def __init__(self, app: core.App, id: str) -> None: super().__init__(app, id) vpc = ec2.Vpc(self, "DemoVPC") data_blue = open("./httpd-blue.sh", "rb").read() httpd_blue = ec2.UserData.for_linux() httpd_blue.add_commands(str(data_blue, 'utf-8')) asg_blue = autoscaling.AutoScalingGroup( self, "ASG-Blue", vpc=vpc, instance_type=ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.MICRO), machine_image=ec2.AmazonLinuxImage( generation=ec2.AmazonLinuxGeneration.AMAZON_LINUX_2), user_data=httpd_blue, ) data_green = open("./httpd-green.sh", "rb").read() httpd_green = ec2.UserData.for_linux() httpd_green.add_commands(str(data_green, 'utf-8')) asg_green = autoscaling.AutoScalingGroup( self, "ASG-Green", vpc=vpc, instance_type=ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.MICRO), machine_image=ec2.AmazonLinuxImage( generation=ec2.AmazonLinuxGeneration.AMAZON_LINUX_2), user_data=httpd_green, ) lb = elbv2.ApplicationLoadBalancer(self, "LB", vpc=vpc, internet_facing=True) listener = lb.add_listener("Listener", port=80) listener.add_targets("Target", port=80, targets=[asg_blue]) listener.connections.allow_default_port_from_any_ipv4( "Open to the world") asg_blue.scale_on_request_count("AModestLoad", target_requests_per_second=1) core.CfnOutput(self, "LoadBalancer", export_name="LoadBalancer", value=lb.load_balancer_dns_name)
def __init__(self, scope: core.Construct, id: str, vpc, **kwargs) -> None: super().__init__(scope, id, **kwargs) alb = elb.ApplicationLoadBalancer(self, "myALB", vpc=vpc, internet_facing=True, load_balancer_name="myALB") alb.connections.allow_from_any_ipv4(ec2.Port.tcp(80), "Internet access ALB 80") listener = alb.add_listener("my80", port=80, open=True) self.asg = autoscaling.AutoScalingGroup( self, "myASG", vpc=vpc, vpc_subnets=ec2.SubnetSelection( subnet_type=ec2.SubnetType.PRIVATE), instance_type=ec2.InstanceType(instance_type_identifier=ec2_type), machine_image=linux_ami, # key_name=key_name, user_data=ec2.UserData.custom(userdata), desired_capacity=1, min_capacity=1, max_capacity=2, ) self.asg.connections.allow_from_any_ipv4( ec2.Port.tcp(22), "Access SSH port of EC2 in Autoscaling Instance") self.asg.connections.allow_from( alb, ec2.Port.tcp(80), "ALB access 80 port of EC2 in Autoscaling Group") listener.add_targets("addTargetGroup", port=80, targets=[self.asg]) core.CfnOutput(self, "OUTPUT_ALB_DNS", value=alb.load_balancer_dns_name)
def create_asg(self, asg_type, vpc, instance_type, ami, userdata, role, key_name, capacity, security_group, device_name, volume_size): # ASG asg = autoscaling.AutoScalingGroup( self, "ASG_" + asg_type, auto_scaling_group_name="ASG_" + asg_type, vpc=vpc, vpc_subnets=ec2.SubnetSelection(subnet_type=ec2.SubnetType.PUBLIC), instance_type=ec2.InstanceType(instance_type), machine_image=ami, user_data=userdata, role=role, key_name=key_name, desired_capacity=capacity, min_capacity=capacity, max_capacity=capacity, security_group=security_group, signals=autoscaling.Signals.wait_for_count( capacity, timeout=core.Duration.minutes(30)), block_devices=[ autoscaling.BlockDevice( device_name=device_name, volume=autoscaling.BlockDeviceVolume.ebs( volume_type=autoscaling.EbsDeviceVolumeType.GP2, volume_size=volume_size, delete_on_termination=True)) ]) return asg
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None: super().__init__(scope, id, *kwargs) vpc = ec2.Vpc( self, "MyVpc", max_azs=2 ) asg = autoscaling.AutoScalingGroup( self, "MyFleet", instance_type=ec2.InstanceType("t2.micro"), machine_image=ecs.EcsOptimizedAmi(), associate_public_ip_address=True, update_type=autoscaling.UpdateType.REPLACING_UPDATE, desired_capacity=3, vpc=vpc, vpc_subnets={ 'subnet_type': ec2.SubnetType.PUBLIC }, ) cluster = ecs.Cluster( self, 'EcsCluster', vpc=vpc ) cluster.add_auto_scaling_group(asg) cluster.add_capacity("DefaultAutoScalingGroup", instance_type=ec2.InstanceType("t2.micro"))
