def create_cache_cluster(stack, name, cache_type, vpc, cidrs, subnet_ids, instance_type, num_cache_clusters): """Add Elasticache Cache cluster Resource.""" ports = {'redis': 6379, 'memcached': 11211} ingress = [] for idx, cidr in enumerate(cidrs): ingress.append( SecurityGroupRule( '{0}{1}{2}'.format(name.replace('-', ''), cache_type, idx), CidrIp=cidr, FromPort=ports[cache_type], ToPort=ports[cache_type], IpProtocol='tcp', )) secgroup = stack.stack.add_resource( SecurityGroup( '{0}{1}SecurityGroup'.format(name.replace('-', ''), cache_type), GroupDescription='{0} {1} Security Group'.format(name, cache_type), SecurityGroupIngress=ingress, SecurityGroupEgress=[ SecurityGroupRule('{0}egress'.format(name.replace('-', '')), CidrIp='0.0.0.0/0', IpProtocol='-1') ], VpcId=vpc, )) subnet_group = stack.stack.add_resource( elasticache.SubnetGroup( '{0}{1}cache'.format(name.replace('-', ''), cache_type), Description='{0}{1} cache'.format(name, cache_type), SubnetIds=subnet_ids, )) if num_cache_clusters > 1: stack.stack.add_resource( elasticache.ReplicationGroup( '{0}CacheCluster'.format(name.replace('-', '')), ReplicationGroupId='{0}'.format(name), ReplicationGroupDescription='{0}cluster'.format(name), Engine='{0}'.format(cache_type), EngineVersion='3.2.6', CacheNodeType=instance_type, NumCacheClusters=num_cache_clusters, CacheSubnetGroupName=Ref(subnet_group), SecurityGroupIds=[Ref(secgroup)], AtRestEncryptionEnabled=True)) else: stack.stack.add_resource( elasticache.CacheCluster('{0}CacheCluster'.format( name.replace('-', '')), ClusterName='{0}'.format(name), Engine='{0}'.format(cache_type), EngineVersion='3.2.10', CacheNodeType=instance_type, NumCacheNodes=num_cache_clusters, VpcSecurityGroupIds=[Ref(secgroup)], CacheSubnetGroupName=Ref(subnet_group)))
def add_cachecluster(self, cache_node_type, clustersg, name, engine, num_nodes, subnet_group): return self.add_resource( elasticache.CacheCluster(name + engine + 'Cluster', Engine=engine, CacheNodeType=cache_node_type, NumCacheNodes=num_nodes, VpcSecurityGroupIds=[Ref(clustersg)], CacheSubnetGroupName=Ref(subnet_group)))
def create_redis_resource(template, redis_node_class_parameter, redis_nodes_count_parameter, redis_security_group_resource, redis_subnet_group_resource): return template.add_resource( elasticache.CacheCluster( 'Redis', Engine='redis', EngineVersion='4.0', CacheNodeType=Ref(redis_node_class_parameter), NumCacheNodes=Ref(redis_nodes_count_parameter), VpcSecurityGroupIds=[ GetAtt(redis_security_group_resource, 'GroupId')], CacheSubnetGroupName=Ref(redis_subnet_group_resource) ) )
def render_elasticache(context, template): ensure(context['elasticache']['engine'] == 'redis', 'We only support Redis as ElastiCache engine at this time') cache_security_group = elasticache_security_group(context) template.add_resource(cache_security_group) subnet_group = elasticache.SubnetGroup( ELASTICACHE_SUBNET_GROUP_TITLE, Description="a group of subnets for this cache instance.", SubnetIds=context['elasticache']['subnets']) template.add_resource(subnet_group) parameter_group = elasticache.ParameterGroup( ELASTICACHE_PARAMETER_GROUP_TITLE, CacheParameterGroupFamily='redis2.8', Description='ElastiCache parameter group for %s' % context['stackname'], Properties=context['elasticache']['configuration']) template.add_resource(parameter_group) template.add_resource( elasticache.CacheCluster( ELASTICACHE_TITLE, CacheNodeType='cache.t2.small', CacheParameterGroupName=Ref(parameter_group), CacheSubnetGroupName=Ref(subnet_group), Engine='redis', EngineVersion=context['elasticache']['version'], PreferredAvailabilityZone=context['elasticache']['az'], # we only support Redis, and it only supports 1 node NumCacheNodes=1, Tags=Tags(**_generic_tags(context)), VpcSecurityGroupIds=[Ref(cache_security_group)], )) outputs = [ mkoutput("ElastiCacheHost", "The hostname on which the cache accepts connections", (ELASTICACHE_TITLE, "RedisEndpoint.Address")), mkoutput("ElastiCachePort", "The port number on which the cache accepts connections", (ELASTICACHE_TITLE, "RedisEndpoint.Port")), ] map(template.add_output, outputs)
def define_cache_culster(self, cluster_config): cc = elasticache.CacheCluster(cluster_config["name"], DeletionPolicy=self.deletion_policy) #DependsOn=cluster_config["security_groups"][0]) cc.CacheNodeType = cluster_config["node_type"] c_sg = self.define_cache_subnet_group(cluster_config["subnet_group"]) cc.CacheSubnetGroupName = c_sg cc.Engine = cluster_config["engine"] cc.EngineVersion = cluster_config["engine_version"] cc.NotificationTopicArn = cluster_config["notification_arn"] cc.NumCacheNodes = cluster_config["node_count"] sg_ids = [] for s in cluster_config["security_groups"]: sg_ids.append(Ref(s)) cc.VpcSecurityGroupIds = sg_ids self._add_resource(cc) return Ref(cc)
def redis_adder(self, name, tags, instance_type='cache.m3.medium', nodes=1, version='2.8.24'): rule = self.rule_adder(6379, cidr='10.0.0.0/16') subnetname = Join("", [name, Ref("DeploymentEnvironment")]) self.group_adder("redissg", [rule]) subnetgroup = self.template.add_resource( elasticache.SubnetGroup( "SubnetGroup", CacheSubnetGroupName=subnetname, Description='Subnet Group for ElasticCache Redis {0}'.format( name), SubnetIds=self.config['subnets'])) self.template.add_resource( elasticache.CacheCluster( "CacheCluster", ClusterName=name, Engine='redis', EngineVersion=version, CacheNodeType=instance_type, NumCacheNodes=nodes, Tags=tags, CacheSubnetGroupName=Ref(subnetgroup), VpcSecurityGroupIds=[GetAtt('redissg', "GroupId")], )) redisdnsrecord = RecordSetType( "RedisDNSRecord", HostedZoneName=Join("", [Ref("RedisDNSDomain"), "."]), Name=Join("", [Ref("RedisDNSName"), ".", Ref("RedisDNSDomain"), "."]), Type="CNAME", TTL="900", ResourceRecords=[GetAtt("CacheCluster", "RedisEndpoint.Address")], ) self.template.add_resource(redisdnsrecord)
def render_elasticache(context, template): ensure(context['elasticache']['engine'] == 'redis', 'We only support Redis as ElastiCache engine at this time') cache_security_group = elasticache_security_group(context) template.add_resource(cache_security_group) subnet_group = elasticache.SubnetGroup( ELASTICACHE_SUBNET_GROUP_TITLE, Description="a group of subnets for this cache instance.", SubnetIds=context['elasticache']['subnets']) template.add_resource(subnet_group) parameter_group = elasticache_default_parameter_group(context) suppressed = context['elasticache'].get('suppressed', []) default_parameter_group_use = False for cluster in range(1, context['elasticache']['clusters'] + 1): if cluster in suppressed: continue cluster_context = overridden_component( context, 'elasticache', index=cluster, allowed=['type', 'version', 'az', 'configuration']) if cluster_context['configuration'] != context['elasticache'][ 'configuration']: cluster_parameter_group = elasticache_overridden_parameter_group( context, cluster_context, cluster) template.add_resource(cluster_parameter_group) cluster_cache_parameter_group_name = Ref(cluster_parameter_group) else: cluster_cache_parameter_group_name = Ref(parameter_group) default_parameter_group_use = True cluster_title = ELASTICACHE_TITLE % cluster template.add_resource( elasticache.CacheCluster( cluster_title, CacheNodeType=cluster_context['type'], CacheParameterGroupName=cluster_cache_parameter_group_name, CacheSubnetGroupName=Ref(subnet_group), Engine='redis', EngineVersion=cluster_context['version'], PreferredAvailabilityZone=cluster_context['az'], # we only support Redis, and it only supports 1 node NumCacheNodes=1, Tags=Tags(**aws.generic_tags(context)), VpcSecurityGroupIds=[Ref(cache_security_group)], )) outputs = [ mkoutput("ElastiCacheHost%s" % cluster, "The hostname on which the cache accepts connections", (cluster_title, "RedisEndpoint.Address")), mkoutput("ElastiCachePort%s" % cluster, "The port number on which the cache accepts connections", (cluster_title, "RedisEndpoint.Port")), ] lmap(template.add_output, outputs) if default_parameter_group_use: template.add_resource(parameter_group)
) ], )) cache_subnet_group = t.add_resource( elasticache.SubnetGroup('CacheSubnetGroup', Description='Cache subnet group', SubnetIds=Ref(param_subnetids))) cache_cluster = t.add_resource( elasticache.CacheCluster( 'CacheCluster', Engine='redis', CacheNodeType=Ref(param_cache_node_type), NumCacheNodes=Ref(param_cache_node_num), CacheSubnetGroupName=Ref(cache_subnet_group), AutoMinorVersionUpgrade=True, VpcSecurityGroupIds=[ If('CreateSecurityGroupCondition', Ref(cache_sg), Ref(param_sg)) ], )) # # Output # t.add_output([ Output( 'EndpointAddress', Description= 'The DNS address of the configuration endpoint for the Redis cache cluster.', Value=GetAtt(cache_cluster, 'RedisEndpoint.Address')),
), ec2.SecurityGroupRule( IpProtocol="tcp", FromPort=If(using_redis_condition, "6379", "11211"), ToPort=If(using_redis_condition, "6379", "11211"), CidrIp=container_b_subnet_cidr, ), ], ) cache_subnet_group = elasticache.SubnetGroup( "CacheSubnetGroup", template=template, Description="Subnets available for the cache instance", Condition=cache_condition, SubnetIds=[Ref(container_a_subnet), Ref(container_b_subnet)], ) cache_cluster = elasticache.CacheCluster( "CacheCluster", template=template, Engine=Ref(cache_engine), CacheNodeType=Ref(cache_node_type), Condition=cache_condition, NumCacheNodes=1, # Must be 1 for redis, but still required Port=If(using_redis_condition, 6379, 11211), VpcSecurityGroupIds=[Ref(cache_security_group)], CacheSubnetGroupName=Ref(cache_subnet_group), )
