def create_cache_cluster(stack, name, cache_type, vpc, cidrs, subnet_ids,
instance_type, num_cache_clusters):
"""Add Elasticache Cache cluster Resource."""
ports = {'redis': 6379, 'memcached': 11211}
ingress = []
for idx, cidr in enumerate(cidrs):
ingress.append(
SecurityGroupRule(
'{0}{1}{2}'.format(name.replace('-', ''), cache_type, idx),
CidrIp=cidr,
FromPort=ports[cache_type],
ToPort=ports[cache_type],
IpProtocol='tcp',
))
secgroup = stack.stack.add_resource(
SecurityGroup(
'{0}{1}SecurityGroup'.format(name.replace('-', ''), cache_type),
GroupDescription='{0} {1} Security Group'.format(name, cache_type),
SecurityGroupIngress=ingress,
SecurityGroupEgress=[
SecurityGroupRule('{0}egress'.format(name.replace('-', '')),
CidrIp='0.0.0.0/0',
IpProtocol='-1')
],
VpcId=vpc,
))
subnet_group = stack.stack.add_resource(
elasticache.SubnetGroup(
'{0}{1}cache'.format(name.replace('-', ''), cache_type),
Description='{0}{1} cache'.format(name, cache_type),
SubnetIds=subnet_ids,
))
if num_cache_clusters > 1:
stack.stack.add_resource(
elasticache.ReplicationGroup(
'{0}CacheCluster'.format(name.replace('-', '')),
ReplicationGroupId='{0}'.format(name),
ReplicationGroupDescription='{0}cluster'.format(name),
Engine='{0}'.format(cache_type),
EngineVersion='3.2.6',
CacheNodeType=instance_type,
NumCacheClusters=num_cache_clusters,
CacheSubnetGroupName=Ref(subnet_group),
SecurityGroupIds=[Ref(secgroup)],
AtRestEncryptionEnabled=True))
else:
stack.stack.add_resource(
elasticache.CacheCluster('{0}CacheCluster'.format(
name.replace('-', '')),
ClusterName='{0}'.format(name),
Engine='{0}'.format(cache_type),
EngineVersion='3.2.10',
CacheNodeType=instance_type,
NumCacheNodes=num_cache_clusters,
VpcSecurityGroupIds=[Ref(secgroup)],
CacheSubnetGroupName=Ref(subnet_group)))
def add_cachecluster(self, cache_node_type, clustersg, name, engine,
num_nodes, subnet_group):
return self.add_resource(
elasticache.CacheCluster(name + engine + 'Cluster',
Engine=engine,
CacheNodeType=cache_node_type,
NumCacheNodes=num_nodes,
VpcSecurityGroupIds=[Ref(clustersg)],
CacheSubnetGroupName=Ref(subnet_group)))
def create_redis_resource(template, redis_node_class_parameter, redis_nodes_count_parameter, redis_security_group_resource,
redis_subnet_group_resource):
return template.add_resource(
elasticache.CacheCluster(
'Redis',
Engine='redis',
EngineVersion='4.0',
CacheNodeType=Ref(redis_node_class_parameter),
NumCacheNodes=Ref(redis_nodes_count_parameter),
VpcSecurityGroupIds=[
GetAtt(redis_security_group_resource, 'GroupId')],
CacheSubnetGroupName=Ref(redis_subnet_group_resource)
)
)
def render_elasticache(context, template):
ensure(context['elasticache']['engine'] == 'redis',
'We only support Redis as ElastiCache engine at this time')
cache_security_group = elasticache_security_group(context)
template.add_resource(cache_security_group)
subnet_group = elasticache.SubnetGroup(
ELASTICACHE_SUBNET_GROUP_TITLE,
Description="a group of subnets for this cache instance.",
SubnetIds=context['elasticache']['subnets'])
template.add_resource(subnet_group)
parameter_group = elasticache.ParameterGroup(
ELASTICACHE_PARAMETER_GROUP_TITLE,
CacheParameterGroupFamily='redis2.8',
Description='ElastiCache parameter group for %s' %
context['stackname'],
Properties=context['elasticache']['configuration'])
template.add_resource(parameter_group)
template.add_resource(
elasticache.CacheCluster(
ELASTICACHE_TITLE,
CacheNodeType='cache.t2.small',
CacheParameterGroupName=Ref(parameter_group),
CacheSubnetGroupName=Ref(subnet_group),
Engine='redis',
EngineVersion=context['elasticache']['version'],
PreferredAvailabilityZone=context['elasticache']['az'],
