def __init__(self, scope: core.Construct, construct_id: str, **kwargs) -> None: super().__init__(scope, construct_id, **kwargs) # vpc self.vpc = ec2.Vpc( self, "Vpc", max_azs=2, subnet_configuration=[ ec2.SubnetConfiguration(subnet_type=ec2.SubnetType.PUBLIC, name="Public", cidr_mask=24), ec2.SubnetConfiguration(subnet_type=ec2.SubnetType.PRIVATE, name="Private", cidr_mask=24) ], nat_gateway_provider=ec2.NatProvider.gateway(), nat_gateways=2, ) core.CfnOutput(self, "VpcID", value=self.vpc.vpc_id) self.load_balancer = elbv2.ApplicationLoadBalancer( self, "ExternalEndpoint", vpc=self.vpc, internet_facing=True, vpc_subnets=ec2.SubnetSelection(subnet_type=ec2.SubnetType.PUBLIC), ) core.CfnOutput(self, "ExternalDNSName", value=self.load_balancer.load_balancer_dns_name)
def __create_application_load_balancer( self, target_group: elbv2.ApplicationTargetGroup, vpc: ec2.Vpc): sub_nets = ec2.SubnetSelection(one_per_az=True, subnet_type=ec2.SubnetType.PUBLIC) load_balancer = elbv2.ApplicationLoadBalancer( self, id=common.generate_id("ImagizerLoadBalancer"), vpc=vpc, internet_facing=True, vpc_subnets=sub_nets) listener = load_balancer.add_listener( common.generate_id("ImagizerHTTPListener"), port=variables.PUBLIC_PORT, protocol=elbv2.ApplicationProtocol.HTTP) listener.add_target_groups(common.generate_id("ImagizerTargetGroup"), target_groups=[target_group]) common.add_tags(self, load_balancer, variables.IMAGIZER_CLUSTER_TAGS) core.CfnOutput(self, common.generate_id("ImagizerClusterEndpointOutput"), export_name="Endpoint", value="http://" + load_balancer.load_balancer_dns_name) return load_balancer
def create_alb(self, vpc, security_group_alb): # ALB作成 alb = _elbv2.ApplicationLoadBalancer( self, 'Alb', vpc=vpc, load_balancer_name='DEMO-ALB', security_group=security_group_alb, vpc_subnets=_ec2.SubnetSelection(subnet_type=_ec2.SubnetType.PUBLIC), internet_facing=True, ) # ターゲットグループ作成 tg_blue = create_target_group(self, vpc, 'DEMO-BLUE-TG') tg_green = create_target_group(self, vpc, 'DEMO-GREEN-TG') # リスナー追加 # <Product> listenerProduct = alb.add_listener( 'AlbAddListnerProduct', port=80 ) listenerProduct.add_target_groups( 'AlbAddTgProduct', target_groups=[tg_blue] ) # <Test> listenerTest = alb.add_listener( 'AlbAddListnerTest', port=8080 ) listenerTest.add_target_groups( 'AlbAddTgTest', target_groups=[tg_green] )
def createResources(self, ns): # Create ALB self.bentoALB = elbv2.ApplicationLoadBalancer(self, "bento-alb", vpc=self.bentoVPC, load_balancer_name="{}-alb".format(ns), internet_facing=True)
def __init__(self, scope: core.Construct, id: str, vpc, **kwargs) -> None: super().__init__(scope, id, **kwargs) alb = elb.ApplicationLoadBalancer(self, "myALB", vpc=vpc, internet_facing=True, load_balancer_name="myALB") alb.connections.allow_from_any_ipv4(ec2.Port.tcp(80), "Internet access ALB 80") listener = alb.add_listener("my80", port=80, open=True) self.asg = autoscaling.AutoScalingGroup( self, "myASG", vpc=vpc, vpc_subnets=ec2.SubnetSelection( subnet_type=ec2.SubnetType.PRIVATE), instance_type=ec2.InstanceType(instance_type_identifier=ec2_type), machine_image=linux_ami, # key_name=key_name, user_data=ec2.UserData.custom(userdata), desired_capacity=1, min_capacity=1, max_capacity=2, ) self.asg.connections.allow_from_any_ipv4( ec2.Port.tcp(22), "Access SSH port of EC2 in Autoscaling Instance") self.asg.connections.allow_from( alb, ec2.Port.tcp(80), "ALB access 80 port of EC2 in Autoscaling Group") listener.add_targets("addTargetGroup", port=80, targets=[self.asg]) core.CfnOutput(self, "OUTPUT_ALB_DNS", value=alb.load_balancer_dns_name)
def __init__(self, app: core.App, id: str) -> None: super().__init__(app, id) vpc = ec2.Vpc(self, "VPC") asg = autoscaling.AutoScalingGroup( self, "ASG", vpc=vpc, instance_type=ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.MICRO), machine_image=ec2.AmazonLinuxImage(), ) lb = elbv2.ApplicationLoadBalancer(self, "LB", vpc=vpc, internet_facing=True) listener = lb.add_listener("Listener", port=80) listener.add_targets("Target", port=80, targets=[asg]) listener.connections.allow_default_port_from_any_ipv4( "Open to the world") asg.scale_on_request_count("AModestLoad", target_requests_per_second=1)
