def __init__(self, scope: core.Construct, construct_id: str,
**kwargs) -> None:
super().__init__(scope, construct_id, **kwargs)
# vpc
self.vpc = ec2.Vpc(
self,
"Vpc",
max_azs=2,
subnet_configuration=[
ec2.SubnetConfiguration(subnet_type=ec2.SubnetType.PUBLIC,
name="Public",
cidr_mask=24),
ec2.SubnetConfiguration(subnet_type=ec2.SubnetType.PRIVATE,
name="Private",
cidr_mask=24)
],
nat_gateway_provider=ec2.NatProvider.gateway(),
nat_gateways=2,
)
core.CfnOutput(self, "VpcID", value=self.vpc.vpc_id)
self.load_balancer = elbv2.ApplicationLoadBalancer(
self,
"ExternalEndpoint",
vpc=self.vpc,
internet_facing=True,
vpc_subnets=ec2.SubnetSelection(subnet_type=ec2.SubnetType.PUBLIC),
)
core.CfnOutput(self,
"ExternalDNSName",
value=self.load_balancer.load_balancer_dns_name)
def __create_application_load_balancer(
self, target_group: elbv2.ApplicationTargetGroup, vpc: ec2.Vpc):
sub_nets = ec2.SubnetSelection(one_per_az=True,
subnet_type=ec2.SubnetType.PUBLIC)
load_balancer = elbv2.ApplicationLoadBalancer(
self,
id=common.generate_id("ImagizerLoadBalancer"),
vpc=vpc,
internet_facing=True,
vpc_subnets=sub_nets)
listener = load_balancer.add_listener(
common.generate_id("ImagizerHTTPListener"),
port=variables.PUBLIC_PORT,
protocol=elbv2.ApplicationProtocol.HTTP)
listener.add_target_groups(common.generate_id("ImagizerTargetGroup"),
target_groups=[target_group])
common.add_tags(self, load_balancer, variables.IMAGIZER_CLUSTER_TAGS)
core.CfnOutput(self,
common.generate_id("ImagizerClusterEndpointOutput"),
export_name="Endpoint",
value="http://" + load_balancer.load_balancer_dns_name)
return load_balancer
def create_alb(self, vpc, security_group_alb):
# ALB作成
alb = _elbv2.ApplicationLoadBalancer(
self, 'Alb',
vpc=vpc,
load_balancer_name='DEMO-ALB',
security_group=security_group_alb,
vpc_subnets=_ec2.SubnetSelection(subnet_type=_ec2.SubnetType.PUBLIC),
internet_facing=True,
)
# ターゲットグループ作成
tg_blue = create_target_group(self, vpc, 'DEMO-BLUE-TG')
tg_green = create_target_group(self, vpc, 'DEMO-GREEN-TG')
# リスナー追加
# <Product>
listenerProduct = alb.add_listener(
'AlbAddListnerProduct',
port=80
)
listenerProduct.add_target_groups(
'AlbAddTgProduct',
target_groups=[tg_blue]
)
# <Test>
listenerTest = alb.add_listener(
'AlbAddListnerTest',
port=8080
)
listenerTest.add_target_groups(
'AlbAddTgTest',
target_groups=[tg_green]
)
def createResources(self, ns):
# Create ALB
self.bentoALB = elbv2.ApplicationLoadBalancer(self, "bento-alb",
vpc=self.bentoVPC,
load_balancer_name="{}-alb".format(ns),
internet_facing=True)
def __init__(self, scope: core.Construct, id: str, vpc, **kwargs) -> None:
super().__init__(scope, id, **kwargs)
alb = elb.ApplicationLoadBalancer(self,
"myALB",
vpc=vpc,
internet_facing=True,
load_balancer_name="myALB")
alb.connections.allow_from_any_ipv4(ec2.Port.tcp(80),
"Internet access ALB 80")
listener = alb.add_listener("my80", port=80, open=True)
self.asg = autoscaling.AutoScalingGroup(
self,
"myASG",
vpc=vpc,
vpc_subnets=ec2.SubnetSelection(
subnet_type=ec2.SubnetType.PRIVATE),
instance_type=ec2.InstanceType(instance_type_identifier=ec2_type),
machine_image=linux_ami,
# key_name=key_name,
user_data=ec2.UserData.custom(userdata),
desired_capacity=1,
min_capacity=1,
max_capacity=2,
)
self.asg.connections.allow_from_any_ipv4(
ec2.Port.tcp(22), "Access SSH port of EC2 in Autoscaling Instance")
self.asg.connections.allow_from(
alb, ec2.Port.tcp(80),
"ALB access 80 port of EC2 in Autoscaling Group")
listener.add_targets("addTargetGroup", port=80, targets=[self.asg])
core.CfnOutput(self,
"OUTPUT_ALB_DNS",
value=alb.load_balancer_dns_name)
def __init__(self, app: core.App, id: str) -> None:
super().__init__(app, id)
vpc = ec2.Vpc(self, "VPC")
asg = autoscaling.AutoScalingGroup(
self,
"ASG",
vpc=vpc,
instance_type=ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2,
ec2.InstanceSize.MICRO),
machine_image=ec2.AmazonLinuxImage(),
)
lb = elbv2.ApplicationLoadBalancer(self,
"LB",
vpc=vpc,
internet_facing=True)