FromPort=constants.REDIS_PORT, ToPort=constants.REDIS_PORT, SourceSecurityGroupId=Ref(container_security_group), ), Ref("AWS::NoValue"), ), ], Tags=Tags(Name=Join("-", [Ref("AWS::StackName"), "cache"]), ), ) cache_cluster = elasticache.CacheCluster( "CacheCluster", template=template, Engine="memcached", CacheNodeType=Ref(cache_node_type), Condition=using_memcached_condition, NumCacheNodes=1, Port=constants.MEMCACHED_PORT, VpcSecurityGroupIds=[Ref(cache_security_group)], CacheSubnetGroupName=Ref(cache_subnet_group), Tags=Tags(Name=Join("-", [Ref("AWS::StackName"), "cache"]), ), ) redis_replication_group = elasticache.ReplicationGroup( "RedisReplicationGroup", template=template, AtRestEncryptionEnabled=use_aes256_encryption, AutomaticFailoverEnabled=Ref(redis_automatic_failover), AuthToken=If(using_auth_token_condition, Ref(redis_auth_token), Ref("AWS::NoValue")), Engine="redis", EngineVersion=Ref(redis_version),
# Create the Redis cluster. redis_subnet_group = template.add_resource( elasticache.SubnetGroup( 'RedisSubnetGroup', Description='Subnets available for the Redis cluster', SubnetIds=Ref(subnets) ) ) redis = template.add_resource( elasticache.CacheCluster( 'Redis', Engine='redis', EngineVersion='4.0', CacheNodeType=Ref(redis_node_class), NumCacheNodes=Ref(redis_nodes_count), VpcSecurityGroupIds=[GetAtt(redis_security_group, 'GroupId')], CacheSubnetGroupName=Ref(redis_subnet_group) ) ) # Create the SQS queues. default_queue = template.add_resource( sqs.Queue( 'DefaultQueue', QueueName=Ref(sqs_default_queue_name) ) ) notifications_queue = template.add_resource(
def main(): """ Create a ElastiCache Redis Node and EC2 Instance """ template = Template() # Description template.set_description( 'AWS CloudFormation Sample Template ElastiCache_Redis:' 'Sample template showing how to create an Amazon' 'ElastiCache Redis Cluster. **WARNING** This template' 'creates an Amazon EC2 Instance and an Amazon ElastiCache' 'Cluster. You will be billed for the AWS resources used' 'if you create a stack from this template.') # Mappings template.add_mapping('AWSInstanceType2Arch', { 't1.micro': {'Arch': 'PV64'}, 't2.micro': {'Arch': 'HVM64'}, 't2.small': {'Arch': 'HVM64'}, 't2.medium': {'Arch': 'HVM64'}, 'm1.small': {'Arch': 'PV64'}, 'm1.medium': {'Arch': 'PV64'}, 'm1.large': {'Arch': 'PV64'}, 'm1.xlarge': {'Arch': 'PV64'}, 'm2.xlarge': {'Arch': 'PV64'}, 'm2.2xlarge': {'Arch': 'PV64'}, 'm2.4xlarge': {'Arch': 'PV64'}, 'm3.medium': {'Arch': 'HVM64'}, 'm3.large': {'Arch': 'HVM64'}, 'm3.xlarge': {'Arch': 'HVM64'}, 'm3.2xlarge': {'Arch': 'HVM64'}, 'c1.medium': {'Arch': 'PV64'}, 'c1.xlarge': {'Arch': 'PV64'}, 'c3.large': {'Arch': 'HVM64'}, 'c3.xlarge': {'Arch': 'HVM64'}, 'c3.2xlarge': {'Arch': 'HVM64'}, 'c3.4xlarge': {'Arch': 'HVM64'}, 'c3.8xlarge': {'Arch': 'HVM64'}, 'c4.large': {'Arch': 'HVM64'}, 'c4.xlarge': {'Arch': 'HVM64'}, 'c4.2xlarge': {'Arch': 'HVM64'}, 'c4.4xlarge': {'Arch': 'HVM64'}, 'c4.8xlarge': {'Arch': 'HVM64'}, 'g2.2xlarge': {'Arch': 'HVMG2'}, 'r3.large': {'Arch': 'HVM64'}, 'r3.xlarge': {'Arch': 'HVM64'}, 'r3.2xlarge': {'Arch': 'HVM64'}, 'r3.4xlarge': {'Arch': 'HVM64'}, 'r3.8xlarge': {'Arch': 'HVM64'}, 'i2.xlarge': {'Arch': 'HVM64'}, 'i2.2xlarge': {'Arch': 'HVM64'}, 'i2.4xlarge': {'Arch': 'HVM64'}, 'i2.8xlarge': {'Arch': 'HVM64'}, 'd2.xlarge': {'Arch': 'HVM64'}, 'd2.2xlarge': {'Arch': 'HVM64'}, 'd2.4xlarge': {'Arch': 'HVM64'}, 'd2.8xlarge': {'Arch': 'HVM64'}, 'hi1.4xlarge': {'Arch': 'HVM64'}, 'hs1.8xlarge': {'Arch': 'HVM64'}, 'cr1.8xlarge': {'Arch': 'HVM64'}, 'cc2.8xlarge': {'Arch': 'HVM64'} }) template.add_mapping('AWSRegionArch2AMI', { 'us-east-1': {'PV64': 'ami-0f4cfd64', 'HVM64': 'ami-0d4cfd66', 'HVMG2': 'ami-5b05ba30'}, 