def __init__(self, app: core.App, id: str) -> None: super().__init__(app, id) vpc = ec2.Vpc(self, "VPC") data = open("./httpd.sh", "rb").read() httpd=ec2.UserData.for_linux() httpd.add_commands(str(data,'utf-8')) asg = autoscaling.AutoScalingGroup( self, "ASG", vpc=vpc, instance_type=ec2.InstanceType.of( ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.MICRO ), machine_image=ec2.AmazonLinuxImage(generation=ec2.AmazonLinuxGeneration.AMAZON_LINUX_2), user_data=httpd, ) lb = elbv2.ApplicationLoadBalancer( self, "LB", vpc=vpc, min_capacity=1, max_capacity=3, desired_capacity=2, internet_facing=True) listener = lb.add_listener("Listener", port=80) listener.add_targets("Target", port=80, targets=[asg]) listener.connections.allow_default_port_from_any_ipv4("Open to the world") asg.scale_on_request_count("AModestLoad", target_requests_per_second=1) core.CfnOutput(self,"LoadBalancer",export_name="LoadBalancer",value=lb.load_balancer_dns_name)
def __init__(self, scope: core.Construct, id: str, vpc, redis, **kwargs) -> None: super().__init__(scope, id, **kwargs) self.ecr = _ecr.Repository(self, "ecrRepo") self.ecs_cluster = _ecs.Cluster(self, "ecsCluster", container_insights=True, vpc=vpc) self.task_definition = _ecs.FargateTaskDefinition(self, "taskDefinition", memory_limit_mib=512, cpu=256) self.docker_image = _ecr_assets.DockerImageAsset(self, "dockerImage", directory="./code") self.container = self.task_definition.add_container( "testContainer", image=_ecs.ContainerImage.from_docker_image_asset( self.docker_image), logging=_ecs.LogDriver.aws_logs(stream_prefix="containerlogs"), environment={ "STAGE": "dev", "REDIS_ENDPOINT": redis.attr_configuration_end_point_address }, ) self.container.add_port_mappings( _ecs.PortMapping(container_port=5000, protocol=_ecs.Protocol.TCP)) self.service = _ecs.FargateService( self, "fargateService", cluster=self.ecs_cluster, task_definition=self.task_definition, desired_count=3, vpc_subnets=_ec2.SubnetSelection(subnets=vpc.private_subnets), security_groups=[vpc.sg]) self.lb = _elbv2.ApplicationLoadBalancer(self, "alb", vpc=vpc, security_group=vpc.sg, internet_facing=True) listener = self.lb.add_listener("listener", port=80) self.target_group = listener.add_targets("fargateTarget", port=80, targets=[self.service]) core.CfnOutput(self, "albDnsName", value=self.lb.load_balancer_dns_name)
def __init__(self, app: core.App, id: str, **kwargs) -> None: super().__init__(app, id, **kwargs) env_name = self.node.try_get_context('env') vpc = ec2.Vpc(self, id=f"{env_name}VPC") data = open("./pr_stacks/httpd.sh", "rb").read() httpd=ec2.UserData.for_linux() httpd.add_commands(str(data,'utf-8')) asg = autoscaling.AutoScalingGroup( self, id=f"{env_name}-ASG", vpc=vpc, instance_type=ec2.InstanceType.of( ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.MICRO ), machine_image=ec2.AmazonLinuxImage(generation=ec2.AmazonLinuxGeneration.AMAZON_LINUX_2), user_data=httpd, min_capacity=2, max_capacity=5 ) lb = elbv2.ApplicationLoadBalancer( self, "LB", vpc=vpc, internet_facing=True) """ Listeners: For every load balancer, regardless of the type used, you must configure at least one listener. The listener defines how your inbound connections are routed to your target groups based on ports and protocols set as conditions. The configurations of the listener itself differ slightly depending on which ELB you have selected. """ listener = lb.add_listener(id=f"{env_name}-Listener", port=80) """ Target Groups: A target group is simply a group of your resources that you want your ELB to route requests to, such as a fleet of EC2 instances. You can configure the ELB with a number of different target groups, each associated with a different listener configuration and associated rules. This enables you to route traffic to different resources based upon the type of request. """ listener.add_targets(id=f"{env_name}-Target", port=80, targets=[asg]) listener.connections.allow_default_port_from_any_ipv4(description="Open to the world") asg.scale_on_request_count(id=f"{env_name}-AModestLoad", target_requests_per_second=1) core.CfnOutput(self,"LoadBalancer",export_name="LoadBalancer",value=f"http://{lb.load_balancer_dns_name}")