listener = lb.add_listener("Listener", port=80)
listener.add_targets("Target", port=80, targets=[asg])
listener.connections.allow_default_port_from_any_ipv4(
"Open to the world")
asg.scale_on_request_count("AModestLoad", target_requests_per_second=1)
def __init__(self, app: core.App, id: str) -> None:
super().__init__(app, id)
vpc = ec2.Vpc(self, "VPC")
data = open("./httpd.sh", "rb").read()
httpd=ec2.UserData.for_linux()
httpd.add_commands(str(data,'utf-8'))
asg = autoscaling.AutoScalingGroup(
self,
"ASG",
vpc=vpc,
instance_type=ec2.InstanceType.of(
ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.MICRO
),
machine_image=ec2.AmazonLinuxImage(generation=ec2.AmazonLinuxGeneration.AMAZON_LINUX_2),
user_data=httpd,
)
lb = elbv2.ApplicationLoadBalancer(
self, "LB",
vpc=vpc,
min_capacity=1,
max_capacity=3,
desired_capacity=2,
internet_facing=True)
listener = lb.add_listener("Listener", port=80)
listener.add_targets("Target", port=80, targets=[asg])
listener.connections.allow_default_port_from_any_ipv4("Open to the world")
asg.scale_on_request_count("AModestLoad", target_requests_per_second=1)
core.CfnOutput(self,"LoadBalancer",export_name="LoadBalancer",value=lb.load_balancer_dns_name)
def __init__(self, scope: core.Construct, id: str, vpc, redis,
**kwargs) -> None:
super().__init__(scope, id, **kwargs)
self.ecr = _ecr.Repository(self, "ecrRepo")
self.ecs_cluster = _ecs.Cluster(self,
"ecsCluster",
container_insights=True,
vpc=vpc)
self.task_definition = _ecs.FargateTaskDefinition(self,
"taskDefinition",
memory_limit_mib=512,
cpu=256)
self.docker_image = _ecr_assets.DockerImageAsset(self,
"dockerImage",
directory="./code")
self.container = self.task_definition.add_container(
"testContainer",
image=_ecs.ContainerImage.from_docker_image_asset(
self.docker_image),
logging=_ecs.LogDriver.aws_logs(stream_prefix="containerlogs"),
environment={
"STAGE": "dev",
"REDIS_ENDPOINT": redis.attr_configuration_end_point_address
},
)
self.container.add_port_mappings(
_ecs.PortMapping(container_port=5000, protocol=_ecs.Protocol.TCP))
self.service = _ecs.FargateService(
self,
"fargateService",
cluster=self.ecs_cluster,
task_definition=self.task_definition,
desired_count=3,
vpc_subnets=_ec2.SubnetSelection(subnets=vpc.private_subnets),
security_groups=[vpc.sg])
self.lb = _elbv2.ApplicationLoadBalancer(self,
"alb",
vpc=vpc,
security_group=vpc.sg,
internet_facing=True)
listener = self.lb.add_listener("listener", port=80)
self.target_group = listener.add_targets("fargateTarget",
port=80,
targets=[self.service])
core.CfnOutput(self,
"albDnsName",
value=self.lb.load_balancer_dns_name)
def __init__(self, app: core.App, id: str, **kwargs) -> None:
super().__init__(app, id, **kwargs)
env_name = self.node.try_get_context('env')
vpc = ec2.Vpc(self, id=f"{env_name}VPC")
data = open("./pr_stacks/httpd.sh", "rb").read()
httpd=ec2.UserData.for_linux()
httpd.add_commands(str(data,'utf-8'))
asg = autoscaling.AutoScalingGroup(
self,
id=f"{env_name}-ASG",
vpc=vpc,
instance_type=ec2.InstanceType.of(
ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.MICRO
),
machine_image=ec2.AmazonLinuxImage(generation=ec2.AmazonLinuxGeneration.AMAZON_LINUX_2),
user_data=httpd,
min_capacity=2,
max_capacity=5
)
lb = elbv2.ApplicationLoadBalancer(
self, "LB",
vpc=vpc,
internet_facing=True)
"""
Listeners: For every load balancer, regardless of the type used,
you must configure at least one listener. The listener defines how your
inbound connections are routed to your target groups based on ports
and protocols set as conditions. The configurations of the listener
itself differ slightly depending on which ELB you have selected.
"""
listener = lb.add_listener(id=f"{env_name}-Listener", port=80)
"""
Target Groups: A target group is simply a group of your resources that
you want your ELB to route requests to, such as a fleet of EC2 instances.
You can configure the ELB with a number of different target groups, each
associated with a different listener configuration and associated rules.