'us-west-2': {'PV64': 'ami-d3c5d1e3', 'HVM64': 'ami-d5c5d1e5', 'HVMG2': 'ami-a9d6c099'}, 'us-west-1': {'PV64': 'ami-85ea13c1', 'HVM64': 'ami-87ea13c3', 'HVMG2': 'ami-37827a73'}, 'eu-west-1': {'PV64': 'ami-d6d18ea1', 'HVM64': 'ami-e4d18e93', 'HVMG2': 'ami-72a9f105'}, 'eu-central-1': {'PV64': 'ami-a4b0b7b9', 'HVM64': 'ami-a6b0b7bb', 'HVMG2': 'ami-a6c9cfbb'}, 'ap-northeast-1': {'PV64': 'ami-1a1b9f1a', 'HVM64': 'ami-1c1b9f1c', 'HVMG2': 'ami-f644c4f6'}, 'ap-southeast-1': {'PV64': 'ami-d24b4280', 'HVM64': 'ami-d44b4286', 'HVMG2': 'ami-12b5bc40'}, 'ap-southeast-2': {'PV64': 'ami-ef7b39d5', 'HVM64': 'ami-db7b39e1', 'HVMG2': 'ami-b3337e89'}, 'sa-east-1': {'PV64': 'ami-5b098146', 'HVM64': 'ami-55098148', 'HVMG2': 'NOT_SUPPORTED'}, 'cn-north-1': {'PV64': 'ami-bec45887', 'HVM64': 'ami-bcc45885', 'HVMG2': 'NOT_SUPPORTED'} }) template.add_mapping('Region2Principal', { 'us-east-1': {'EC2Principal': 'ec2.amazonaws.com', 'OpsWorksPrincipal': 'opsworks.amazonaws.com'}, 'us-west-2': {'EC2Principal': 'ec2.amazonaws.com', 'OpsWorksPrincipal': 'opsworks.amazonaws.com'}, 'us-west-1': {'EC2Principal': 'ec2.amazonaws.com', 'OpsWorksPrincipal': 'opsworks.amazonaws.com'}, 'eu-west-1': {'EC2Principal': 'ec2.amazonaws.com', 'OpsWorksPrincipal': 'opsworks.amazonaws.com'}, 'ap-southeast-1': {'EC2Principal': 'ec2.amazonaws.com', 'OpsWorksPrincipal': 'opsworks.amazonaws.com'}, 'ap-northeast-1': {'EC2Principal': 'ec2.amazonaws.com', 'OpsWorksPrincipal': 'opsworks.amazonaws.com'}, 'ap-southeast-2': {'EC2Principal': 'ec2.amazonaws.com', 'OpsWorksPrincipal': 'opsworks.amazonaws.com'}, 'sa-east-1': {'EC2Principal': 'ec2.amazonaws.com', 'OpsWorksPrincipal': 'opsworks.amazonaws.com'}, 'cn-north-1': {'EC2Principal': 'ec2.amazonaws.com.cn', 'OpsWorksPrincipal': 'opsworks.amazonaws.com.cn'}, 'eu-central-1': {'EC2Principal': 'ec2.amazonaws.com', 'OpsWorksPrincipal': 'opsworks.amazonaws.com'} }) # Parameters cachenodetype = template.add_parameter(Parameter( 'ClusterNodeType', Description='The compute and memory capacity of the nodes in the Redis' ' Cluster', Type='String', Default='cache.m1.small', AllowedValues=['cache.m1.small', 'cache.m1.large', 'cache.m1.xlarge', 'cache.m2.xlarge', 'cache.m2.2xlarge', 'cache.m2.4xlarge', 'cache.c1.xlarge'], ConstraintDescription='must select a valid Cache Node type.', )) instancetype = template.add_parameter(Parameter( 'InstanceType', Description='WebServer EC2 instance type', Type='String', Default='t2.micro', AllowedValues=['t1.micro', 't2.micro', 't2.small', 't2.medium', 'm1.small', 'm1.medium', 'm1.large', 'm1.xlarge', 'm2.xlarge', 'm2.2xlarge', 'm2.4xlarge', 'm3.medium', 'm3.large', 'm3.xlarge', 'm3.2xlarge', 'c1.medium', 'c1.xlarge', 'c3.large', 'c3.xlarge', 'c3.2xlarge', 'c3.4xlarge', 'c3.8xlarge', 'c4.large', 'c4.xlarge', 'c4.2xlarge', 'c4.4xlarge', 'c4.8xlarge', 'g2.2xlarge', 'r3.large', 'r3.xlarge', 'r3.2xlarge', 'r3.4xlarge', 'r3.8xlarge', 'i2.xlarge', 'i2.2xlarge', 'i2.4xlarge', 'i2.8xlarge', 'd2.xlarge', 'd2.2xlarge', 'd2.4xlarge', 'd2.8xlarge', 'hi1.4xlarge', 'hs1.8xlarge', 'cr1.8xlarge', 'cc2.8xlarge', 'cg1.4xlarge'], ConstraintDescription='must be a valid EC2 instance type.', )) keyname = template.add_parameter(Parameter( 'KeyName', Description='Name of an existing EC2 KeyPair to enable SSH access' ' to the instance', Type='AWS::EC2::KeyPair::KeyName', ConstraintDescription='must be the name of an existing EC2 KeyPair.', )) sshlocation = template.add_parameter(Parameter( 'SSHLocation', Description='The IP address range that can be used to SSH to' ' the EC2 instances', Type='String', MinLength='9', MaxLength='18', Default='0.0.0.0/0', AllowedPattern='(\\d{1,3})\\.