def alb_app(self, vpc, alb_name="adl_lb"): alb_app = elbv2.ApplicationLoadBalancer( self, "alb" + alb_name, http2_enabled=True, vpc=vpc['vpc'], deletion_protection=False, internet_facing=True, load_balancer_name=alb_name, vpc_subnets=ec2.SubnetSelection(subnet_type=ec2.SubnetType.PUBLIC)) return alb_app
def create_load_balancer(scope: core.Construct, vpc: ec2.IVpc): return elbv2.ApplicationLoadBalancer( scope, 'loadBalancer', vpc=vpc, deletion_protection=False, http2_enabled=True, idle_timeout=core.Duration.seconds(60), internet_facing=True, vpc_subnets=ec2.SubnetSelection(subnet_type=ec2.SubnetType.PUBLIC), )
def __init__(self, scope: cdk.Construct, construct_id: str, **kwargs) -> None: super().__init__(scope, construct_id, **kwargs) ecs_vpc = aws_ec2.Vpc( self, "EcsVPC", max_azs=2) # minimum number of AZs is 2 for this stack to deploy ecs_vpc.apply_removal_policy(cdk.RemovalPolicy.DESTROY) ecs_cluster = aws_ecs.Cluster(self, "EcsCluster", vpc=ecs_vpc) ecs_taskdefinition = aws_ecs.FargateTaskDefinition( self, "EcsTaskDefinition") ecs_taskdefinition.add_container( "ecsContainer", image=aws_ecs.ContainerImage.from_registry( 'coderaiser/cloudcmd:latest'), # change image here cpu=256, memory_limit_mib=512, port_mappings=[aws_ecs.PortMapping(container_port=8000) ] # container port used for the image ) ecs_fargate_service = aws_ecs.FargateService( self, "FargateService", cluster=ecs_cluster, task_definition=ecs_taskdefinition) ecs_application_lb = aws_elasticloadbalancingv2.ApplicationLoadBalancer( self, "EcsAlb", vpc=ecs_vpc, internet_facing=True) alb_listener = ecs_application_lb.add_listener("AlbListener", port=80) ecs_tg = alb_listener.add_targets( "EcsTG", port=80, targets=[ ecs_fargate_service.load_balancer_target( container_name="ecsContainer", container_port=8000 # container port used for the image ) ]) cdk.CfnOutput( self, "WebUrl", description="URL from the load balancer", value=f"http://{ecs_application_lb.load_balancer_dns_name}/")
def __init__(self, scope: core.Construct, construct_id: str, vpc, **kwargs) -> None: super().__init__(scope, construct_id, **kwargs) # The code that defines your stack goes here alb = elbv2.ApplicationLoadBalancer(self, "ALB", vpc=vpc, internet_facing=True) listener = alb.add_listener("Listener", port=80, open=True) security_group = ec2.SecurityGroup( self, "SecurityGroup", vpc=vpc, description="Allow access to ec2 instances", allow_all_outbound=True) security_group.add_ingress_rule(ec2.Peer.any_ipv4(), ec2.Port.tcp(80), "allow HTTP access from the world") security_group.add_ingress_rule(ec2.Peer.any_ipv4(), ec2.Port.tcp(22), "allow ssh access from the world") asg = autoscaling.AutoScalingGroup( self, "ASG", vpc=vpc, instance_type=ec2.InstanceType("t3.small"), machine_image=ec2.MachineImage.generic_linux( {"ap-east-1": "ami-0312f467545f742c4"}), min_capacity=2, max_capacity=5, security_group=security_group, # block_devices=[autoscaling.BlockDevice( # device_name="EBSApp", # volume=autoscaling.BlockDeviceVolume.ebs(20, # encrypted=True # ) # )] ) asg.scale_on_cpu_utilization("KeepSpareCPU", target_utilization_percent=70) group = listener.add_targets("ApplicationFleet", port=80, targets=[asg]) # Output core.CfnOutput(self, "Output", value=alb.load_balancer_dns_name) self.security_group = security_group self.alb = alb