This enables you to route traffic to different resources based upon the
type of request.
"""
listener.add_targets(id=f"{env_name}-Target", port=80, targets=[asg])
listener.connections.allow_default_port_from_any_ipv4(description="Open to the world")
asg.scale_on_request_count(id=f"{env_name}-AModestLoad", target_requests_per_second=1)
core.CfnOutput(self,"LoadBalancer",export_name="LoadBalancer",value=f"http://{lb.load_balancer_dns_name}")
def alb_app(self, vpc, alb_name="adl_lb"):
alb_app = elbv2.ApplicationLoadBalancer(
self,
"alb" + alb_name,
http2_enabled=True,
vpc=vpc['vpc'],
deletion_protection=False,
internet_facing=True,
load_balancer_name=alb_name,
vpc_subnets=ec2.SubnetSelection(subnet_type=ec2.SubnetType.PUBLIC))
return alb_app
def create_load_balancer(scope: core.Construct, vpc: ec2.IVpc):
return elbv2.ApplicationLoadBalancer(
scope,
'loadBalancer',
vpc=vpc,
deletion_protection=False,
http2_enabled=True,
idle_timeout=core.Duration.seconds(60),
internet_facing=True,
vpc_subnets=ec2.SubnetSelection(subnet_type=ec2.SubnetType.PUBLIC),
)
def __init__(self, scope: cdk.Construct, construct_id: str,
**kwargs) -> None:
super().__init__(scope, construct_id, **kwargs)
ecs_vpc = aws_ec2.Vpc(
self, "EcsVPC",
max_azs=2) # minimum number of AZs is 2 for this stack to deploy
ecs_vpc.apply_removal_policy(cdk.RemovalPolicy.DESTROY)
ecs_cluster = aws_ecs.Cluster(self, "EcsCluster", vpc=ecs_vpc)
ecs_taskdefinition = aws_ecs.FargateTaskDefinition(
self, "EcsTaskDefinition")
ecs_taskdefinition.add_container(
"ecsContainer",
image=aws_ecs.ContainerImage.from_registry(
'coderaiser/cloudcmd:latest'), # change image here
cpu=256,
memory_limit_mib=512,
port_mappings=[aws_ecs.PortMapping(container_port=8000)
] # container port used for the image
)
ecs_fargate_service = aws_ecs.FargateService(
self,
"FargateService",
cluster=ecs_cluster,
task_definition=ecs_taskdefinition)
ecs_application_lb = aws_elasticloadbalancingv2.ApplicationLoadBalancer(
self, "EcsAlb", vpc=ecs_vpc, internet_facing=True)
alb_listener = ecs_application_lb.add_listener("AlbListener", port=80)
ecs_tg = alb_listener.add_targets(
"EcsTG",
port=80,
targets=[
ecs_fargate_service.load_balancer_target(
container_name="ecsContainer",
container_port=8000 # container port used for the image
)
])
cdk.CfnOutput(
self,
"WebUrl",
description="URL from the load balancer",
value=f"http://{ecs_application_lb.load_balancer_dns_name}/")
def __init__(self, scope: core.Construct, construct_id: str, vpc,
**kwargs) -> None:
super().__init__(scope, construct_id, **kwargs)
# The code that defines your stack goes here
alb = elbv2.ApplicationLoadBalancer(self,
"ALB",
vpc=vpc,
internet_facing=True)
listener = alb.add_listener("Listener", port=80, open=True)
security_group = ec2.SecurityGroup(
self,
"SecurityGroup",
vpc=vpc,
description="Allow access to ec2 instances",
allow_all_outbound=True)
security_group.add_ingress_rule(ec2.Peer.any_ipv4(), ec2.Port.tcp(80),
"allow HTTP access from the world")
security_group.add_ingress_rule(ec2.Peer.any_ipv4(), ec2.Port.tcp(22),
"allow ssh access from the world")
asg = autoscaling.AutoScalingGroup(
self,
"ASG",
vpc=vpc,
instance_type=ec2.InstanceType("t3.small"),
machine_image=ec2.MachineImage.generic_linux(
{"ap-east-1": "ami-0312f467545f742c4"}),
min_capacity=2,
max_capacity=5,