(\\d{1,3})\\.' '(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})', ConstraintDescription='must be a valid IP CIDR range of the' ' form x.x.x.x/x.' )) # Resources webserverrole = template.add_resource(iam.Role( 'WebServerRole', AssumeRolePolicyDocument=PolicyDocument( Statement=[ Statement( Effect=Allow, Action=[AssumeRole], Principal=Principal('Service', [FindInMap('Region2Principal', Ref('AWS::Region'), 'EC2Principal')]), ) ] ), Path='/', )) template.add_resource(iam.PolicyType( 'WebServerRolePolicy', PolicyName='WebServerRole', PolicyDocument=PolicyDocument( Statement=[awacs.aws.Statement( Action=[awacs.aws.Action("elasticache", "DescribeCacheClusters")], Resource=["*"], Effect=awacs.aws.Allow )] ), Roles=[Ref(webserverrole)], )) webserverinstanceprofile = template.add_resource(iam.InstanceProfile( 'WebServerInstanceProfile', Path='/', Roles=[Ref(webserverrole)], )) webserversg = template.add_resource(ec2.SecurityGroup( 'WebServerSecurityGroup', GroupDescription='Enable HTTP and SSH access', SecurityGroupIngress=[ ec2.SecurityGroupRule( IpProtocol='tcp', FromPort='22', ToPort='22', CidrIp=Ref(sshlocation), ), ec2.SecurityGroupRule( IpProtocol='tcp', FromPort='80', ToPort='80', CidrIp='0.0.0.0/0', ) ] )) webserverinstance = template.add_resource(ec2.Instance( 'WebServerInstance', Metadata=cloudformation.Metadata( cloudformation.Init({ 'config': cloudformation.InitConfig( packages={ 'yum': { 'httpd': [], 'php': [], 'php-devel': [], 'gcc': [], 'make': [] } }, files=cloudformation.InitFiles({ '/var/www/html/index.php': cloudformation.InitFile( content=Join('', [ '<?php\n', 'echo \"<h1>AWS CloudFormation sample' ' application for Amazon ElastiCache' ' Redis Cluster</h1>\";\n', '\n', '$cluster_config = json_decode(' 'file_get_contents(\'/tmp/cacheclusterconfig\'' '), true);\n', '$endpoint = $cluster_config[\'CacheClusters' '\'][0][\'CacheNodes\'][0][\'Endpoint\'][\'Add' 'ress\'];\n', '$port = $cluster_config[\'CacheClusters\'][0]' '[\'CacheNodes\'][0][\'Endpoint\'][\'Port\'];' '\n', '\n', 'echo \"<p>Connecting to Redis Cache Cluster ' 'node \'{$endpoint}\' on port {$port}</p>\";' '\n', '\n', '$redis=new Redis();\n', '$redis->connect($endpoint, $port);\n', '$redis->set(\'testkey\', \'Hello World!\');' '\n', '$return = $redis->get(\'testkey\');\n', '\n', 'echo \"<p>Retrieved value: $return</p>\";' '\n', '?>\n' ]), mode='000644', owner='apache', group='apache' ), '/etc/cron.d/get_cluster_config': cloudformation.InitFile( content='*/5 * * * * root' ' /usr/local/bin/get_cluster_config', mode='000644', owner='root', group='root' ), '/usr/local/bin/get_cluster_config': cloudformation.InitFile( content=Join('', [ '#! /bin/bash\n', 'aws elasticache describe-cache-clusters ', ' --cache-cluster-id ', Ref('RedisCluster'), ' --show-cache-node-info' ' --region ', Ref('AWS::Region'), ' > /tmp/cacheclusterconfig\n' ]), mode='000755', owner='root', group='root' ), '/usr/local/bin/install_phpredis': cloudformation.InitFile( content=Join('', [ '#! /bin/bash\n', 'cd /tmp\n', 'wget https://github.com/nicolasff/' 'phpredis/zipball/master -O phpredis.zip' '\n', 'unzip phpredis.zip\n', 'cd nicolasff-phpredis-*\n', 'phpize\n', './configure\n', 'make && make install\n', 'touch /etc/php.d/redis.ini\n', 'echo extension=redis.so > /etc/php.d/' 'redis.ini\n' ]), mode='000755', owner='root', group='root' ), '/etc/cfn/cfn-hup.conf': cloudformation.InitFile( content=Join('', [ '[main]\n', 'stack=', Ref('AWS::StackId'), '\n', 'region=', Ref('AWS::Region'), '\n' ]), mode='000400', owner='root', group='root' ), '/etc/cfn/hooks.d/cfn-auto-reloader.conf': cloudformation.InitFile( content=Join('', [ '[cfn-auto-reloader-hook]\n', 'triggers=post.update\n', 'path=Resources.WebServerInstance.Metadata' '.AWS::CloudFormation::Init\n', 'action=/opt/aws/bin/cfn-init -v ', ' --stack ', Ref('AWS::StackName'), ' --resource WebServerInstance ', ' --region ', Ref('AWS::Region'), '\n', 'runas=root\n' ]), # Why doesn't the Amazon template have this? # mode='000400', # owner='root', # group='root' ), }), commands={ '01-install_phpredis': { 'command': '/usr/local/bin/install_phpredis' }, '02-get-cluster-config': { 'command': '/usr/local/bin/get_cluster_config' } }, services={ "sysvinit": cloudformation.InitServices({ "httpd": cloudformation.InitService( enabled=True, ensureRunning=True, ), "cfn-hup": cloudformation.InitService( enabled=True, ensureRunning=True, files=['/etc/cfn/cfn-hup.conf', '/etc/cfn/hooks.d/' 'cfn-auto-reloader.conf'] ), }), }, ) }) ), ImageId=FindInMap('AWSRegionArch2AMI', Ref('AWS::Region'), FindInMap('AWSInstanceType2Arch', Ref(instancetype), 'Arch')), InstanceType=Ref(instancetype), SecurityGroups=[Ref(webserversg)], KeyName=Ref(keyname), IamInstanceProfile=Ref(webserverinstanceprofile), UserData=Base64(Join('', [ '#!/bin/bash -xe\n', 'yum update -y aws-cfn-bootstrap\n', '# Setup the PHP sample application\n', '/opt/aws/bin/cfn-init -v ', ' --stack ', Ref('AWS::StackName'), ' --resource WebServerInstance ', ' --region ', Ref('AWS::Region'), '\n', '# Signal the status of cfn-init\n', '/opt/aws/bin/cfn-signal -e $? ', ' --stack ', Ref('AWS::StackName'), ' --resource WebServerInstance ', ' --region ', Ref('AWS::Region'), '\n' ])), CreationPolicy=CreationPolicy( ResourceSignal=ResourceSignal(Timeout='PT15M') ), Tags=Tags(Application=Ref('AWS::StackId'), Details='Created using Troposhpere') )) redisclustersg = template.add_resource(elasticache.SecurityGroup( 'RedisClusterSecurityGroup', Description='Lock the cluster down', )) template.add_resource(elasticache.SecurityGroupIngress( 'RedisClusterSecurityGroupIngress', CacheSecurityGroupName=Ref(redisclustersg), EC2SecurityGroupName=Ref(webserversg), )) template.add_resource(elasticache.CacheCluster( 'RedisCluster', Engine='redis', CacheNodeType=Ref(cachenodetype), NumCacheNodes='1', CacheSecurityGroupNames=[Ref(redisclustersg)], )) # Outputs template.add_output([ Output( 'WebsiteURL', Description='Application URL', Value=Join('', [ 'http://', GetAtt(webserverinstance, 'PublicDnsName'), ]) ) ]) # Print CloudFormation Template print(template.to_json())