def __init__(self, app: core.App, id: str) -> None: super().__init__(app, id) vpc = ec2.Vpc(self, "VPC") data = open("./httpd.sh", "rb").read() httpd = ec2.UserData.for_linux() httpd.add_commands(str(data, 'utf-8')) asg = autoscaling.AutoScalingGroup( self, "ASG", vpc=vpc, instance_type=ec2.InstanceType.of( ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.MICRO ), machine_image=ec2.AmazonLinuxImage(generation=ec2.AmazonLinuxGeneration.AMAZON_LINUX_2), user_data=httpd, ) lb = elbv2.ApplicationLoadBalancer( self, "LB", vpc=vpc, internet_facing=True) listener = lb.add_listener("Listener", port=80) listener.add_targets("Target", port=80, targets=[asg]) listener.connections.allow_default_port_from_any_ipv4("Open to the world") asg.scale_on_request_count("AModestLoad", target_requests_per_second=1) core.CfnOutput(self, "LoadBalancer", export_name="LoadBalancer", value=lb.load_balancer_dns_name) # === # # WAF # # === # # TODO #10 apply the web_acl to a resource # no method to apply the web_acl to a resource in version 1.75.0 web_acl = wafv2.CfnWebACL( scope_=self, id="waf", default_action=wafv2.CfnWebACL.DefaultActionProperty(), scope="REGIONAL", visibility_config=wafv2.CfnWebACL.VisibilityConfigProperty( cloud_watch_metrics_enabled=True, metric_name="waf-web-acl", sampled_requests_enabled=True ) )
def __init__(self, scope: core.Construct, construct_id: str, **kwargs) -> None: super().__init__(scope, construct_id, **kwargs) # The code that defines your stack goes here vpc = ec2.Vpc(self, "MyVPC") data = open("./user_data.sh", "rb").read() httpd = ec2.UserData.for_linux() httpd.add_commands(str(data, 'utf-8')) _asg = asg.AutoScalingGroup( self, "ASG", vpc=vpc, instance_type=ec2.InstanceType( instance_type_identifier="t2.large"), machine_image=ec2.AmazonLinuxImage( generation=ec2.AmazonLinuxGeneration.AMAZON_LINUX_2, storage=ec2.AmazonLinuxStorage.GENERAL_PURPOSE, ), user_data=httpd, vpc_subnets=ec2.SubnetSelection(subnet_type=ec2.SubnetType.PUBLIC), desired_capacity=2, auto_scaling_group_name="FirstASG") _asg.scale_on_cpu_utilization("ScaleOnCPU_Utilization", target_utilization_percent=50) alb = elb.ApplicationLoadBalancer( self, "ALB", vpc=vpc, vpc_subnets=ec2.SubnetSelection(subnet_type=ec2.SubnetType.PUBLIC), load_balancer_name="FirstALB", internet_facing=True) listener = alb.add_listener("Listener", port=80) listener.add_targets("Target", port=80, targets=[_asg]) listener.connections.allow_from_any_ipv4( ec2.Port.tcp(80), "Allows HTTP from the World to call") core.CfnOutput(self, "LoadBalancer", export_name="LoadBalancer", value=alb.load_balancer_dns_name)
def __init__(self, scope: core.Construct, id: str, vpc: ec2.IVpc, **kwargs) -> None: super().__init__(scope, id, **kwargs) # Fargate cluster self.cluster = ecs.Cluster( scope = self, id = 'ecs-dev-cluster', cluster_name = 'ecs-dev-cluster', vpc = vpc ) # Or add customized capacity. Be sure to start the Amazon ECS-optimized AMI. self.auto_scaling_group1 = autoscaling.AutoScalingGroup(self, "ASG1", vpc=vpc, instance_type=ec2.InstanceType("t2.xlarge"), machine_image=ecs.EcsOptimizedImage.amazon_linux(), update_type=autoscaling.UpdateType.REPLACING_UPDATE, # Or use Amazon ECS-Optimized Amazon Linux 2 AMI # machineImage: EcsOptimizedImage.amazonLinux2(), desired_capacity=3 ) self.auto_scaling_group2 = autoscaling.AutoScalingGroup(self, "ASG2", vpc=vpc, instance_type=ec2.InstanceType("t2.xlarge"), machine_image=ecs.EcsOptimizedImage.amazon_linux(), update_type=autoscaling.UpdateType.REPLACING_UPDATE, # Or use Amazon ECS-Optimized Amazon Linux 2 AMI # machineImage: EcsOptimizedImage.amazonLinux2(), desired_capacity=3 ) self.cluster.add_auto_scaling_group(self.auto_scaling_group1) self.cluster.add_auto_scaling_group(self.auto_scaling_group2) self.lb = elbv2.ApplicationLoadBalancer( self, "LB", vpc=vpc, internet_facing=True ) self.listener1 = self.lb.add_listener("Listener1", port=80) self.listener1.add_targets("Target", port=80, targets=[self.auto_scaling_group1]) self.listener1.connections.allow_default_port_from_any_ipv4("Open to the world") self.listener2 = self.lb.add_listener("Listener2", port=8080) self.listener2.add_targets("Target", port=8080, targets=[self.auto_scaling_group2]) self.listener2.connections.allow_default_port_from_any_ipv4("Open to the world")