security_group=security_group,
# block_devices=[autoscaling.BlockDevice(
# device_name="EBSApp",
# volume=autoscaling.BlockDeviceVolume.ebs(20,
# encrypted=True
# )
# )]
)
asg.scale_on_cpu_utilization("KeepSpareCPU",
target_utilization_percent=70)
group = listener.add_targets("ApplicationFleet",
port=80,
targets=[asg])
# Output
core.CfnOutput(self, "Output", value=alb.load_balancer_dns_name)
self.security_group = security_group
self.alb = alb
def __init__(self, app: core.App, id: str) -> None:
super().__init__(app, id)
vpc = ec2.Vpc(self, "VPC")
data = open("./httpd.sh", "rb").read()
httpd = ec2.UserData.for_linux()
httpd.add_commands(str(data, 'utf-8'))
asg = autoscaling.AutoScalingGroup(
self,
"ASG",
vpc=vpc,
instance_type=ec2.InstanceType.of(
ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.MICRO
),
machine_image=ec2.AmazonLinuxImage(generation=ec2.AmazonLinuxGeneration.AMAZON_LINUX_2),
user_data=httpd,
)
lb = elbv2.ApplicationLoadBalancer(
self, "LB",
vpc=vpc,
internet_facing=True)
listener = lb.add_listener("Listener", port=80)
listener.add_targets("Target", port=80, targets=[asg])
listener.connections.allow_default_port_from_any_ipv4("Open to the world")
asg.scale_on_request_count("AModestLoad", target_requests_per_second=1)
core.CfnOutput(self, "LoadBalancer", export_name="LoadBalancer", value=lb.load_balancer_dns_name)
# === #
# WAF #
# === #
# TODO #10 apply the web_acl to a resource
# no method to apply the web_acl to a resource in version 1.75.0
web_acl = wafv2.CfnWebACL(
scope_=self,
id="waf",
default_action=wafv2.CfnWebACL.DefaultActionProperty(),
scope="REGIONAL",
visibility_config=wafv2.CfnWebACL.VisibilityConfigProperty(
cloud_watch_metrics_enabled=True,
metric_name="waf-web-acl",
sampled_requests_enabled=True
)
)
def __init__(self, scope: core.Construct, construct_id: str,
**kwargs) -> None:
super().__init__(scope, construct_id, **kwargs)
# The code that defines your stack goes here
vpc = ec2.Vpc(self, "MyVPC")
data = open("./user_data.sh", "rb").read()
httpd = ec2.UserData.for_linux()
httpd.add_commands(str(data, 'utf-8'))
_asg = asg.AutoScalingGroup(
self,
"ASG",
vpc=vpc,
instance_type=ec2.InstanceType(
instance_type_identifier="t2.large"),
machine_image=ec2.AmazonLinuxImage(
generation=ec2.AmazonLinuxGeneration.AMAZON_LINUX_2,
storage=ec2.AmazonLinuxStorage.GENERAL_PURPOSE,
),
user_data=httpd,
vpc_subnets=ec2.SubnetSelection(subnet_type=ec2.SubnetType.PUBLIC),
desired_capacity=2,
auto_scaling_group_name="FirstASG")
_asg.scale_on_cpu_utilization("ScaleOnCPU_Utilization",
target_utilization_percent=50)
alb = elb.ApplicationLoadBalancer(
self,
"ALB",
vpc=vpc,
vpc_subnets=ec2.SubnetSelection(subnet_type=ec2.SubnetType.PUBLIC),
load_balancer_name="FirstALB",
internet_facing=True)
listener = alb.add_listener("Listener", port=80)
listener.add_targets("Target", port=80, targets=[_asg])
listener.connections.allow_from_any_ipv4(
ec2.Port.tcp(80), "Allows HTTP from the World to call")
core.CfnOutput(self,
"LoadBalancer",
export_name="LoadBalancer",
value=alb.load_balancer_dns_name)
def __init__(self, scope: core.Construct, id: str, vpc: ec2.IVpc, **kwargs) -> None:
super().__init__(scope, id, **kwargs)
# Fargate cluster
self.cluster = ecs.Cluster(
scope = self,
id = 'ecs-dev-cluster',
cluster_name = 'ecs-dev-cluster',
vpc = vpc
)