def configure(self): elasticache_metadata = constants.ENVIRONMENTS[self.env]['elasticache'] self.name = 'elasticache' self.add_description('Sets up elasticache in VPC') self.get_standard_parameters() self.get_default_security_groups() for cache in elasticache_metadata: name = self.env + cache['name'].replace( '-', '').capitalize() + cache['engine'].capitalize() tags = self.get_tags(service_override=self.name, role_override=cache['name']) _port = 6379 if cache['engine'] == 'redis' else 11211 security_group = self.add_resource( ec2.SecurityGroup( '{}ElastiCacheSecurityGroup'.format(name), VpcId=self.vpc_id, GroupDescription='Security Group for {} Access'.format( name), SecurityGroupIngress=[{ 'IpProtocol': 'tcp', 'FromPort': _port, 'ToPort': _port, 'CidrIp': self.vpc_cidr }], Tags=tags)) # Default to true for preferred subnet unless using multi_az preferred_only = False if cache.get( 'multi_az') is True else cache.get('preferred_only', True) subnet_group = self.add_resource( elasticache.SubnetGroup( '{}SubnetGroup'.format(name), Description='SubnetGroup for {} Elasticache'.format(name), SubnetIds=list( map( lambda x: x['SubnetId'], self.get_subnets( 'private', _preferred_only=preferred_only))))) if cache['engine'] == 'redis': cache_cluster = self.add_resource( elasticache.ReplicationGroup( '{}ReplicationGroup'.format(name), AutomaticFailoverEnabled=False, AutoMinorVersionUpgrade=True, CacheNodeType=cache['instance_type'], CacheSubnetGroupName=Ref(subnet_group), Engine='redis', EngineVersion=cache.get('engine_version', '5.0.6'), NumCacheClusters=1, ReplicationGroupDescription= '{} RedisElasticache Cluster'.format(name), SecurityGroupIds=[Ref(security_group)])) records = [GetAtt(cache_cluster, 'PrimaryEndPoint.Address')] else: cache_cluster = self.add_resource( elasticache.CacheCluster( '{}CacheCluster'.format(name), AutoMinorVersionUpgrade=True, CacheNodeType=cache['instance_type'], CacheSubnetGroupName=Ref(subnet_group), ClusterName=cache.get('cluster_name', name), Engine='memcached', EngineVersion='1.5.16', NumCacheNodes=3, VpcSecurityGroupIds=[Ref(security_group)])) records = [ GetAtt(cache_cluster, 'ConfigurationEndpoint.Address') ] if self.get_partition() != 'aws-us-gov': hosted_zone = constants.ENVIRONMENTS[self.env]['route53_zone'] self.add_resource( route53.RecordSetGroup( '{}Route53'.format(name), HostedZoneName=hosted_zone, RecordSets=[ route53.RecordSet( Name='{}.{}.{}'.format(cache['name'], cache['engine'], hosted_zone), ResourceRecords=[ GetAtt(cache_cluster, 'PrimaryEndPoint.Address') ], Type='CNAME', TTL=600) ]))
Table("TestDynamoDB", KeySchema=[KeySchema(AttributeName='GameId', KeyType="HASH")], AttributeDefinitions=[ AttributeDefinition(AttributeName='GameId', AttributeType='N') ], ProvisionedThroughput=ProvisionedThroughput(ReadCapacityUnits=1, WriteCapacityUnits=1))) redisClusterSg = t.add_resource( elasticache.SecurityGroup('TestRedisSG', Description='redis security group')) t.add_resource( elasticache.SecurityGroupIngress( 'TestSGIngress', CacheSecurityGroupName=Ref(redisClusterSg), EC2SecurityGroupName=Ref(instanceSecurityGroup))) t.add_resource( elasticache.CacheCluster("TestRedisCluster", Engine='redis', CacheNodeType='cache.t2.small', NumCacheNodes='1', CacheSecurityGroupNames=[Ref(redisClusterSg)], CacheSubnetGroupName=Ref(subnet), VpcSecurityGroupIds=[Ref(instanceSecurityGroup)])) t.add_resource(Bucket("TestBucket", AccessControl=Private)) print(t.to_yaml())