def create_asg(self, vpc): asg = autoscaling.AutoScalingGroup( self, 'SingleInstanceAsg', vpc=vpc, machine_image=ecs.EcsOptimizedAmi(), instance_type=ec2.InstanceType('t2.micro'), vpc_subnets=ec2.SubnetSelection(subnet_type=ec2.SubnetType.PUBLIC), associate_public_ip_address=True, # We only need 1 instance in the ASG max_capacity=1, desired_capacity=1, ) security_group = ec2.SecurityGroup( self, 'GhostSg', vpc=vpc, ) # Allow ingress traffic to port 80 security_group.add_ingress_rule( peer=ec2.Peer.any_ipv4(), connection=ec2.Port.tcp(80), ) # Allow NFS traffic for mounting EFS volumes security_group.add_ingress_rule(peer=ec2.Peer.ipv4('10.0.0.0/16'), connection=ec2.Port.tcp(2049)) asg.add_security_group(security_group) return asg
def __init__(self, app: core.App, id: str) -> None: super().__init__(app, id) vpc = ec2.Vpc(self, "VPC") asg = autoscaling.AutoScalingGroup( self, "ASG", vpc=vpc, instance_type=ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.MICRO), machine_image=ec2.AmazonLinuxImage(), ) lb = elbv2.ApplicationLoadBalancer(self, "LB", vpc=vpc, internet_facing=True) listener = lb.add_listener("Listener", port=80) listener.add_targets("Target", port=80, targets=[asg]) listener.connections.allow_default_port_from_any_ipv4( "Open to the world") asg.scale_on_request_count("AModestLoad", target_requests_per_second=1)
def create_asg_by_service(self, name, userdata_path, key_name, port): role = self.output_props["default_role"] sg = self.output_props["sg"] nlb = self.output_props["nlb"] userdata = ec2.UserData.for_linux() with open(userdata_path, "rb") as f: userdata.add_commands(str(f.read(), 'utf-8')) asg = autoscaling.AutoScalingGroup( self, name, vpc=self.output_props['vpc'], instance_type=ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE3, ec2.InstanceSize.MICRO), machine_image=ec2.AmazonLinuxImage( generation=ec2.AmazonLinuxGeneration.AMAZON_LINUX_2), key_name=key_name, vpc_subnets=ec2.SubnetSelection( subnet_type=ec2.SubnetType.PRIVATE), user_data=userdata, security_group=sg, spot_price="0.005", min_capacity=1, max_capacity=3, desired_capacity=1, role=role, ) nlb.add_listener(name, port=port, protocol=lb.Protocol.TCP) \ .add_targets(name, port=port, targets=[asg])
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None: super().__init__(scope, id, **kwargs) ZachECSName= self.__class__.__name__ vpc = ec2.Vpc( self, ZachECSName+"Vpc", max_azs=2 ) asg = autoscaling.AutoScalingGroup( self, ZachECSName+"SCG" , instance_type=ec2.InstanceType("t3a.nano"), machine_image=ecs.EcsOptimizedAmi(), associate_public_ip_address=True, update_type=autoscaling.UpdateType.REPLACING_UPDATE, desired_capacity=3, vpc=vpc, vpc_subnets={'subnetType': ec2.SubnetType.PUBLIC} ) cluster = ecs.Cluster( self, ZachECSName+"Cluster", vpc=vpc ) cluster.add_auto_scaling_group(asg) cluster.add_capacity(ZachECSName+"AutoScalingGroup", instance_type=ec2.InstanceType("t3a.nano"))
def _add_autoscaling_group( self, vpc: ec2.Vpc, public_subnet, security_group: ec2.SecurityGroup, key_name: str ) -> autoscaling.AutoScalingGroup: """ Add autoscaling group for running ec2 instance automatically """ Zach_Ec2_InstanceImage = ec2.GenericLinuxImage(ami_map={"ap-southeast-1":"ami-048a01c78f7bae4aa"}) ZachInitInstall=ec2.UserData.for_linux() ZachInitInstall.add_commands("yum install -y psmisc nginx") group = autoscaling.AutoScalingGroup( self, 'zach-autoscale', vpc=vpc, instance_type=ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.MICRO), machine_image=Zach_Ec2_InstanceImage, max_capacity=2, vpc_subnets=public_subnet, associate_public_ip_address=True, key_name=key_name, user_data=ec2.UserData.add_commands(self,"yum install -y psmisc nginx") ) group.add_security_group(security_group) core.CfnOutput(self, "ASG-GROUP-ARN", export_name="ASG-GROUP-ARN", value=group.auto_scaling_group_arn) core.CfnOutput(self, "ASG-GROUP", export_name="ASG-GROUP", value=group.auto_scaling_group_name) return group