# Or add customized capacity. Be sure to start the Amazon ECS-optimized AMI.
self.auto_scaling_group1 = autoscaling.AutoScalingGroup(self, "ASG1",
vpc=vpc,
instance_type=ec2.InstanceType("t2.xlarge"),
machine_image=ecs.EcsOptimizedImage.amazon_linux(),
update_type=autoscaling.UpdateType.REPLACING_UPDATE,
# Or use Amazon ECS-Optimized Amazon Linux 2 AMI
# machineImage: EcsOptimizedImage.amazonLinux2(),
desired_capacity=3
)
self.auto_scaling_group2 = autoscaling.AutoScalingGroup(self, "ASG2",
vpc=vpc,
instance_type=ec2.InstanceType("t2.xlarge"),
machine_image=ecs.EcsOptimizedImage.amazon_linux(),
update_type=autoscaling.UpdateType.REPLACING_UPDATE,
# Or use Amazon ECS-Optimized Amazon Linux 2 AMI
# machineImage: EcsOptimizedImage.amazonLinux2(),
desired_capacity=3
)
self.cluster.add_auto_scaling_group(self.auto_scaling_group1)
self.cluster.add_auto_scaling_group(self.auto_scaling_group2)
self.lb = elbv2.ApplicationLoadBalancer(
self, "LB",
vpc=vpc,
internet_facing=True
)
self.listener1 = self.lb.add_listener("Listener1", port=80)
self.listener1.add_targets("Target", port=80, targets=[self.auto_scaling_group1])
self.listener1.connections.allow_default_port_from_any_ipv4("Open to the world")
self.listener2 = self.lb.add_listener("Listener2", port=8080)
self.listener2.add_targets("Target", port=8080, targets=[self.auto_scaling_group2])
self.listener2.connections.allow_default_port_from_any_ipv4("Open to the world")
def __init__(self, scope: core.Construct, id: str, vpc, **kwargs) -> None:
super().__init__(scope, id, **kwargs)
#Creating Bastion
bastion = ec2.BastionHostLinux(self,
'webapp-bastion',
vpc=vpc,
subnet_selection=ec2.SubnetSelection(
subnet_type=ec2.SubnetType.PUBLIC))
bastion.instance.instance.add_property_override("KeyName", key_name)
bastion.connections.allow_from_any_ipv4(ec2.Port.tcp(22),
"Internet access SSH")
#Creating AutoScaling group
self.asg = autoscaling.AutoScalingGroup(
self,
"webapp-autoscaling",
vpc=vpc,
vpc_subnets=ec2.SubnetSelection(
subnet_type=ec2.SubnetType.PRIVATE),
instance_type=ec2.InstanceType(instance_type_identifier=ec2_type),
machine_image=linux_ami,
key_name=key_name,
user_data=ec2.UserData.custom(user_data),
desired_capacity=2,
min_capacity=2,
max_capacity=2,
)
#Creating Load Balancer
alb = elb.ApplicationLoadBalancer(self,
"webapp-alb",
vpc=vpc,
internet_facing=True,
load_balancer_name="webapp-alb")
alb.connections.allow_from_any_ipv4(ec2.Port.tcp(80),
"Internet access ALB 80")
listener = alb.add_listener("my80", port=80, open=True)
#Final Configuration
self.asg.connections.allow_from(
alb, ec2.Port.tcp(80),
"ALB access 80 port of EC2 in Autoscaling Group")
listener.add_targets("addTargetGroup", port=80, targets=[self.asg])
core.CfnOutput(self, "Output", value=alb.load_balancer_dns_name)
def __create_application_load_balancer__(self):
alb = elb.ApplicationLoadBalancer(
self,
"frontend-alb",
security_group=self.alb_security_group,
vpc=self.network_stack.vpc,
vpc_subnets=ec2.SubnetSelection(one_per_az=True,
subnet_type=ec2.SubnetType.PUBLIC),
internet_facing=True,
load_balancer_name="acme-frontend-public-alb")
alb_listener_http = elb.ApplicationListener(
self, "frontend-alb-http-listener", load_balancer=alb, port=80)
alb.log_access_logs(self.logs_bucket)
return alb
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None:
super().__init__(scope, id, **kwargs)
self.alb = elbv2.ApplicationLoadBalancer(self,
"ALB",
internet_facing=True,
vpc=scope.vpc)
self.alb.connections.allow_from_any_ipv4(ec2.Port.tcp(80),
"Internet access ALB 80")
self.alb.connections.allow_from_any_ipv4(ec2.Port.tcp(443),
"Internet access ALB 443")
self.listener = self.alb.add_listener("ALBListener",
port=80,
open=True)
self.https_listener = self.alb.add_listener(
"HTTPSListener",
port=443,
certificates=[scope.certificate],
open=True,
)
# self.listener.add_redirect_response(
# 'RedirectNonHttpsTraffic', status_code="HTTP_301", port="443"
# )
self.default_target_group = elbv2.ApplicationTargetGroup(
self,
"DefaultTargetGroup",
port=80,
protocol=elbv2.ApplicationProtocol.HTTP,
vpc=scope.vpc,
target_type=elbv2.TargetType.IP,
)
self.listener.add_target_groups(
"DefaultTargetGroup", target_groups=[self.default_target_group])