# we only support Redis, and it only supports 1 node
NumCacheNodes=1,
Tags=Tags(**_generic_tags(context)),
VpcSecurityGroupIds=[Ref(cache_security_group)],
))
outputs = [
mkoutput("ElastiCacheHost",
"The hostname on which the cache accepts connections",
(ELASTICACHE_TITLE, "RedisEndpoint.Address")),
mkoutput("ElastiCachePort",
"The port number on which the cache accepts connections",
(ELASTICACHE_TITLE, "RedisEndpoint.Port")),
]
map(template.add_output, outputs)
def define_cache_culster(self, cluster_config):
cc = elasticache.CacheCluster(cluster_config["name"],
DeletionPolicy=self.deletion_policy)
#DependsOn=cluster_config["security_groups"][0])
cc.CacheNodeType = cluster_config["node_type"]
c_sg = self.define_cache_subnet_group(cluster_config["subnet_group"])
cc.CacheSubnetGroupName = c_sg
cc.Engine = cluster_config["engine"]
cc.EngineVersion = cluster_config["engine_version"]
cc.NotificationTopicArn = cluster_config["notification_arn"]
cc.NumCacheNodes = cluster_config["node_count"]
sg_ids = []
for s in cluster_config["security_groups"]:
sg_ids.append(Ref(s))
cc.VpcSecurityGroupIds = sg_ids
self._add_resource(cc)
return Ref(cc)
def redis_adder(self,
name,
tags,
instance_type='cache.m3.medium',
nodes=1,
version='2.8.24'):
rule = self.rule_adder(6379, cidr='10.0.0.0/16')
subnetname = Join("", [name, Ref("DeploymentEnvironment")])
self.group_adder("redissg", [rule])
subnetgroup = self.template.add_resource(
elasticache.SubnetGroup(
"SubnetGroup",
CacheSubnetGroupName=subnetname,
Description='Subnet Group for ElasticCache Redis {0}'.format(
name),
SubnetIds=self.config['subnets']))
self.template.add_resource(
elasticache.CacheCluster(
"CacheCluster",
ClusterName=name,
Engine='redis',
EngineVersion=version,
CacheNodeType=instance_type,
NumCacheNodes=nodes,
Tags=tags,
CacheSubnetGroupName=Ref(subnetgroup),
VpcSecurityGroupIds=[GetAtt('redissg', "GroupId")],
))
redisdnsrecord = RecordSetType(
"RedisDNSRecord",
HostedZoneName=Join("", [Ref("RedisDNSDomain"), "."]),
Name=Join("",
[Ref("RedisDNSName"), ".",
Ref("RedisDNSDomain"), "."]),
Type="CNAME",
TTL="900",
ResourceRecords=[GetAtt("CacheCluster", "RedisEndpoint.Address")],
)
self.template.add_resource(redisdnsrecord)
def render_elasticache(context, template):
ensure(context['elasticache']['engine'] == 'redis',
'We only support Redis as ElastiCache engine at this time')
cache_security_group = elasticache_security_group(context)
template.add_resource(cache_security_group)
subnet_group = elasticache.SubnetGroup(
ELASTICACHE_SUBNET_GROUP_TITLE,
Description="a group of subnets for this cache instance.",
SubnetIds=context['elasticache']['subnets'])
template.add_resource(subnet_group)
parameter_group = elasticache_default_parameter_group(context)
suppressed = context['elasticache'].get('suppressed', [])
default_parameter_group_use = False
for cluster in range(1, context['elasticache']['clusters'] + 1):
if cluster in suppressed:
continue
cluster_context = overridden_component(
context,
'elasticache',
index=cluster,
allowed=['type', 'version', 'az', 'configuration'])
if cluster_context['configuration'] != context['elasticache'][
'configuration']:
cluster_parameter_group = elasticache_overridden_parameter_group(
context, cluster_context, cluster)
template.add_resource(cluster_parameter_group)
cluster_cache_parameter_group_name = Ref(cluster_parameter_group)
else:
cluster_cache_parameter_group_name = Ref(parameter_group)
default_parameter_group_use = True
cluster_title = ELASTICACHE_TITLE % cluster
template.add_resource(
elasticache.CacheCluster(
cluster_title,
CacheNodeType=cluster_context['type'],