def __init__(self, scope: core.Construct, id: str, vpc, **kwargs) -> None: super().__init__(scope, id, **kwargs) amzn_linux = ec2.MachineImage.latest_amazon_linux( generation=ec2.AmazonLinuxGeneration.AMAZON_LINUX, edition=ec2.AmazonLinuxEdition.STANDARD, virtualization=ec2.AmazonLinuxVirt.HVM, storage=ec2.AmazonLinuxStorage.GENERAL_PURPOSE) linux = ec2.MachineImage.generic_linux( {"ap-south-1": "ami-0b9d66ddb2a9f47d1"}) data = open("./scripts/userdata/userdata.sh", "rb").read() user_data = ec2.UserData.for_linux() user_data.add_commands(str(data, 'utf-8')) self.auto_scaling_group = autoscaling.AutoScalingGroup( self, "FirstASG", instance_type=ec2.InstanceType('t2.micro'), machine_image=ec2.AmazonLinuxImage( generation=ec2.AmazonLinuxGeneration.AMAZON_LINUX_2), vpc=vpc, user_data=user_data, desired_capacity=6, key_name="ap-south-1", min_capacity=1, vpc_subnets=ec2.SubnetSelection( availability_zones=["ap-south-1a", "ap-south-1b"]))
def __create_asg(self, user_data: str, vpc: ec2.Vpc): subnets = ec2.SubnetSelection(one_per_az=True, subnet_type=ec2.SubnetType.PUBLIC) asg = autoscaling.AutoScalingGroup( self, id=common.generate_id("ImagizerAutoscalingGroup"), vpc=vpc, vpc_subnets=subnets, instance_type=ec2.InstanceType.of( instance_class=ec2.InstanceClass[variables.ASG_INSTANCE_TYPE], instance_size=ec2.InstanceSize[variables.ASG_INSTANCE_SIZE]), machine_image=ec2.GenericLinuxImage( ami_map={self.region: variables.IMAGIZER_AMI_ID}), user_data=ec2.UserData.custom(user_data), update_type=autoscaling.UpdateType.ROLLING_UPDATE, health_check=autoscaling.HealthCheck.ec2( grace=core.Duration.seconds( variables.ASG_HEALTH_CHECK_GRACE_PERIOD)), cooldown=core.Duration.seconds( variables.ASG_HEALTH_CHECK_GRACE_PERIOD), min_capacity=variables.ASG_MIN_CAPACITY, max_capacity=variables.ASG_MAX_CAPACITY, rolling_update_configuration=autoscaling. RollingUpdateConfiguration( min_instances_in_service=variables.ASG_ROLL_OUT_BATCH_SIZE, max_batch_size=variables.ASG_ROLL_OUT_BATCH_SIZE, wait_on_resource_signals=True, pause_time=core.Duration.minutes( variables.ASG_ROLL_OUT_PATCH_MINUTES))) common.add_tags(self, asg, variables.IMAGIZER_CLUSTER_TAGS) return asg
def __init__(self, app: core.App, id: str, **kwargs) -> None: super().__init__(app, id, **kwargs) vpc = ec2.Vpc(self, "VPC") # Security group for our test instance my_sg = ec2.SecurityGroup(self, "my_sg", vpc=vpc, description="My sg for testing", allow_all_outbound=True) # Add ssh from anywhere my_sg.add_ingress_rule(ec2.Peer.any_ipv4(), ec2.Port.tcp(22), "Allow ssh access from anywhere") asg = autoscaling.AutoScalingGroup( self, "ASG", vpc=vpc, instance_type=ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.MICRO), machine_image=ec2.AmazonLinuxImage(), ) asg.add_security_group(my_sg) # add our security group, expects object ## Classic Elastic Load Balancer #lb = elb.LoadBalancer( # self, "ELB", # vpc=vpc, # internet_facing=True, # health_check={"port": 22} #) #lb.add_target(asg) # #listener = lb.add_listener( # external_port=8000, # external_protocol=elb.LoadBalancingProtocol.TCP, # internal_port=22, # internal_protocol=elb.LoadBalancingProtocol.TCP #) #listener.connections.allow_default_port_from_any_ipv4("Open to the world") # Network Load Balancer nlb = elbv2.NetworkLoadBalancer( self, "NLB", vpc=vpc, internet_facing=True, cross_zone_enabled=True, vpc_subnets=ec2.SubnetSelection(subnet_type=ec2.SubnetType.PUBLIC)) my_target = elbv2.NetworkTargetGroup(self, "MyTargetGroup", port=22, vpc=vpc) listener = nlb.add_listener("Listener", port=8000, default_target_groups=[my_target]) my_target.add_target(asg)
def __init__(self, scope: Construct, id: str, **kwargs) -> None: super().__init__(scope, id, *kwargs) vpc = ec2.Vpc(self, "MyVpc", max_azs=2) cluster = ecs.Cluster(self, 'Ec2Cluster', vpc=vpc) asg = autoscaling.AutoScalingGroup( self, "DefaultAutoScalingGroup", instance_type=ec2.InstanceType("t2.micro"), machine_image=ecs.EcsOptimizedImage.amazon_linux2(), vpc=vpc, ) capacity_provider = ecs.AsgCapacityProvider(self, "AsgCapacityProvider", auto_scaling_group=asg) cluster.add_asg_capacity_provider(capacity_provider) ecs_service = ecs_patterns.NetworkLoadBalancedEc2Service( self, "Ec2Service", cluster=cluster, memory_limit_mib=512, task_image_options={ 'image': ecs.ContainerImage.from_registry("amazon/amazon-ecs-sample") }) CfnOutput(self, "LoadBalancerDNS", value=ecs_service.load_balancer.load_balancer_dns_name)