self.https_listener.add_target_groups(
"HTTPSDefaultTargetGroup",
target_groups=[self.default_target_group],
)
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None:
super().__init__(scope, id, **kwargs)
vpc = ec2.Vpc(self,
'OurDemoVPC',
cidr='10.1.0.0/16',
max_azs=2,
subnet_configuration=[
{
'cidrMask': 24,
'name': 'Web',
'subnetType': ec2.SubnetType.PUBLIC
},
{
'cidrMask': 24,
'name': 'Application',
'subnetType': ec2.SubnetType.PRIVATE
},
])
asg = autoscaling.AutoScalingGroup(
self,
"ASG",
vpc=vpc,
instance_type=ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2,
ec2.InstanceSize.MICRO),
machine_image=ec2.AmazonLinuxImage())
asg.add_user_data("""
yum update -y
yum install httpd -y
echo 'Hello from the CDK' > /var/www/html/index.html
service httpd start
chkconfig httpd on
""")
lb = elbv2.ApplicationLoadBalancer(self,
"LB",
vpc=vpc,
internet_facing=True)
listener = lb.add_listener("Listener", port=80)
listener.add_targets("Target", port=80, targets=[asg])
listener.connections.allow_default_port_from_any_ipv4(
"Open to the world")
def __init__(self, app: core.App, id: str, vpc, asg, **kwargs) -> None:
super().__init__(app, id, **kwargs)
lb = elbv2.ApplicationLoadBalancer(
scope = self, id = "LB",
vpc=vpc,
internet_facing=True,
load_balancer_name = "webapp-alb"
)
listener = lb.add_redirect(source_port=80, target_port=443)
listener.connections.allow_default_port_from_any_ipv4("Open to the world")
# https_listener = lb.add_listener("HTTPS listener", port=443)
# https_listener.add_targets("Target", port=80, targets=[asg])
# https_listener.connections.allow_default_port_from_any_ipv4("Listen on HTTPS")
core.CfnOutput(self,"LoadBalancer",export_name="LoadBalancer",value=lb.load_balancer_dns_name)
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None:
super().__init__(scope, id, **kwargs)
lab03_vpc=ec2.Vpc(self,"Lab03-vpc",nat_gateways=1)
#read and base64 encode userdata file
data = open("../resource/httpd.sh", "rb").read()
encodedBytes = base64.encodebytes(data)
encodedStr = str(encodedBytes, "utf-8")
#create UserData
httpd=ec2.UserData.for_linux()
httpd.add_commands(str(data,'utf-8'))
#create AutoScaling Group
ami=ec2.AmazonLinuxImage(generation=ec2.AmazonLinuxGeneration.AMAZON_LINUX_2) #get AMAZON Linux 2 AMI
#ec2.GenericWindowsImage({"cn-northwest-1":"ami-123123"})
asg=autoscaling.AutoScalingGroup(
self,
"aws-cdk-asg",
vpc=lab03_vpc,
#machine_image= ec2.GenericWindowsImage({"cn-northwest-1":"ami-00d0173a6c8a76d5f"}), #use custom ami
machine_image= ami,
instance_type=ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.MICRO),
user_data=httpd,
min_capacity=1,
desired_capacity=2,
max_capacity=2,
)
#create Elastic Load Balancer
listener_port = 8080
lab03_alb=elb.ApplicationLoadBalancer(self,"lab03_alb",vpc=lab03_vpc,internet_facing=True)
alb_listener=lab03_alb.add_listener("lab03_alb_listener",port=listener_port)
alb_listener.add_targets('Target',port=80,targets=[asg])
#output ALB DNS
core.CfnOutput(self,"Lab03ALB",export_name="Lab03ALB",value=lab03_alb.load_balancer_dns_name+":"+str(listener_port))
def ELB_SVC(self, ZachECSNodeName, TaskName, ZachTaskDef, cluster, vpc):
ecs_service = ecs.Ec2Service(
self,
id=ZachECSNodeName + TaskName,
task_definition=ZachTaskDef,
cluster=cluster,
desired_count=2,
security_group=self.VPC_SG(TaskName, vpc),
assign_public_ip=True,
# health_check_grace_period=core.Duration.seconds(30), # Health check grace period is only valid for services configured to use load balancers
service_name=ZachECSNodeName + TaskName)
# Create ALB
lb = elb.ApplicationLoadBalancer(self,
ZachECSNodeName + TaskName + "-LB",
vpc=vpc,
internet_facing=True)
listener = lb.add_listener(ZachECSNodeName + TaskName +
"PublicListener",
port=80,
open=True)
health_check = elb.HealthCheck(interval=core.Duration.seconds(60),
path="/health",
timeout=core.Duration.seconds(5))
# Attach ALB to ECS Service
listener.add_targets(
ZachECSNodeName + TaskName + "-ECS",
port=80,
targets=[ecs_service],
health_check=health_check,
)
core.CfnOutput(self,
ZachECSNodeName + TaskName + "-LoadBalancerDNS",
value=lb.load_balancer_dns_name)
core.CfnOutput(self,
id=ZachECSNodeName + TaskName + "-ServiceName",
value=ecs_service.service.service_name)