def __init__(self, scope: core.Construct, id: str, vpc, **kwargs) -> None: super().__init__(scope, id, **kwargs) #Creating Bastion bastion = ec2.BastionHostLinux(self, 'webapp-bastion', vpc=vpc, subnet_selection=ec2.SubnetSelection( subnet_type=ec2.SubnetType.PUBLIC)) bastion.instance.instance.add_property_override("KeyName", key_name) bastion.connections.allow_from_any_ipv4(ec2.Port.tcp(22), "Internet access SSH") #Creating AutoScaling group self.asg = autoscaling.AutoScalingGroup( self, "webapp-autoscaling", vpc=vpc, vpc_subnets=ec2.SubnetSelection( subnet_type=ec2.SubnetType.PRIVATE), instance_type=ec2.InstanceType(instance_type_identifier=ec2_type), machine_image=linux_ami, key_name=key_name, user_data=ec2.UserData.custom(user_data), desired_capacity=2, min_capacity=2, max_capacity=2, ) #Creating Load Balancer alb = elb.ApplicationLoadBalancer(self, "webapp-alb", vpc=vpc, internet_facing=True, load_balancer_name="webapp-alb") alb.connections.allow_from_any_ipv4(ec2.Port.tcp(80), "Internet access ALB 80") listener = alb.add_listener("my80", port=80, open=True) #Final Configuration self.asg.connections.allow_from( alb, ec2.Port.tcp(80), "ALB access 80 port of EC2 in Autoscaling Group") listener.add_targets("addTargetGroup", port=80, targets=[self.asg]) core.CfnOutput(self, "Output", value=alb.load_balancer_dns_name)
def __create_application_load_balancer__(self): alb = elb.ApplicationLoadBalancer( self, "frontend-alb", security_group=self.alb_security_group, vpc=self.network_stack.vpc, vpc_subnets=ec2.SubnetSelection(one_per_az=True, subnet_type=ec2.SubnetType.PUBLIC), internet_facing=True, load_balancer_name="acme-frontend-public-alb") alb_listener_http = elb.ApplicationListener( self, "frontend-alb-http-listener", load_balancer=alb, port=80) alb.log_access_logs(self.logs_bucket) return alb
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None: super().__init__(scope, id, **kwargs) self.alb = elbv2.ApplicationLoadBalancer(self, "ALB", internet_facing=True, vpc=scope.vpc) self.alb.connections.allow_from_any_ipv4(ec2.Port.tcp(80), "Internet access ALB 80") self.alb.connections.allow_from_any_ipv4(ec2.Port.tcp(443), "Internet access ALB 443") self.listener = self.alb.add_listener("ALBListener", port=80, open=True) self.https_listener = self.alb.add_listener( "HTTPSListener", port=443, certificates=[scope.certificate], open=True, ) # self.listener.add_redirect_response( # 'RedirectNonHttpsTraffic', status_code="HTTP_301", port="443" # ) self.default_target_group = elbv2.ApplicationTargetGroup( self, "DefaultTargetGroup", port=80, protocol=elbv2.ApplicationProtocol.HTTP, vpc=scope.vpc, target_type=elbv2.TargetType.IP, ) self.listener.add_target_groups( "DefaultTargetGroup", target_groups=[self.default_target_group]) self.https_listener.add_target_groups( "HTTPSDefaultTargetGroup", target_groups=[self.default_target_group], )
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None: super().__init__(scope, id, **kwargs) vpc = ec2.Vpc(self, 'OurDemoVPC', cidr='10.1.0.0/16', max_azs=2, subnet_configuration=[ { 'cidrMask': 24, 'name': 'Web', 'subnetType': ec2.SubnetType.PUBLIC }, { 'cidrMask': 24, 'name': 'Application', 'subnetType': ec2.SubnetType.PRIVATE }, ]) asg = autoscaling.AutoScalingGroup( self, "ASG", vpc=vpc, instance_type=ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.MICRO), machine_image=ec2.AmazonLinuxImage()) asg.add_user_data(""" yum update -y yum install httpd -y echo 'Hello from the CDK' > /var/www/html/index.html service httpd start chkconfig httpd on """) lb = elbv2.ApplicationLoadBalancer(self, "LB", vpc=vpc, internet_facing=True) listener = lb.add_listener("Listener", port=80) listener.add_targets("Target", port=80, targets=[asg]) listener.connections.allow_default_port_from_any_ipv4( "Open to the world")