def __init__(self, scope: core.Construct, id: str, vpc: ec2.IVpc, **kwargs) -> None: super().__init__(scope, id, **kwargs) # Fargate cluster self.cluster = ecs.Cluster( scope = self, id = 'ecs-dev-cluster', cluster_name = 'ecs-dev-cluster', vpc = vpc ) # Or add customized capacity. Be sure to start the Amazon ECS-optimized AMI. self.auto_scaling_group1 = autoscaling.AutoScalingGroup(self, "ASG1", vpc=vpc, instance_type=ec2.InstanceType("t2.xlarge"), machine_image=ecs.EcsOptimizedImage.amazon_linux(), update_type=autoscaling.UpdateType.REPLACING_UPDATE, # Or use Amazon ECS-Optimized Amazon Linux 2 AMI # machineImage: EcsOptimizedImage.amazonLinux2(), desired_capacity=3 ) self.auto_scaling_group2 = autoscaling.AutoScalingGroup(self, "ASG2", vpc=vpc, instance_type=ec2.InstanceType("t2.xlarge"), machine_image=ecs.EcsOptimizedImage.amazon_linux(), update_type=autoscaling.UpdateType.REPLACING_UPDATE, # Or use Amazon ECS-Optimized Amazon Linux 2 AMI # machineImage: EcsOptimizedImage.amazonLinux2(), desired_capacity=3 ) self.cluster.add_auto_scaling_group(self.auto_scaling_group1) self.cluster.add_auto_scaling_group(self.auto_scaling_group2) self.lb = elbv2.ApplicationLoadBalancer( self, "LB", vpc=vpc, internet_facing=True ) self.listener1 = self.lb.add_listener("Listener1", port=80) self.listener1.add_targets("Target", port=80, targets=[self.auto_scaling_group1]) self.listener1.connections.allow_default_port_from_any_ipv4("Open to the world") self.listener2 = self.lb.add_listener("Listener2", port=8080) self.listener2.add_targets("Target", port=8080, targets=[self.auto_scaling_group2]) self.listener2.connections.allow_default_port_from_any_ipv4("Open to the world")
def __init__(self,scope:core.Construct, id:str, infra:RtspBaseResourcesConstruct, subnet_group_name:str='Default', **kwargs) -> None: super().__init__(scope, id, **kwargs) self.container = ecs.ContainerImage.from_docker_image_asset( asset=ecr.DockerImageAsset(self,'RtspConnectorContainer', directory='src/rtsp/connector', file='Dockerfile')) self.task_role = iam.Role(self,'TaskRole', assumed_by=iam.ServicePrincipal(service='ecs-tasks'), role_name='ecs-video-producer-task@homenet-{}'.format(core.Stack.of(self).region), managed_policies=[ iam.ManagedPolicy.from_aws_managed_policy_name( managed_policy_name='AmazonRekognitionFullAccess') ], description='Role for VideoSubnet Tasks') self.execution_role = iam.Role(self,'ExecutionRole', assumed_by=iam.ServicePrincipal(service='ecs-tasks'), role_name='ecs-rtsp-cluster-execution-role@homenet-{}'.format(core.Stack.of(self).region), description='ECS Execution Role for '+ RtspBaseResourcesConstruct.__name__) self.cluster = ecs.Cluster(self,'RtspCluster', vpc=self.landing_zone.vpc, cluster_name='{}-rtsp-services'.format(infra.landing_zone.zone_name)) # Tag all cluster resources for auto-domain join. core.Tags.of(self.cluster).add('domain','virtual.world') self.autoscale_group = autoscale.AutoScalingGroup(self,'WinASG', security_group=infra.landing_zone.security_group, instance_type= ec2.InstanceType.of( instance_class= ec2.InstanceClass.BURSTABLE3, instance_size=ec2.InstanceSize.SMALL), machine_image= ec2.MachineImage.generic_windows(ami_map={ 'us-east-1':'ami-0f93c815788872c5d' }), vpc= infra.landing_zone.vpc, role= self.execution_role, allow_all_outbound=True, associate_public_ip_address=False, #auto_scaling_group_name='{}-Rtsp-Windows'.format(landing_zone.zone_name), min_capacity= min_capacity, max_capacity= max_capacity, rolling_update_configuration= autoscale.RollingUpdateConfiguration( min_instances_in_service=0), update_type= autoscale.UpdateType.REPLACING_UPDATE, vpc_subnets=ec2.SubnetSelection(subnet_group_name=subnet_group_name)) self.cluster.add_auto_scaling_group( auto_scaling_group= self.autoscale_group, can_containers_access_instance_role=True, task_drain_time= task_drain_time) # Enable management from Managed AD and SSM for policy in ['AmazonSSMDirectoryServiceAccess','AmazonSSMManagedInstanceCore']: self.autoscale_group.role.add_managed_policy( iam.ManagedPolicy.from_aws_managed_policy_name( managed_policy_name=policy))