CacheParameterGroupName=cluster_cache_parameter_group_name,
CacheSubnetGroupName=Ref(subnet_group),
Engine='redis',
EngineVersion=cluster_context['version'],
PreferredAvailabilityZone=cluster_context['az'],
# we only support Redis, and it only supports 1 node
NumCacheNodes=1,
Tags=Tags(**aws.generic_tags(context)),
VpcSecurityGroupIds=[Ref(cache_security_group)],
))
outputs = [
mkoutput("ElastiCacheHost%s" % cluster,
"The hostname on which the cache accepts connections",
(cluster_title, "RedisEndpoint.Address")),
mkoutput("ElastiCachePort%s" % cluster,
"The port number on which the cache accepts connections",
(cluster_title, "RedisEndpoint.Port")),
]
lmap(template.add_output, outputs)
if default_parameter_group_use:
template.add_resource(parameter_group)
)
],
))
cache_subnet_group = t.add_resource(
elasticache.SubnetGroup('CacheSubnetGroup',
Description='Cache subnet group',
SubnetIds=Ref(param_subnetids)))
cache_cluster = t.add_resource(
elasticache.CacheCluster(
'CacheCluster',
Engine='redis',
CacheNodeType=Ref(param_cache_node_type),
NumCacheNodes=Ref(param_cache_node_num),
CacheSubnetGroupName=Ref(cache_subnet_group),
AutoMinorVersionUpgrade=True,
VpcSecurityGroupIds=[
If('CreateSecurityGroupCondition', Ref(cache_sg), Ref(param_sg))
],
))
#
# Output
#
t.add_output([
Output(
'EndpointAddress',
Description=
'The DNS address of the configuration endpoint for the Redis cache cluster.',
Value=GetAtt(cache_cluster, 'RedisEndpoint.Address')),
),
ec2.SecurityGroupRule(
IpProtocol="tcp",
FromPort=If(using_redis_condition, "6379", "11211"),
ToPort=If(using_redis_condition, "6379", "11211"),
CidrIp=container_b_subnet_cidr,
),
],
)
cache_subnet_group = elasticache.SubnetGroup(
"CacheSubnetGroup",
template=template,
Description="Subnets available for the cache instance",
Condition=cache_condition,
SubnetIds=[Ref(container_a_subnet),
Ref(container_b_subnet)],
)
cache_cluster = elasticache.CacheCluster(
"CacheCluster",
template=template,
Engine=Ref(cache_engine),
CacheNodeType=Ref(cache_node_type),
Condition=cache_condition,
NumCacheNodes=1, # Must be 1 for redis, but still required
Port=If(using_redis_condition, 6379, 11211),
VpcSecurityGroupIds=[Ref(cache_security_group)],
CacheSubnetGroupName=Ref(cache_subnet_group),
)
FromPort=constants.REDIS_PORT,
ToPort=constants.REDIS_PORT,
SourceSecurityGroupId=Ref(container_security_group),
),
Ref("AWS::NoValue"),
),
],
Tags=Tags(Name=Join("-", [Ref("AWS::StackName"), "cache"]), ),
)
cache_cluster = elasticache.CacheCluster(
"CacheCluster",
template=template,
Engine="memcached",
CacheNodeType=Ref(cache_node_type),
Condition=using_memcached_condition,
NumCacheNodes=1,
Port=constants.MEMCACHED_PORT,
VpcSecurityGroupIds=[Ref(cache_security_group)],
CacheSubnetGroupName=Ref(cache_subnet_group),
Tags=Tags(Name=Join("-", [Ref("AWS::StackName"), "cache"]), ),
)
redis_replication_group = elasticache.ReplicationGroup(
"RedisReplicationGroup",
template=template,
AtRestEncryptionEnabled=use_aes256_encryption,
AutomaticFailoverEnabled=Ref(redis_automatic_failover),
AuthToken=If(using_auth_token_condition, Ref(redis_auth_token),
Ref("AWS::NoValue")),
Engine="redis",
EngineVersion=Ref(redis_version),
# Create the Redis cluster.
redis_subnet_group = template.add_resource(
elasticache.SubnetGroup(
'RedisSubnetGroup',
Description='Subnets available for the Redis cluster',
SubnetIds=Ref(subnets)
)
)
redis = template.add_resource(
elasticache.CacheCluster(
'Redis',
Engine='redis',
EngineVersion='4.0',
CacheNodeType=Ref(redis_node_class),
NumCacheNodes=Ref(redis_nodes_count),
VpcSecurityGroupIds=[GetAtt(redis_security_group, 'GroupId')],
CacheSubnetGroupName=Ref(redis_subnet_group)
)
)