def __init__(self, app: core.App, id: str, vpc, asg, **kwargs) -> None: super().__init__(app, id, **kwargs) lb = elbv2.ApplicationLoadBalancer( scope = self, id = "LB", vpc=vpc, internet_facing=True, load_balancer_name = "webapp-alb" ) listener = lb.add_redirect(source_port=80, target_port=443) listener.connections.allow_default_port_from_any_ipv4("Open to the world") # https_listener = lb.add_listener("HTTPS listener", port=443) # https_listener.add_targets("Target", port=80, targets=[asg]) # https_listener.connections.allow_default_port_from_any_ipv4("Listen on HTTPS") core.CfnOutput(self,"LoadBalancer",export_name="LoadBalancer",value=lb.load_balancer_dns_name)
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None: super().__init__(scope, id, **kwargs) lab03_vpc=ec2.Vpc(self,"Lab03-vpc",nat_gateways=1) #read and base64 encode userdata file data = open("../resource/httpd.sh", "rb").read() encodedBytes = base64.encodebytes(data) encodedStr = str(encodedBytes, "utf-8") #create UserData httpd=ec2.UserData.for_linux() httpd.add_commands(str(data,'utf-8')) #create AutoScaling Group ami=ec2.AmazonLinuxImage(generation=ec2.AmazonLinuxGeneration.AMAZON_LINUX_2) #get AMAZON Linux 2 AMI #ec2.GenericWindowsImage({"cn-northwest-1":"ami-123123"}) asg=autoscaling.AutoScalingGroup( self, "aws-cdk-asg", vpc=lab03_vpc, #machine_image= ec2.GenericWindowsImage({"cn-northwest-1":"ami-00d0173a6c8a76d5f"}), #use custom ami machine_image= ami, instance_type=ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.MICRO), user_data=httpd, min_capacity=1, desired_capacity=2, max_capacity=2, ) #create Elastic Load Balancer listener_port = 8080 lab03_alb=elb.ApplicationLoadBalancer(self,"lab03_alb",vpc=lab03_vpc,internet_facing=True) alb_listener=lab03_alb.add_listener("lab03_alb_listener",port=listener_port) alb_listener.add_targets('Target',port=80,targets=[asg]) #output ALB DNS core.CfnOutput(self,"Lab03ALB",export_name="Lab03ALB",value=lab03_alb.load_balancer_dns_name+":"+str(listener_port))
def ELB_SVC(self, ZachECSNodeName, TaskName, ZachTaskDef, cluster, vpc): ecs_service = ecs.Ec2Service( self, id=ZachECSNodeName + TaskName, task_definition=ZachTaskDef, cluster=cluster, desired_count=2, security_group=self.VPC_SG(TaskName, vpc), assign_public_ip=True, # health_check_grace_period=core.Duration.seconds(30), # Health check grace period is only valid for services configured to use load balancers service_name=ZachECSNodeName + TaskName) # Create ALB lb = elb.ApplicationLoadBalancer(self, ZachECSNodeName + TaskName + "-LB", vpc=vpc, internet_facing=True) listener = lb.add_listener(ZachECSNodeName + TaskName + "PublicListener", port=80, open=True) health_check = elb.HealthCheck(interval=core.Duration.seconds(60), path="/health", timeout=core.Duration.seconds(5)) # Attach ALB to ECS Service listener.add_targets( ZachECSNodeName + TaskName + "-ECS", port=80, targets=[ecs_service], health_check=health_check, ) core.CfnOutput(self, ZachECSNodeName + TaskName + "-LoadBalancerDNS", value=lb.load_balancer_dns_name) core.CfnOutput(self, id=ZachECSNodeName + TaskName + "-ServiceName", value=ecs_service.service.service_name) core.CfnOutput(self, id=ZachECSNodeName + TaskName + "-ServiceARN", value=ecs_service.service.service_arn) return ecs_service