def __init__(self, scope: core.Construct, id: str, vpc, bastion, config, **kwargs) -> None: super().__init__(scope, id, **kwargs) prj_name = self.node.try_get_context("project_name") env_name = self.node.try_get_context("env") name = config['ec2']['name'] key = config['ec2']['ssh_key'] ubuntu_ami = ec2.GenericLinuxImage( {"ap-southeast-1": "ami-028be27cf930f7a43"}) # Create security group for webapp instances webapp_sg = ec2.SecurityGroup(self, 'webapp-sg', vpc=vpc, security_group_name=prj_name + env_name + '-webapp-sg', description="SG for webapp Instances", allow_all_outbound=True) webapp_sg.add_ingress_rule( peer=ec2.Peer.ipv4(f"{bastion.instance_private_ip}/32"), connection=ec2.Port.tcp(22), description='Allow all bastion instance to SSH') for subnet in vpc.public_subnets: webapp_sg.add_ingress_rule( peer=ec2.Peer.ipv4(subnet.ipv4_cidr_block), connection=ec2.Port.tcp(80), description= 'Allow ELB public subnets to access webapp instances') # Create launch template and attach to autoscaling group webapp_launch_template = ec2.LaunchTemplate( self, 'launch-template', detailed_monitoring=False, ebs_optimized=False, instance_type=ec2.InstanceType("t3.small"), launch_template_name=f"{name}-launch-template", key_name=f"{key}", machine_image=ubuntu_ami, security_group=webapp_sg) self.webapp_asg = autoscaling.AutoScalingGroup( self, 'webapp-asg', vpc=vpc, auto_scaling_group_name=prj_name + env_name + '-webapp-asg', instance_type=ec2.InstanceType("t3.small"), machine_image=ubuntu_ami, min_capacity=1, max_capacity=1, desired_capacity=1, vpc_subnets=ec2.SubnetSelection( subnet_type=ec2.SubnetType.PRIVATE))
def __init__(self, app: core.App, id: str, **kwargs) -> None: super().__init__(app, id, **kwargs) env_name = self.node.try_get_context('env') vpc = ec2.Vpc(self, id=f"{env_name}VPC") data = open("./pr_stacks/httpd.sh", "rb").read() httpd=ec2.UserData.for_linux() httpd.add_commands(str(data,'utf-8')) asg = autoscaling.AutoScalingGroup( self, id=f"{env_name}-ASG", vpc=vpc, instance_type=ec2.InstanceType.of( ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.MICRO ), machine_image=ec2.AmazonLinuxImage(generation=ec2.AmazonLinuxGeneration.AMAZON_LINUX_2), user_data=httpd, min_capacity=2, max_capacity=5 ) lb = elbv2.ApplicationLoadBalancer( self, "LB", vpc=vpc, internet_facing=True) """ Listeners: For every load balancer, regardless of the type used, you must configure at least one listener. The listener defines how your inbound connections are routed to your target groups based on ports and protocols set as conditions. The configurations of the listener itself differ slightly depending on which ELB you have selected. """ listener = lb.add_listener(id=f"{env_name}-Listener", port=80) """ Target Groups: A target group is simply a group of your resources that you want your ELB to route requests to, such as a fleet of EC2 instances. You can configure the ELB with a number of different target groups, each associated with a different listener configuration and associated rules. This enables you to route traffic to different resources based upon the type of request. """ listener.add_targets(id=f"{env_name}-Target", port=80, targets=[asg]) listener.connections.allow_default_port_from_any_ipv4(description="Open to the world") asg.scale_on_request_count(id=f"{env_name}-AModestLoad", target_requests_per_second=1) core.CfnOutput(self,"LoadBalancer",export_name="LoadBalancer",value=f"http://{lb.load_balancer_dns_name}")
def create_auto_scaling_group(self): auto_scaling_group = autoscaling.AutoScalingGroup( self, guid('ASG-'), vpc=self.vpc, instance_type=self.DEFAULT_EC2_TYPE, machine_image=self.DEFAULT_IMAGE, min_capacity=1, max_capacity=5) auto_scaling_group.scale_on_cpu_utilization( "keepCpuUtilization", target_utilization_percent=10) return auto_scaling_group
def asg_app(self, vpc, asg_name): asg_app= asg.AutoScalingGroup(self, f"asg-app{asg_name}", vpc=vpc['vpc'], instance_type=ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.MICRO), machine_image=ec2.AmazonLinuxImage(), key_name="adl-keypair-dev-us-east-1", max_capacity=2 update_type=asg.UpdateType.ROLLING_UPDATE ) asg_app.add_to_role_policy(statement=iam.PolicyStatement( resources=["*"] actions=[s3:*]))