# Create the SQS queues.
default_queue = template.add_resource(
sqs.Queue(
'DefaultQueue',
QueueName=Ref(sqs_default_queue_name)
)
)
notifications_queue = template.add_resource(
def main():
"""
Create a ElastiCache Redis Node and EC2 Instance
"""
template = Template()
# Description
template.set_description(
'AWS CloudFormation Sample Template ElastiCache_Redis:'
'Sample template showing how to create an Amazon'
'ElastiCache Redis Cluster. **WARNING** This template'
'creates an Amazon EC2 Instance and an Amazon ElastiCache'
'Cluster. You will be billed for the AWS resources used'
'if you create a stack from this template.')
# Mappings
template.add_mapping('AWSInstanceType2Arch', {
't1.micro': {'Arch': 'PV64'},
't2.micro': {'Arch': 'HVM64'},
't2.small': {'Arch': 'HVM64'},
't2.medium': {'Arch': 'HVM64'},
'm1.small': {'Arch': 'PV64'},
'm1.medium': {'Arch': 'PV64'},
'm1.large': {'Arch': 'PV64'},
'm1.xlarge': {'Arch': 'PV64'},
'm2.xlarge': {'Arch': 'PV64'},
'm2.2xlarge': {'Arch': 'PV64'},
'm2.4xlarge': {'Arch': 'PV64'},
'm3.medium': {'Arch': 'HVM64'},
'm3.large': {'Arch': 'HVM64'},
'm3.xlarge': {'Arch': 'HVM64'},
'm3.2xlarge': {'Arch': 'HVM64'},
'c1.medium': {'Arch': 'PV64'},
'c1.xlarge': {'Arch': 'PV64'},
'c3.large': {'Arch': 'HVM64'},
'c3.xlarge': {'Arch': 'HVM64'},
'c3.2xlarge': {'Arch': 'HVM64'},
'c3.4xlarge': {'Arch': 'HVM64'},
'c3.8xlarge': {'Arch': 'HVM64'},
'c4.large': {'Arch': 'HVM64'},
'c4.xlarge': {'Arch': 'HVM64'},
'c4.2xlarge': {'Arch': 'HVM64'},
'c4.4xlarge': {'Arch': 'HVM64'},
'c4.8xlarge': {'Arch': 'HVM64'},
'g2.2xlarge': {'Arch': 'HVMG2'},
'r3.large': {'Arch': 'HVM64'},
'r3.xlarge': {'Arch': 'HVM64'},
'r3.2xlarge': {'Arch': 'HVM64'},
'r3.4xlarge': {'Arch': 'HVM64'},
'r3.8xlarge': {'Arch': 'HVM64'},
'i2.xlarge': {'Arch': 'HVM64'},
'i2.2xlarge': {'Arch': 'HVM64'},
'i2.4xlarge': {'Arch': 'HVM64'},
'i2.8xlarge': {'Arch': 'HVM64'},
'd2.xlarge': {'Arch': 'HVM64'},
'd2.2xlarge': {'Arch': 'HVM64'},
'd2.4xlarge': {'Arch': 'HVM64'},
'd2.8xlarge': {'Arch': 'HVM64'},
'hi1.4xlarge': {'Arch': 'HVM64'},
'hs1.8xlarge': {'Arch': 'HVM64'},
'cr1.8xlarge': {'Arch': 'HVM64'},
'cc2.8xlarge': {'Arch': 'HVM64'}
})
template.add_mapping('AWSRegionArch2AMI', {
'us-east-1': {'PV64': 'ami-0f4cfd64',
'HVM64': 'ami-0d4cfd66',
'HVMG2': 'ami-5b05ba30'},
'us-west-2': {'PV64': 'ami-d3c5d1e3',
'HVM64': 'ami-d5c5d1e5',
'HVMG2': 'ami-a9d6c099'},
'us-west-1': {'PV64': 'ami-85ea13c1',
'HVM64': 'ami-87ea13c3',
'HVMG2': 'ami-37827a73'},
'eu-west-1': {'PV64': 'ami-d6d18ea1',
'HVM64': 'ami-e4d18e93',
'HVMG2': 'ami-72a9f105'},
'eu-central-1': {'PV64': 'ami-a4b0b7b9',
'HVM64': 'ami-a6b0b7bb',
'HVMG2': 'ami-a6c9cfbb'},
'ap-northeast-1': {'PV64': 'ami-1a1b9f1a',
'HVM64': 'ami-1c1b9f1c',
'HVMG2': 'ami-f644c4f6'},
'ap-southeast-1': {'PV64': 'ami-d24b4280',
'HVM64': 'ami-d44b4286',
'HVMG2': 'ami-12b5bc40'},
'ap-southeast-2': {'PV64': 'ami-ef7b39d5',
'HVM64': 'ami-db7b39e1',
'HVMG2': 'ami-b3337e89'},
'sa-east-1': {'PV64': 'ami-5b098146',
