Service):
"""ECS Service class with HealthCheckGracePeriodSeconds added."""
props = ecs.Service.props
props['HealthCheckGracePeriodSeconds'] = (positive_integer, False)
pkg_version = pkg_resources.get_distribution('troposphere').version
if LooseVersion(pkg_version) < LooseVersion('2.1.3'):
ecs_service = EcsServiceWithHealthCheckGracePeriodSeconds
else:
ecs_service = ecs.Service
template = self.template
variables = self.get_variables()
ecstaskrole = template.add_resource(
iam.Role('EcsTaskRole',
AssumeRolePolicyDocument=get_ecs_task_assumerole_policy(),
RoleName=variables['EcsTaskRoleName'].ref))
loggroup = template.add_resource(
logs.LogGroup(
'CloudWatchLogGroup',
LogGroupName=Join('', [
'/ecs/', variables['ContainerName'].ref, '-',
variables['EnvironmentName'].ref
]),
RetentionInDays=variables['EcsCloudWatchLogRetention'].ref))
ecscontainerdef = ecs.ContainerDefinition(
Image=Join('', [
Ref('AWS::AccountId'), '.dkr.ecr.',
Ref('AWS::Region'), '.amazonaws.com/',
variables['ContainerName'].ref, '-',
variables['EnvironmentName'].ref
]),
LogConfiguration=ecs.LogConfiguration(LogDriver='awslogs',
Options={
'awslogs-group':
Ref(loggroup),
'awslogs-region':
Ref('AWS::Region'),
'awslogs-stream-prefix':
'ecs'
}),
Name=Join('-', [
variables['ContainerName'].ref,
variables['EnvironmentName'].ref
]),
PortMappings=[
ecs.PortMapping(ContainerPort=variables['ContainerPort'].ref)
])
ecstaskdef = template.add_resource(
ecs.TaskDefinition(
'EcsTaskDef',
ContainerDefinitions=[ecscontainerdef],
Cpu=variables['TaskCpu'].ref,
Memory=variables['TaskMem'].ref,
ExecutionRoleArn=variables['EcsTaskExecIamRoleArn'].ref,
TaskRoleArn=Ref(ecstaskrole),
Family=Join('-', [
variables['ContainerName'].ref,
variables['EnvironmentName'].ref
]),
NetworkMode='awsvpc',
RequiresCompatibilities=['FARGATE']))
ecscluster = template.add_resource(
ecs.Cluster('EcsCluster',
ClusterName=Join('-', [
variables['ContainerName'].ref,
variables['EnvironmentName'].ref
])))
ecsservice = template.add_resource(
ecs_service(
'EcsService',
Cluster=Join('-', [
variables['ContainerName'].ref,
variables['EnvironmentName'].ref
]),
DeploymentConfiguration=ecs.DeploymentConfiguration(
MinimumHealthyPercent=variables['MinHealthyPercent'].ref,
MaximumPercent=variables['MaxPercent'].ref),
DesiredCount=variables['NumberOfTasks'].ref,
HealthCheckGracePeriodSeconds=variables[
'HealthCheckGracePeriod'].ref,
LaunchType='FARGATE',
LoadBalancers=[
ecs.LoadBalancer(
ContainerName=Join('-', [
variables['ContainerName'].ref,
variables['EnvironmentName'].ref
]),
ContainerPort=variables['ContainerPort'].ref,
TargetGroupArn=variables['TargetGroupArn'].ref)
],
NetworkConfiguration=ecs.NetworkConfiguration(
AwsvpcConfiguration=ecs.AwsvpcConfiguration(
SecurityGroups=variables['SgIdList'].ref,
Subnets=variables['Subnets'].ref)),
ServiceName=Join('-', [
variables['ContainerName'].ref,
variables['EnvironmentName'].ref
]),