def __create_asg__(self): asg = autoscaling.AutoScalingGroup( self, "frontend-autoscaling-group", instance_type=ec2.InstanceType(INSTANCE_TYPE), machine_image=ec2.AmazonLinuxImage(), vpc=self.network_stack.vpc, vpc_subnets=ec2.SubnetSelection(one_per_az=True, subnet_type=ec2.SubnetType.PUBLIC), desired_capacity=2) asg.add_security_group(self.frontend_security_group) return asg
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None: super().__init__(scope, id, **kwargs) # The code that defines your stack goes here vpc = ec2.Vpc( self, "MyVpc", max_azs=2 ) sg = ec2.SecurityGroup( self, "SG", description='Allow ssh access to ec2 instances', vpc=vpc ) sg.add_ingress_rule( peer=ec2.Peer.any_ipv4(), connection=ec2.Port.tcp(22) ) asg = autoscaling.AutoScalingGroup( self, "ASG", vpc=vpc, instance_type=ec2.InstanceType.of( ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.MICRO ), machine_image=ec2.AmazonLinuxImage(), desired_capacity=3, ) lb = elb.LoadBalancer( self, "LB", vpc=vpc, internet_facing=True, health_check={"port": 80} ) lb.add_target(asg) ec2instance = ec2.Instance( self, "EC2INSTANCE", vpc=vpc, instance_type=ec2.InstanceType.of( ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.MICRO ), machine_image=ec2.AmazonLinuxImage(), vpc_subnets={ 'subnet_type': ec2.SubnetType.PUBLIC }, security_group=sg, key_name="MyNVKeyPair" ) listener = lb.add_listener(external_port=80) listener.connections.allow_default_port_from_any_ipv4("Open to the world")
def __init__(self, scope: core.Construct, construct_id: str, vpc, **kwargs) -> None: super().__init__(scope, construct_id, **kwargs) # The code that defines your stack goes here alb = elbv2.ApplicationLoadBalancer(self, "ALB", vpc=vpc, internet_facing=True) listener = alb.add_listener("Listener", port=80, open=True) security_group = ec2.SecurityGroup( self, "SecurityGroup", vpc=vpc, description="Allow access to ec2 instances", allow_all_outbound=True) security_group.add_ingress_rule(ec2.Peer.any_ipv4(), ec2.Port.tcp(80), "allow HTTP access from the world") security_group.add_ingress_rule(ec2.Peer.any_ipv4(), ec2.Port.tcp(22), "allow ssh access from the world") asg = autoscaling.AutoScalingGroup( self, "ASG", vpc=vpc, instance_type=ec2.InstanceType("t3.small"), machine_image=ec2.MachineImage.generic_linux( {"ap-east-1": "ami-0312f467545f742c4"}), min_capacity=2, max_capacity=5, security_group=security_group, # block_devices=[autoscaling.BlockDevice( # device_name="EBSApp", # volume=autoscaling.BlockDeviceVolume.ebs(20, # encrypted=True # ) # )] ) asg.scale_on_cpu_utilization("KeepSpareCPU", target_utilization_percent=70) group = listener.add_targets("ApplicationFleet", port=80, targets=[asg]) # Output core.CfnOutput(self, "Output", value=alb.load_balancer_dns_name) self.security_group = security_group self.alb = alb
def __init__(self, app: core.App, id: str) -> None: super().__init__(app, id) vpc = ec2.Vpc(self, "VPC") data = open("./httpd.sh", "rb").read() httpd = ec2.UserData.for_linux() httpd.add_commands(str(data, 'utf-8')) asg = autoscaling.AutoScalingGroup( self, "ASG", vpc=vpc, instance_type=ec2.InstanceType.of( ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.MICRO ), machine_image=ec2.AmazonLinuxImage(generation=ec2.AmazonLinuxGeneration.AMAZON_LINUX_2), user_data=httpd, ) lb = elbv2.ApplicationLoadBalancer( self, "LB", vpc=vpc, internet_facing=True) listener = lb.add_listener("Listener", port=80) listener.add_targets("Target", port=80, targets=[asg]) listener.connections.allow_default_port_from_any_ipv4("Open to the world") asg.scale_on_request_count("AModestLoad", target_requests_per_second=1) core.CfnOutput(self, "LoadBalancer", export_name="LoadBalancer", value=lb.load_balancer_dns_name) # === # # WAF # # === # # TODO #10 apply the web_acl to a resource # no method to apply the web_acl to a resource in version 1.75.0 web_acl = wafv2.CfnWebACL( scope_=self, id="waf", default_action=wafv2.CfnWebACL.DefaultActionProperty(), scope="REGIONAL", visibility_config=wafv2.CfnWebACL.VisibilityConfigProperty( cloud_watch_metrics_enabled=True, metric_name="waf-web-acl", sampled_requests_enabled=True ) )