'HVM64': 'ami-55098148',
'HVMG2': 'NOT_SUPPORTED'},
'cn-north-1': {'PV64': 'ami-bec45887',
'HVM64': 'ami-bcc45885',
'HVMG2': 'NOT_SUPPORTED'}
})
template.add_mapping('Region2Principal', {
'us-east-1': {'EC2Principal': 'ec2.amazonaws.com',
'OpsWorksPrincipal': 'opsworks.amazonaws.com'},
'us-west-2': {'EC2Principal': 'ec2.amazonaws.com',
'OpsWorksPrincipal': 'opsworks.amazonaws.com'},
'us-west-1': {'EC2Principal': 'ec2.amazonaws.com',
'OpsWorksPrincipal': 'opsworks.amazonaws.com'},
'eu-west-1': {'EC2Principal': 'ec2.amazonaws.com',
'OpsWorksPrincipal': 'opsworks.amazonaws.com'},
'ap-southeast-1': {'EC2Principal': 'ec2.amazonaws.com',
'OpsWorksPrincipal': 'opsworks.amazonaws.com'},
'ap-northeast-1': {'EC2Principal': 'ec2.amazonaws.com',
'OpsWorksPrincipal': 'opsworks.amazonaws.com'},
'ap-southeast-2': {'EC2Principal': 'ec2.amazonaws.com',
'OpsWorksPrincipal': 'opsworks.amazonaws.com'},
'sa-east-1': {'EC2Principal': 'ec2.amazonaws.com',
'OpsWorksPrincipal': 'opsworks.amazonaws.com'},
'cn-north-1': {'EC2Principal': 'ec2.amazonaws.com.cn',
'OpsWorksPrincipal': 'opsworks.amazonaws.com.cn'},
'eu-central-1': {'EC2Principal': 'ec2.amazonaws.com',
'OpsWorksPrincipal': 'opsworks.amazonaws.com'}
})
# Parameters
cachenodetype = template.add_parameter(Parameter(
'ClusterNodeType',
Description='The compute and memory capacity of the nodes in the Redis'
' Cluster',
Type='String',
Default='cache.m1.small',
AllowedValues=['cache.m1.small',
'cache.m1.large',
'cache.m1.xlarge',
'cache.m2.xlarge',
'cache.m2.2xlarge',
'cache.m2.4xlarge',
'cache.c1.xlarge'],
ConstraintDescription='must select a valid Cache Node type.',
))
instancetype = template.add_parameter(Parameter(
'InstanceType',
Description='WebServer EC2 instance type',
Type='String',
Default='t2.micro',
AllowedValues=['t1.micro',
't2.micro',
't2.small',
't2.medium',
'm1.small',
'm1.medium',
'm1.large',
'm1.xlarge',
'm2.xlarge',
'm2.2xlarge',
'm2.4xlarge',
'm3.medium',
'm3.large',
'm3.xlarge',
'm3.2xlarge',
'c1.medium',
'c1.xlarge',
'c3.large',
'c3.xlarge',
'c3.2xlarge',
'c3.4xlarge',
'c3.8xlarge',
'c4.large',
'c4.xlarge',
'c4.2xlarge',
'c4.4xlarge',
'c4.8xlarge',
'g2.2xlarge',
'r3.large',
'r3.xlarge',
'r3.2xlarge',
'r3.4xlarge',
'r3.8xlarge',
'i2.xlarge',
'i2.2xlarge',
'i2.4xlarge',
'i2.8xlarge',
'd2.xlarge',
'd2.2xlarge',
'd2.4xlarge',
'd2.8xlarge',
'hi1.4xlarge',
'hs1.8xlarge',
'cr1.8xlarge',
'cc2.8xlarge',
'cg1.4xlarge'],
ConstraintDescription='must be a valid EC2 instance type.',
))
keyname = template.add_parameter(Parameter(
'KeyName',
Description='Name of an existing EC2 KeyPair to enable SSH access'
' to the instance',
Type='AWS::EC2::KeyPair::KeyName',
ConstraintDescription='must be the name of an existing EC2 KeyPair.',
))
sshlocation = template.add_parameter(Parameter(
'SSHLocation',
Description='The IP address range that can be used to SSH to'
' the EC2 instances',
Type='String',
MinLength='9',
MaxLength='18',
Default='0.0.0.0/0',
AllowedPattern='(\\d{1,3})\\.(\\d{1,3})\\.'