TaskDefinition=Ref(ecstaskdef)))
template.add_output(
Output("{}Arn".format(ecstaskrole.title),
Description="ECS Task Role ARN",
Value=GetAtt(ecstaskrole, "Arn"),
Export=Export(
Sub('${AWS::StackName}-%sArn' % ecstaskrole.title))))
template.add_output(
Output("{}Name".format(ecstaskrole.title),
Description="ECS Task Role Name",
Value=Ref(ecstaskrole)))
template.add_output(
Output("{}Arn".format(ecsservice.title),
Description="ARN of the ECS Service",
Value=Ref(ecsservice),
Export=Export(
Sub('${AWS::StackName}-%sArn' % ecsservice.title))))
template.add_output(
Output("{}Name".format(ecsservice.title),
Description="Name of the ECS Service",
Value=GetAtt(ecsservice, "Name"),
Export=Export(
Sub('${AWS::StackName}-%sName' % ecsservice.title))))
template.add_output(
Output("{}Arn".format(ecscluster.title),
Description="ECS Cluster ARN",
Value=GetAtt(ecscluster, "Arn"),
Export=Export(
Sub('${AWS::StackName}-%sArn' % ecscluster.title))))
template.add_output(
Output("{}Arn".format(ecstaskdef.title),
Description="ARN of the Task Definition",
Value=Ref(ecstaskdef),
Export=Export(
Sub('${AWS::StackName}-%sArn' % ecstaskdef.title))))
RegistryArn=
'arn:aws:servicediscovery:us-east-2:445114057331:service/srv-yv4x7pmjmrx6kehz'
)
],
DesiredCount=1,
LaunchType='FARGATE',
PlatformVersion='LATEST',
TaskDefinition=
'arn:aws:ecs:us-east-2:445114057331:task-definition/aws-currency-exchange-service-h2-xray:3',
DeploymentConfiguration=ecs.DeploymentConfiguration(
MaximumPercent=200, MinimumHealthyPercent=100),
Role=
'arn:aws:iam::445114057331:role/aws-service-role/ecs.amazonaws.com/AWSServiceRoleForECS',
NetworkConfiguration=ecs.
NetworkConfiguration(AwsvpcConfiguration=ecs.AwsvpcConfiguration(
AssignPublicIp='ENABLED',
SecurityGroups=[Ref(EC2SecurityGroup11)],
Subnets=['subnet-0c86eeb5d3ab2e031', 'subnet-08d3101feec0e17da'])),
SchedulingStrategy='REPLICA'))
ECSService2 = template.add_resource(
ecs.Service(
'ECSService2',
ServiceName='ws-currency-conversion-services-appmesh',
Cluster=GetAtt(ECSCluster, 'Arn'),
ServiceRegistries=[
ecs.ServiceRegistry(
RegistryArn=
'arn:aws:servicediscovery:us-east-2:445114057331:service/srv-z32i4oh6oq4j4tg2'
)
],
DesiredCount=1,
'SourceSecurityGroupId':
ImportValue(Sub('${CoreStack}-LoadBalancer-SG-ID')),
}],
))
keycloakService = t.add_resource(
ecs.Service('KeycloakService',
Cluster=ImportValue(Sub('${CoreStack}-ECS-Cluster')),
TaskDefinition=keycloakTask.Ref(),
DesiredCount=1,
LoadBalancers=[
ecs.LoadBalancer(
ContainerName='keycloak',
ContainerPort=8080,
TargetGroupArn=keycloakTargetGroup.Ref(),
)
],
NetworkConfiguration=ecs.NetworkConfiguration(
AwsvpcConfiguration=ecs.AwsvpcConfiguration(
SecurityGroups=[
ImportValue(Sub('${CoreStack}-RDS-Access-SG-ID')),
keycloakServiceSG.GetAtt('GroupId'),
],
Subnets=[ImportValue(Sub('${CoreStack}-SubnetID'))],
), )))
# Save File
with open('template.yml', 'w') as f:
f.write(t.to_yaml())