def __init__(self, scope: core.Construct, construct_id: str, **kwargs) -> None: super().__init__(scope, construct_id, **kwargs) # The code that defines your stack goes here # creating a machine image ami = ec2.MachineImage.latest_amazon_linux( cpu_type=ec2.AmazonLinuxCpuType.X86_64, edition=ec2.AmazonLinuxEdition.STANDARD, generation=ec2.AmazonLinuxGeneration.AMAZON_LINUX, storage=ec2.AmazonLinuxStorage.GENERAL_PURPOSE, ) # creating vpc vpc = ec2.Vpc.from_lookup(self, "vpc", is_default=True) # creating security group skull_sg = ec2.SecurityGroup( self, "myec2sg", vpc=vpc, security_group_name="skull-sg", description="sg for ec2 cdk example", allow_all_outbound=True, ) # creating autoscaling group asg = autoscaling.AutoScalingGroup( self, "autoscaling", instance_type=ec2.InstanceType("t2.micro"), machine_image=ami, vpc=vpc, security_group=skull_sg, ) # creating load balancer load_balancer = elb.LoadBalancer( self, "loadbalancer", internet_facing=True, vpc=vpc ) # adding listeners to load balancer listener = load_balancer.add_listener( external_port=80, external_protocol=elb.LoadBalancingProtocol.HTTP ) # add targets for load balancer such as the autoscaling group created above load_balancer.add_target(asg)
def __init__(self, scope: core.Construct, construct_id: str, **kwargs) -> None: super().__init__(scope, construct_id, **kwargs) # The code that defines your stack goes here vpc = ec2.Vpc(self, "MyVPC") data = open("./user_data.sh", "rb").read() httpd = ec2.UserData.for_linux() httpd.add_commands(str(data, 'utf-8')) _asg = asg.AutoScalingGroup( self, "ASG", vpc=vpc, instance_type=ec2.InstanceType( instance_type_identifier="t2.large"), machine_image=ec2.AmazonLinuxImage( generation=ec2.AmazonLinuxGeneration.AMAZON_LINUX_2, storage=ec2.AmazonLinuxStorage.GENERAL_PURPOSE, ), user_data=httpd, vpc_subnets=ec2.SubnetSelection(subnet_type=ec2.SubnetType.PUBLIC), desired_capacity=2, auto_scaling_group_name="FirstASG") _asg.scale_on_cpu_utilization("ScaleOnCPU_Utilization", target_utilization_percent=50) alb = elb.ApplicationLoadBalancer( self, "ALB", vpc=vpc, vpc_subnets=ec2.SubnetSelection(subnet_type=ec2.SubnetType.PUBLIC), load_balancer_name="FirstALB", internet_facing=True) listener = alb.add_listener("Listener", port=80) listener.add_targets("Target", port=80, targets=[_asg]) listener.connections.allow_from_any_ipv4( ec2.Port.tcp(80), "Allows HTTP from the World to call") core.CfnOutput(self, "LoadBalancer", export_name="LoadBalancer", value=alb.load_balancer_dns_name)
def __init__(self, scope: core.Construct, id: str, vpc, **kwargs) -> None: super().__init__(scope, id, **kwargs) #Creating Bastion bastion = ec2.BastionHostLinux(self, 'webapp-bastion', vpc=vpc, subnet_selection=ec2.SubnetSelection( subnet_type=ec2.SubnetType.PUBLIC)) bastion.instance.instance.add_property_override("KeyName", key_name) bastion.connections.allow_from_any_ipv4(ec2.Port.tcp(22), "Internet access SSH") #Creating AutoScaling group self.asg = autoscaling.AutoScalingGroup( self, "webapp-autoscaling", vpc=vpc, vpc_subnets=ec2.SubnetSelection( subnet_type=ec2.SubnetType.PRIVATE), instance_type=ec2.InstanceType(instance_type_identifier=ec2_type), machine_image=linux_ami, key_name=key_name, user_data=ec2.UserData.custom(user_data), desired_capacity=2, min_capacity=2, max_capacity=2, ) #Creating Load Balancer alb = elb.ApplicationLoadBalancer(self, "webapp-alb", vpc=vpc, internet_facing=True, load_balancer_name="webapp-alb") alb.connections.allow_from_any_ipv4(ec2.Port.tcp(80), "Internet access ALB 80") listener = alb.add_listener("my80", port=80, open=True) #Final Configuration self.asg.connections.allow_from( alb, ec2.Port.tcp(80), "ALB access 80 port of EC2 in Autoscaling Group") listener.add_targets("addTargetGroup", port=80, targets=[self.asg]) core.CfnOutput(self, "Output", value=alb.load_balancer_dns_name)