'(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})',
ConstraintDescription='must be a valid IP CIDR range of the'
' form x.x.x.x/x.'
))
# Resources
webserverrole = template.add_resource(iam.Role(
'WebServerRole',
AssumeRolePolicyDocument=PolicyDocument(
Statement=[
Statement(
Effect=Allow,
Action=[AssumeRole],
Principal=Principal('Service',
[FindInMap('Region2Principal',
Ref('AWS::Region'),
'EC2Principal')]),
)
]
),
Path='/',
))
template.add_resource(iam.PolicyType(
'WebServerRolePolicy',
PolicyName='WebServerRole',
PolicyDocument=PolicyDocument(
Statement=[awacs.aws.Statement(
Action=[awacs.aws.Action("elasticache",
"DescribeCacheClusters")],
Resource=["*"],
Effect=awacs.aws.Allow
)]
),
Roles=[Ref(webserverrole)],
))
webserverinstanceprofile = template.add_resource(iam.InstanceProfile(
'WebServerInstanceProfile',
Path='/',
Roles=[Ref(webserverrole)],
))
webserversg = template.add_resource(ec2.SecurityGroup(
'WebServerSecurityGroup',
GroupDescription='Enable HTTP and SSH access',
SecurityGroupIngress=[
ec2.SecurityGroupRule(
IpProtocol='tcp',
FromPort='22',
ToPort='22',
CidrIp=Ref(sshlocation),
),
ec2.SecurityGroupRule(
IpProtocol='tcp',
FromPort='80',
ToPort='80',
CidrIp='0.0.0.0/0',
)
]
))
webserverinstance = template.add_resource(ec2.Instance(
'WebServerInstance',
Metadata=cloudformation.Metadata(
cloudformation.Init({
'config': cloudformation.InitConfig(
packages={
'yum': {
'httpd': [],
'php': [],
'php-devel': [],
'gcc': [],
'make': []
}
},
files=cloudformation.InitFiles({
'/var/www/html/index.php': cloudformation.InitFile(
content=Join('', [
'<?php\n',
'echo \"<h1>AWS CloudFormation sample'
' application for Amazon ElastiCache'
' Redis Cluster</h1>\";\n',
'\n',
'$cluster_config = json_decode('
'file_get_contents(\'/tmp/cacheclusterconfig\''
'), true);\n',
'$endpoint = $cluster_config[\'CacheClusters'
'\'][0][\'CacheNodes\'][0][\'Endpoint\'][\'Add'
'ress\'];\n',
'$port = $cluster_config[\'CacheClusters\'][0]'
'[\'CacheNodes\'][0][\'Endpoint\'][\'Port\'];'
'\n',
'\n',
'echo \"<p>Connecting to Redis Cache Cluster '
'node \'{$endpoint}\' on port {$port}</p>\";'
'\n',
'\n',
'$redis=new Redis();\n',
'$redis->connect($endpoint, $port);\n',
'$redis->set(\'testkey\', \'Hello World!\');'
'\n',
'$return = $redis->get(\'testkey\');\n',
'\n',
'echo \"<p>Retrieved value: $return</p>\";'
'\n',
'?>\n'
]),
mode='000644',
owner='apache',
group='apache'
),
'/etc/cron.d/get_cluster_config':
cloudformation.InitFile(
content='*/5 * * * * root'
' /usr/local/bin/get_cluster_config',
mode='000644',
owner='root',
group='root'
),
'/usr/local/bin/get_cluster_config':
cloudformation.InitFile(
content=Join('', [
'#! /bin/bash\n',
'aws elasticache describe-cache-clusters ',
' --cache-cluster-id ',
Ref('RedisCluster'),
' --show-cache-node-info'
' --region ', Ref('AWS::Region'),
' > /tmp/cacheclusterconfig\n'
]),
mode='000755',
owner='root',
group='root'
),
'/usr/local/bin/install_phpredis':
cloudformation.InitFile(
content=Join('', [
'#! /bin/bash\n',
'cd /tmp\n',
'wget https://github.com/nicolasff/'
'phpredis/zipball/master -O phpredis.zip'
'\n',
'unzip phpredis.zip\n',
'cd nicolasff-phpredis-*\n',
'phpize\n',
'./configure\n',