core.CfnOutput(self,
id=ZachECSNodeName + TaskName + "-ServiceARN",
value=ecs_service.service.service_arn)
return ecs_service
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None:
super().__init__(scope, id, **kwargs)
# The code that defines your stack goes here
#Creating vpc
vpc = ec2.Vpc(self, "test_vpc_id")
#Creating a basic web application to view
data = open("./httpd.sh", "rb").read()
httpd = ec2.UserData.for_linux()
httpd.add_commands(str(data, 'utf-8'))
# Auto-scaling group and instance creation
asginstances = asg.AutoScalingGroup(
self,
"ASG",
vpc=vpc,
instance_type=ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2,
ec2.InstanceSize.MICRO),
machine_image=ec2.AmazonLinuxImage(
generation=ec2.AmazonLinuxGeneration.AMAZON_LINUX_2),
desired_capacity=2,
max_capacity=2,
min_capacity=0,
user_data=httpd)
#Creating ALB and allowing internet access
lb = alb.ApplicationLoadBalancer(self,
'LB',
vpc=vpc,
internet_facing=True)
#ALB listening on port 80
listener = lb.add_listener("Listener", port=80)
#Add the ASG as targets for the ALB
listener.add_targets("Target", port=80, targets=[asginstances])
listener.connections.allow_default_port_from_any_ipv4(
"Forwarding port 80 to the ASG")
#Print out the ALB url to show web instance application
core.CfnOutput(self,
"LoadBalancer",
export_name="Bananatag",
value=lb.load_balancer_dns_name)
def __init__(self, scope: core.Construct, construct_id: str, vpc: ec2.Vpc,
**kwargs) -> None:
super().__init__(scope, construct_id, **kwargs)
self.elb_security_group = ec2.SecurityGroup(
self,
"ELBSG",
vpc=vpc,
allow_all_outbound=True,
description="Group for the ELB")
self.elb_security_group.add_ingress_rule(
peer=ec2.Peer.any_ipv4(),
connection=ec2.Port.tcp(80),
description="Allow HTTP access")
self.elb_security_group.add_ingress_rule(
peer=ec2.Peer.any_ipv4(),
connection=ec2.Port.tcp(443),
description="Allow HTTPS access")
lb = elbv2.ApplicationLoadBalancer(
self,
"ELB",
vpc=vpc,
internet_facing=True,
vpc_subnets=ec2.SubnetSelection(subnets=vpc.public_subnets))
health_check = elbv2.HealthCheck(enabled=True,
healthy_http_codes="200",
healthy_threshold_count=3,
interval=core.Duration.seconds(15),
path="/pi",
timeout=core.Duration.seconds(10),
unhealthy_threshold_count=3)
blue_target_group = elbv2.ApplicationTargetGroup(
self,
"BlueTargetGroup",
port=8224,
protocol=elbv2.ApplicationProtocol.HTTP,
stickiness_cookie_duration=core.Duration.days(30),
health_check=health_check,
target_type=elbv2.TargetType.IP,
vpc=vpc)
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None:
super().__init__(scope, id, **kwargs)
s3 = _s3.Bucket(self, "Mervis3bucket")
queue = sqs.Queue(self, "MerviSQSQueue")
vpc = ec2.Vpc.from_lookup(self, "VPC", is_default=True)
amzn_linux = ec2.MachineImage.latest_amazon_linux(
generation=ec2.AmazonLinuxGeneration.AMAZON_LINUX_2,
edition=ec2.AmazonLinuxEdition.STANDARD,
virtualization=ec2.AmazonLinuxVirt.HVM,
storage=ec2.AmazonLinuxStorage.GENERAL_PURPOSE)
sg_ec2 = ec2.SecurityGroup(self,
id="sg_ec2",
vpc=vpc,
security_group_name="sg_ec2")
# sg_ec2.add_ingress_rule(ec2.Peer.any_ipv4(), ec2.Port.tcp(80))
instance = ec2.Instance(self,
"Instance",
instance_type=ec2.InstanceType("t2.micro"),
machine_image=amzn_linux,
vpc=vpc,
security_group=sg_ec2)
sg_alb = ec2.SecurityGroup(self,
id="sg_alb",
vpc=vpc,
security_group_name="sg_alb")
sg_alb.add_ingress_rule(ec2.Peer.any_ipv4(), ec2.Port.tcp(80))
sg_ec2.connections.allow_from(sg_alb, ec2.Port.tcp(80), "Ingress")
lb = elbv2.ApplicationLoadBalancer(self,
"ALB",
vpc=vpc,
security_group=sg_alb,
internet_facing=True)
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None:
super().__init__(scope, id, **kwargs)
Zach_LB_Name = self.__class__.__name__
LB_VPC = ec2.Vpc.from_lookup(self, id="Zach_VPC_Stack_A", vpc_id="vpc-01e73b4b5c6f9f98a")
LB_SG = ec2.SecurityGroup.from_security_group_id(self,id=Zach_LB_Name+"-SG",security_group_id="sg-07a1d71bba92f38ca")
LB_Subnet = ec2.SubnetSelection(subnet_type=ec2.SubnetType.PUBLIC)
Zach_LB = elb.ApplicationLoadBalancer(self, id=Zach_LB_Name,
idle_timeout=core.Duration.seconds(5),
ip_address_type=elb.IpAddressType.IPV4,
security_group=LB_SG,
vpc=LB_VPC,
deletion_protection=True,
vpc_subnets=LB_Subnet,