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None: super().__init__(scope, id, **kwargs) # The code that defines your stack goes here #Creating vpc vpc = ec2.Vpc(self, "test_vpc_id") #Creating a basic web application to view data = open("./httpd.sh", "rb").read() httpd = ec2.UserData.for_linux() httpd.add_commands(str(data, 'utf-8')) # Auto-scaling group and instance creation asginstances = asg.AutoScalingGroup( self, "ASG", vpc=vpc, instance_type=ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.MICRO), machine_image=ec2.AmazonLinuxImage( generation=ec2.AmazonLinuxGeneration.AMAZON_LINUX_2), desired_capacity=2, max_capacity=2, min_capacity=0, user_data=httpd) #Creating ALB and allowing internet access lb = alb.ApplicationLoadBalancer(self, 'LB', vpc=vpc, internet_facing=True) #ALB listening on port 80 listener = lb.add_listener("Listener", port=80) #Add the ASG as targets for the ALB listener.add_targets("Target", port=80, targets=[asginstances]) listener.connections.allow_default_port_from_any_ipv4( "Forwarding port 80 to the ASG") #Print out the ALB url to show web instance application core.CfnOutput(self, "LoadBalancer", export_name="Bananatag", value=lb.load_balancer_dns_name)
def __init__(self, scope: core.Construct, construct_id: str, vpc: ec2.Vpc, **kwargs) -> None: super().__init__(scope, construct_id, **kwargs) self.elb_security_group = ec2.SecurityGroup( self, "ELBSG", vpc=vpc, allow_all_outbound=True, description="Group for the ELB") self.elb_security_group.add_ingress_rule( peer=ec2.Peer.any_ipv4(), connection=ec2.Port.tcp(80), description="Allow HTTP access") self.elb_security_group.add_ingress_rule( peer=ec2.Peer.any_ipv4(), connection=ec2.Port.tcp(443), description="Allow HTTPS access") lb = elbv2.ApplicationLoadBalancer( self, "ELB", vpc=vpc, internet_facing=True, vpc_subnets=ec2.SubnetSelection(subnets=vpc.public_subnets)) health_check = elbv2.HealthCheck(enabled=True, healthy_http_codes="200", healthy_threshold_count=3, interval=core.Duration.seconds(15), path="/pi", timeout=core.Duration.seconds(10), unhealthy_threshold_count=3) blue_target_group = elbv2.ApplicationTargetGroup( self, "BlueTargetGroup", port=8224, protocol=elbv2.ApplicationProtocol.HTTP, stickiness_cookie_duration=core.Duration.days(30), health_check=health_check, target_type=elbv2.TargetType.IP, vpc=vpc)
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None: super().__init__(scope, id, **kwargs) s3 = _s3.Bucket(self, "Mervis3bucket") queue = sqs.Queue(self, "MerviSQSQueue") vpc = ec2.Vpc.from_lookup(self, "VPC", is_default=True) amzn_linux = ec2.MachineImage.latest_amazon_linux( generation=ec2.AmazonLinuxGeneration.AMAZON_LINUX_2, edition=ec2.AmazonLinuxEdition.STANDARD, virtualization=ec2.AmazonLinuxVirt.HVM, storage=ec2.AmazonLinuxStorage.GENERAL_PURPOSE) sg_ec2 = ec2.SecurityGroup(self, id="sg_ec2", vpc=vpc, security_group_name="sg_ec2") # sg_ec2.add_ingress_rule(ec2.Peer.any_ipv4(), ec2.Port.tcp(80)) instance = ec2.Instance(self, "Instance", instance_type=ec2.InstanceType("t2.micro"), machine_image=amzn_linux, vpc=vpc, security_group=sg_ec2) sg_alb = ec2.SecurityGroup(self, id="sg_alb", vpc=vpc, security_group_name="sg_alb") sg_alb.add_ingress_rule(ec2.Peer.any_ipv4(), ec2.Port.tcp(80)) sg_ec2.connections.allow_from(sg_alb, ec2.Port.tcp(80), "Ingress") lb = elbv2.ApplicationLoadBalancer(self, "ALB", vpc=vpc, security_group=sg_alb, internet_facing=True)
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None: super().__init__(scope, id, **kwargs) Zach_LB_Name = self.__class__.__name__ LB_VPC = ec2.Vpc.from_lookup(self, id="Zach_VPC_Stack_A", vpc_id="vpc-01e73b4b5c6f9f98a") LB_SG = ec2.SecurityGroup.from_security_group_id(self,id=Zach_LB_Name+"-SG",security_group_id="sg-07a1d71bba92f38ca") LB_Subnet = ec2.SubnetSelection(subnet_type=ec2.SubnetType.PUBLIC) Zach_LB = elb.ApplicationLoadBalancer(self, id=Zach_LB_Name, idle_timeout=core.Duration.seconds(5), ip_address_type=elb.IpAddressType.IPV4, security_group=LB_SG, vpc=LB_VPC, deletion_protection=True, vpc_subnets=LB_Subnet, internet_facing=True, http2_enabled=True ) # LB_Targets = elb.CfnTargetGroup(self,id=Zach_LB_Name,targets=[{ # "AvailabilityZone": "ap-southeast-1", # "id": "i-0735304dcf665f40e", # "Port": 80 # }]) LB_Targets = self._add_autoscaling_group(LB_VPC,LB_Subnet,LB_SG,'aws-sg-root') Zach_LB_Listener = Zach_LB.add_listener(id=Zach_LB_Name + "_" + str(80), open=True,port=80,protocol=elb.ApplicationProtocol.HTTP) Zach_LB_Listener.add_targets(id=Zach_LB_Name,health_check = elb.HealthCheck(healthy_http_codes="200,301,302,401,403,405", healthy_threshold_count=3, unhealthy_threshold_count=5, path="/", interval=core.Duration.seconds(30)), port = 80, protocol = elb.ApplicationProtocol.HTTP, # priority = 100, # path_pattern = '/', stickiness_cookie_duration = core.Duration.hours(12), targets=[LB_Targets], # target_group_name=LB_Targets.auto_scaling_group_name ) Zach_LB_Listener.connections.allow_default_port_from_any_ipv4("Open to the world") core.CfnOutput(self, "LoadBalancerDNS", export_name="LoadBalancerDNS", value=Zach_LB.load_balancer_dns_name)
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None: super().__init__(scope, id, **kwargs) # The code that defines your stack goes here my_lambda = _lambda.Function( self, 'HelloHandler', runtime=_lambda.Runtime.PYTHON_3_7, code=_lambda.Code.asset('lambda'), handler='hello.handler', ) version01 = _lambda.Version(self, "version01", lambda_=my_lambda) alias_beta = _lambda.Alias(self, "alias_beta", alias_name="beta", version=version01) #当我创建v3的时候我可以使用下面的代码,为v2创建一个新的别名alias_v2 #v2=_lambda.Version.from_version_arn(self,"v",version_arn="arn:aws-cn:lambda:cn-northwest-1:188642756190:function:lab08-HelloHandler2E4FBA4D-1D2KNU1L6W08T:2") #alias_v2= _lambda.Alias(self,"alias_v2",alias_name="alias_v2",version=version01) #始终保持别名prod在最新的版本 alias_prod = _lambda.Alias(self, "prod", alias_name="prod", version=my_lambda.current_version) # v5=_lambda.Version.from_version_arn(self,"v5",version_arn="arn:aws-cn:lambda:cn-northwest-1:188642756190:function:lab08-HelloHandler2E4FBA4D-1UZFGVUVZPTQJ:5") # alias_prod= _lambda.Alias(self,"prod",alias_name="prod",version=v5) lab03_alb = elb.ApplicationLoadBalancer(self, "lab03_alb", vpc=lab03_vpc, internet_facing=True) alb_listener = lab03_alb.add_listener("lab03_alb_listener", port=80) alb_listener.add_targets('Target', targets=[_targets.LambdaTarget(fn=my_lambda)])
def __init__(self, scope: core.Construct, id: str, vpc: ec2.IVpc, instances: list, certificate_arn: str, **kwargs): super().__init__(scope, id, **kwargs) health_check = elbv2.HealthCheck(path="/", healthy_http_codes="200-399") public_target_group = elbv2.ApplicationTargetGroup( self, "PublicTG", port=8080, vpc=vpc, health_check=health_check) for instance in instances: public_target_group.add_target( elbv2.InstanceTarget(instance.instance_id, port=8080)) self._public_security_group = ec2.SecurityGroup(self, "PublicLBSG", vpc=vpc) self._public_security_group.add_ingress_rule(ec2.Peer.any_ipv4(), ec2.Port.tcp(443)) self._public_lb = elbv2.ApplicationLoadBalancer( self, "PublicLB", vpc=vpc, vpc_subnets=ec2.SubnetSelection(subnets=vpc.select_subnets( subnet_type=ec2.SubnetType.PUBLIC).subnets), internet_facing=True, security_group=self._public_security_group) self._public_lb.add_listener( "PublicLBListener", certificates=[elbv2.ListenerCertificate(certificate_arn)], port=443, default_target_groups=[public_target_group]) core.CfnOutput(self, "CloudIDE URL", value="https://{}".format( self._public_lb.load_balancer_dns_name))
def __init__(self, scope: core.Construct, construct_id: str, vpc: ec2.Vpc, auto_scaling: autoscaling.AutoScalingGroup, **kwargs) -> None: self.elb = elb.ApplicationLoadBalancer( scope, 'ALB-WebGroup', vpc=vpc, internet_facing=True, vpc_subnets=ec2.SubnetSelection(subnets=vpc.public_subnets) ) listener = self.elb.add_listener('Listener', port=80, open=True) # For the healthcheck I could leave most of parameters blank as the default would sufface, but I put them here for reference later. listener.add_targets( 'WebFleet', port=80, targets=[auto_scaling], health_check=elb.HealthCheck( enabled=True, healthy_http_codes='200-399', interval=core.Duration.seconds(30), path='/index.php' ) )