'make && make install\n',
'touch /etc/php.d/redis.ini\n',
'echo extension=redis.so > /etc/php.d/'
'redis.ini\n'
]),
mode='000755',
owner='root',
group='root'
),
'/etc/cfn/cfn-hup.conf': cloudformation.InitFile(
content=Join('', [
'[main]\n',
'stack=', Ref('AWS::StackId'), '\n',
'region=', Ref('AWS::Region'), '\n'
]),
mode='000400',
owner='root',
group='root'
),
'/etc/cfn/hooks.d/cfn-auto-reloader.conf':
cloudformation.InitFile(
content=Join('', [
'[cfn-auto-reloader-hook]\n',
'triggers=post.update\n',
'path=Resources.WebServerInstance.Metadata'
'.AWS::CloudFormation::Init\n',
'action=/opt/aws/bin/cfn-init -v ',
' --stack ', Ref('AWS::StackName'),
' --resource WebServerInstance ',
' --region ', Ref('AWS::Region'),
'\n',
'runas=root\n'
]),
# Why doesn't the Amazon template have this?
# mode='000400',
# owner='root',
# group='root'
),
}),
commands={
'01-install_phpredis': {
'command': '/usr/local/bin/install_phpredis'
},
'02-get-cluster-config': {
'command': '/usr/local/bin/get_cluster_config'
}
},
services={
"sysvinit": cloudformation.InitServices({
"httpd": cloudformation.InitService(
enabled=True,
ensureRunning=True,
),
"cfn-hup": cloudformation.InitService(
enabled=True,
ensureRunning=True,
files=['/etc/cfn/cfn-hup.conf',
'/etc/cfn/hooks.d/'
'cfn-auto-reloader.conf']
),
}),
},
)
})
),
ImageId=FindInMap('AWSRegionArch2AMI', Ref('AWS::Region'),
FindInMap('AWSInstanceType2Arch',
Ref(instancetype), 'Arch')),
InstanceType=Ref(instancetype),
SecurityGroups=[Ref(webserversg)],
KeyName=Ref(keyname),
IamInstanceProfile=Ref(webserverinstanceprofile),
UserData=Base64(Join('', [
'#!/bin/bash -xe\n',
'yum update -y aws-cfn-bootstrap\n',
'# Setup the PHP sample application\n',
'/opt/aws/bin/cfn-init -v ',
' --stack ', Ref('AWS::StackName'),
' --resource WebServerInstance ',
' --region ', Ref('AWS::Region'), '\n',
'# Signal the status of cfn-init\n',
'/opt/aws/bin/cfn-signal -e $? ',
' --stack ', Ref('AWS::StackName'),
' --resource WebServerInstance ',
' --region ', Ref('AWS::Region'), '\n'
])),
CreationPolicy=CreationPolicy(
ResourceSignal=ResourceSignal(Timeout='PT15M')
),
Tags=Tags(Application=Ref('AWS::StackId'),
Details='Created using Troposhpere')
))
redisclustersg = template.add_resource(elasticache.SecurityGroup(
'RedisClusterSecurityGroup',
Description='Lock the cluster down',
))
template.add_resource(elasticache.SecurityGroupIngress(
'RedisClusterSecurityGroupIngress',
CacheSecurityGroupName=Ref(redisclustersg),
EC2SecurityGroupName=Ref(webserversg),
))
template.add_resource(elasticache.CacheCluster(
'RedisCluster',
Engine='redis',
CacheNodeType=Ref(cachenodetype),
NumCacheNodes='1',
CacheSecurityGroupNames=[Ref(redisclustersg)],
))
# Outputs
template.add_output([
Output(
'WebsiteURL',
Description='Application URL',
Value=Join('', [
'http://',
GetAtt(webserverinstance, 'PublicDnsName'),
])
)
])
# Print CloudFormation Template
print(template.to_json())
def configure(self):
elasticache_metadata = constants.ENVIRONMENTS[self.env]['elasticache']
self.name = 'elasticache'
self.add_description('Sets up elasticache in VPC')
self.get_standard_parameters()
self.get_default_security_groups()
for cache in elasticache_metadata:
name = self.env + cache['name'].replace(
'-', '').capitalize() + cache['engine'].capitalize()
tags = self.get_tags(service_override=self.name,
role_override=cache['name'])
_port = 6379 if cache['engine'] == 'redis' else 11211
security_group = self.add_resource(
ec2.SecurityGroup(
'{}ElastiCacheSecurityGroup'.format(name),
VpcId=self.vpc_id,
GroupDescription='Security Group for {} Access'.format(
name),
SecurityGroupIngress=[{
'IpProtocol': 'tcp',
'FromPort': _port,
'ToPort': _port,
'CidrIp': self.vpc_cidr
}],
Tags=tags))
# Default to true for preferred subnet unless using multi_az
preferred_only = False if cache.get(
'multi_az') is True else cache.get('preferred_only', True)
subnet_group = self.add_resource(
elasticache.SubnetGroup(
'{}SubnetGroup'.format(name),
Description='SubnetGroup for {} Elasticache'.format(name),
SubnetIds=list(
map(
lambda x: x['SubnetId'],
self.get_subnets(
'private', _preferred_only=preferred_only)))))
if cache['engine'] == 'redis':
cache_cluster = self.add_resource(
elasticache.ReplicationGroup(
'{}ReplicationGroup'.format(name),
AutomaticFailoverEnabled=False,
AutoMinorVersionUpgrade=True,
CacheNodeType=cache['instance_type'],
CacheSubnetGroupName=Ref(subnet_group),
Engine='redis',
EngineVersion=cache.get('engine_version', '5.0.6'),
NumCacheClusters=1,
ReplicationGroupDescription=
'{} RedisElasticache Cluster'.format(name),
SecurityGroupIds=[Ref(security_group)]))
records = [GetAtt(cache_cluster, 'PrimaryEndPoint.Address')]
else:
cache_cluster = self.add_resource(
elasticache.CacheCluster(
'{}CacheCluster'.format(name),
AutoMinorVersionUpgrade=True,
CacheNodeType=cache['instance_type'],
CacheSubnetGroupName=Ref(subnet_group),
ClusterName=cache.get('cluster_name', name),
Engine='memcached',
EngineVersion='1.5.16',
NumCacheNodes=3,
VpcSecurityGroupIds=[Ref(security_group)]))
records = [
GetAtt(cache_cluster, 'ConfigurationEndpoint.Address')
]
if self.get_partition() != 'aws-us-gov':
hosted_zone = constants.ENVIRONMENTS[self.env]['route53_zone']
self.add_resource(
route53.RecordSetGroup(
'{}Route53'.format(name),
HostedZoneName=hosted_zone,
RecordSets=[
route53.RecordSet(
Name='{}.{}.{}'.format(cache['name'],
cache['engine'],
hosted_zone),
ResourceRecords=[
GetAtt(cache_cluster,
'PrimaryEndPoint.Address')
],
Type='CNAME',
TTL=600)
]))
Table("TestDynamoDB",
KeySchema=[KeySchema(AttributeName='GameId', KeyType="HASH")],
AttributeDefinitions=[
AttributeDefinition(AttributeName='GameId', AttributeType='N')
],
ProvisionedThroughput=ProvisionedThroughput(ReadCapacityUnits=1,
WriteCapacityUnits=1)))
redisClusterSg = t.add_resource(
elasticache.SecurityGroup('TestRedisSG',
Description='redis security group'))
t.add_resource(
elasticache.SecurityGroupIngress(
'TestSGIngress',
CacheSecurityGroupName=Ref(redisClusterSg),
EC2SecurityGroupName=Ref(instanceSecurityGroup)))
t.add_resource(
elasticache.CacheCluster("TestRedisCluster",
Engine='redis',
CacheNodeType='cache.t2.small',
NumCacheNodes='1',
CacheSecurityGroupNames=[Ref(redisClusterSg)],
CacheSubnetGroupName=Ref(subnet),
VpcSecurityGroupIds=[Ref(instanceSecurityGroup)]))
t.add_resource(Bucket("TestBucket", AccessControl=Private))
print(t.to_yaml())