internet_facing=True,
http2_enabled=True
)
# LB_Targets = elb.CfnTargetGroup(self,id=Zach_LB_Name,targets=[{
# "AvailabilityZone": "ap-southeast-1",
# "id": "i-0735304dcf665f40e",
# "Port": 80
# }])
LB_Targets = self._add_autoscaling_group(LB_VPC,LB_Subnet,LB_SG,'aws-sg-root')
Zach_LB_Listener = Zach_LB.add_listener(id=Zach_LB_Name + "_" + str(80), open=True,port=80,protocol=elb.ApplicationProtocol.HTTP)
Zach_LB_Listener.add_targets(id=Zach_LB_Name,health_check = elb.HealthCheck(healthy_http_codes="200,301,302,401,403,405",
healthy_threshold_count=3,
unhealthy_threshold_count=5,
path="/",
interval=core.Duration.seconds(30)),
port = 80,
protocol = elb.ApplicationProtocol.HTTP,
# priority = 100,
# path_pattern = '/',
stickiness_cookie_duration = core.Duration.hours(12),
targets=[LB_Targets],
# target_group_name=LB_Targets.auto_scaling_group_name
)
Zach_LB_Listener.connections.allow_default_port_from_any_ipv4("Open to the world")
core.CfnOutput(self, "LoadBalancerDNS", export_name="LoadBalancerDNS", value=Zach_LB.load_balancer_dns_name)
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None:
super().__init__(scope, id, **kwargs)
# The code that defines your stack goes here
my_lambda = _lambda.Function(
self,
'HelloHandler',
runtime=_lambda.Runtime.PYTHON_3_7,
code=_lambda.Code.asset('lambda'),
handler='hello.handler',
)
version01 = _lambda.Version(self, "version01", lambda_=my_lambda)
alias_beta = _lambda.Alias(self,
"alias_beta",
alias_name="beta",
version=version01)
#当我创建v3的时候我可以使用下面的代码,为v2创建一个新的别名alias_v2
#v2=_lambda.Version.from_version_arn(self,"v",version_arn="arn:aws-cn:lambda:cn-northwest-1:188642756190:function:lab08-HelloHandler2E4FBA4D-1D2KNU1L6W08T:2")
#alias_v2= _lambda.Alias(self,"alias_v2",alias_name="alias_v2",version=version01)
#始终保持别名prod在最新的版本
alias_prod = _lambda.Alias(self,
"prod",
alias_name="prod",
version=my_lambda.current_version)
# v5=_lambda.Version.from_version_arn(self,"v5",version_arn="arn:aws-cn:lambda:cn-northwest-1:188642756190:function:lab08-HelloHandler2E4FBA4D-1UZFGVUVZPTQJ:5")
# alias_prod= _lambda.Alias(self,"prod",alias_name="prod",version=v5)
lab03_alb = elb.ApplicationLoadBalancer(self,
"lab03_alb",
vpc=lab03_vpc,
internet_facing=True)
alb_listener = lab03_alb.add_listener("lab03_alb_listener", port=80)
alb_listener.add_targets('Target',
targets=[_targets.LambdaTarget(fn=my_lambda)])
def __init__(self, scope: core.Construct, id: str, vpc: ec2.IVpc,
instances: list, certificate_arn: str, **kwargs):
super().__init__(scope, id, **kwargs)
health_check = elbv2.HealthCheck(path="/",
healthy_http_codes="200-399")
public_target_group = elbv2.ApplicationTargetGroup(
self, "PublicTG", port=8080, vpc=vpc, health_check=health_check)
for instance in instances:
public_target_group.add_target(
elbv2.InstanceTarget(instance.instance_id, port=8080))
self._public_security_group = ec2.SecurityGroup(self,
"PublicLBSG",
vpc=vpc)
self._public_security_group.add_ingress_rule(ec2.Peer.any_ipv4(),
ec2.Port.tcp(443))
self._public_lb = elbv2.ApplicationLoadBalancer(
self,
"PublicLB",
vpc=vpc,
vpc_subnets=ec2.SubnetSelection(subnets=vpc.select_subnets(
subnet_type=ec2.SubnetType.PUBLIC).subnets),
internet_facing=True,
security_group=self._public_security_group)
self._public_lb.add_listener(
"PublicLBListener",
certificates=[elbv2.ListenerCertificate(certificate_arn)],
port=443,
default_target_groups=[public_target_group])
core.CfnOutput(self,
"CloudIDE URL",
value="https://{}".format(
self._public_lb.load_balancer_dns_name))
def __init__(self, scope: core.Construct, construct_id: str, vpc: ec2.Vpc, auto_scaling: autoscaling.AutoScalingGroup, **kwargs) -> None:
self.elb = elb.ApplicationLoadBalancer(
scope, 'ALB-WebGroup',
vpc=vpc,
internet_facing=True,
vpc_subnets=ec2.SubnetSelection(subnets=vpc.public_subnets)
)
listener = self.elb.add_listener('Listener', port=80, open=True)
# For the healthcheck I could leave most of parameters blank as the default would sufface, but I put them here for reference later.
listener.add_targets(
'WebFleet',
port=80,
targets=[auto_scaling],
health_check=elb.HealthCheck(
enabled=True,
healthy_http_codes='200-399',
interval=core.Duration.seconds(30),
path='/index.php'
)
)