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None: super().__init__(scope, id, **kwargs) vpc = ec2.Vpc(self, 'OurDemoVPC', cidr='10.1.0.0/16', max_azs=2, subnet_configuration=[ { 'cidrMask': 24, 'name': 'Web', 'subnetType': ec2.SubnetType.PUBLIC }, { 'cidrMask': 24, 'name': 'Application', 'subnetType': ec2.SubnetType.PRIVATE }, ]) asg = autoscaling.AutoScalingGroup( self, "ASG", vpc=vpc, instance_type=ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.MICRO), machine_image=ec2.AmazonLinuxImage()) asg.add_user_data(""" yum update -y yum install httpd -y echo 'Hello from the CDK' > /var/www/html/index.html service httpd start chkconfig httpd on """) lb = elbv2.ApplicationLoadBalancer(self, "LB", vpc=vpc, internet_facing=True) listener = lb.add_listener("Listener", port=80) listener.add_targets("Target", port=80, targets=[asg]) listener.connections.allow_default_port_from_any_ipv4( "Open to the world")
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None: super().__init__(scope, id, **kwargs) # The code that defines your stack goes here #Creating vpc vpc = ec2.Vpc(self, "test_vpc_id") #Creating a basic web application to view data = open("./httpd.sh", "rb").read() httpd = ec2.UserData.for_linux() httpd.add_commands(str(data, 'utf-8')) # Auto-scaling group and instance creation asginstances = asg.AutoScalingGroup( self, "ASG", vpc=vpc, instance_type=ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.MICRO), machine_image=ec2.AmazonLinuxImage( generation=ec2.AmazonLinuxGeneration.AMAZON_LINUX_2), desired_capacity=2, max_capacity=2, min_capacity=0, user_data=httpd) #Creating ALB and allowing internet access lb = alb.ApplicationLoadBalancer(self, 'LB', vpc=vpc, internet_facing=True) #ALB listening on port 80 listener = lb.add_listener("Listener", port=80) #Add the ASG as targets for the ALB listener.add_targets("Target", port=80, targets=[asginstances]) listener.connections.allow_default_port_from_any_ipv4( "Forwarding port 80 to the ASG") #Print out the ALB url to show web instance application core.CfnOutput(self, "LoadBalancer", export_name="Bananatag", value=lb.load_balancer_dns_name)
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None: super().__init__(scope, id, **kwargs) lab03_vpc=ec2.Vpc(self,"Lab03-vpc",nat_gateways=1) #read and base64 encode userdata file data = open("../resource/httpd.sh", "rb").read() encodedBytes = base64.encodebytes(data) encodedStr = str(encodedBytes, "utf-8") #create UserData httpd=ec2.UserData.for_linux() httpd.add_commands(str(data,'utf-8')) #create AutoScaling Group ami=ec2.AmazonLinuxImage(generation=ec2.AmazonLinuxGeneration.AMAZON_LINUX_2) #get AMAZON Linux 2 AMI #ec2.GenericWindowsImage({"cn-northwest-1":"ami-123123"}) asg=autoscaling.AutoScalingGroup( self, "aws-cdk-asg", vpc=lab03_vpc, #machine_image= ec2.GenericWindowsImage({"cn-northwest-1":"ami-00d0173a6c8a76d5f"}), #use custom ami machine_image= ami, instance_type=ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.MICRO), user_data=httpd, min_capacity=1, desired_capacity=2, max_capacity=2, ) #create Elastic Load Balancer listener_port = 8080 lab03_alb=elb.ApplicationLoadBalancer(self,"lab03_alb",vpc=lab03_vpc,internet_facing=True) alb_listener=lab03_alb.add_listener("lab03_alb_listener",port=listener_port) alb_listener.add_targets('Target',port=80,targets=[asg]) #output ALB DNS core.CfnOutput(self,"Lab03ALB",export_name="Lab03ALB",value=lab03_alb.load_balancer_dns_name+":"+str(listener_port))
def _add_autoscaling_group(self, vpc: ec2.Vpc, public_subnet: ec2.SubnetConfiguration, security_group: ec2.SecurityGroup, role: iam.Role) -> autoscaling.AutoScalingGroup: """ Add autoscaling group for running ec2 instance automatically """ group = autoscaling.AutoScalingGroup( self, 'vpn-autoscale', vpc=vpc, instance_type=ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.MICRO), machine_image=ec2.AmazonLinuxImage(), max_capacity=1, vpc_subnets=public_subnet, associate_public_ip_address=True, key_name='vpn-key', role=role) group.add_security_group(security_group) return group