def create_loadbalancer(): return [ elb.LoadBalancer( 'tlsFrontend', SecurityGroups=[Ref('secgrpLoadBalancer')], Subnets=[Ref('subnetA'), Ref('subnetB')], Tags=_tags(), ), elb.Listener( 'tlsFrontendListener', Certificates=[ elb.Certificate(CertificateArn=Ref('certificateArn')), ], DefaultActions=[ elb.Action(TargetGroupArn=Ref('tlsFrontendApplication'), Type='forward'), ], LoadBalancerArn=Ref('tlsFrontend'), Port=443, Protocol='HTTPS', ), elb.ListenerRule( 'tlsFrontendJenkinsRule', Actions=[ elb.Action(TargetGroupArn=Ref('tlsFrontendJenkins'), Type='forward'), ], Conditions=[ elb.Condition(Field='host-header', Values=[_subdomain_for_jenkins()]), ], ListenerArn=Ref('tlsFrontendListener'), Priority=1, ), elb.TargetGroup( 'tlsFrontendApplication', HealthCheckIntervalSeconds=300, HealthCheckPath='/health', Port=80, Protocol='HTTP', Tags=_tags(), Targets=[ elb.TargetDescription(Id=Ref('devserver'), Port=80), ], VpcId=Ref('vpc'), ), elb.TargetGroup( 'tlsFrontendJenkins', HealthCheckIntervalSeconds=300, HealthCheckPath='/robots.txt', Port=8080, Protocol='HTTP', Tags=_tags(), Targets=[ elb.TargetDescription(Id=Ref('devserver'), Port=8080), ], VpcId=Ref('vpc'), ), ]
def add_alb(self, template, provision_refs, instances): alb = template.add_resource( elb.LoadBalancer( 'ALB', LoadBalancerAttributes=[ elb.LoadBalancerAttributes( Key='idle_timeout.timeout_seconds', Value='3600') ], Subnets=provision_refs.subnets, Type='application', Scheme='internet-facing', IpAddressType='ipv4', SecurityGroups=[provision_refs.security_group_alb])) default_target_group = template.add_resource( elb.TargetGroup( 'DefaultTargetGroup', Port=46658, Protocol='HTTP', Targets=[ elb.TargetDescription(Id=Ref(instance)) for instance in instances ], HealthCheckProtocol='HTTP', HealthCheckPath='/rpc', TargetGroupAttributes=[ elb.TargetGroupAttribute(Key='stickiness.enabled', Value='true'), elb.TargetGroupAttribute(Key='stickiness.type', Value='lb_cookie'), elb.TargetGroupAttribute( Key='stickiness.lb_cookie.duration_seconds', Value='86400'), ], VpcId=provision_refs.vpc)) template.add_resource( elb.Listener( 'ALBListener', DefaultActions=[ elb.Action('DefaultAction', Type='forward', TargetGroupArn=Ref(default_target_group)) ], LoadBalancerArn=Ref(alb), Port=46658, Protocol='HTTPS', SslPolicy='ELBSecurityPolicy-TLS-1-2-2017-01', Certificates=[ elb.Certificate( CertificateArn= 'arn:aws:acm:us-east-1:489745816517:certificate/' 'fbb68210-264e-4340-9c5c-a7687f993579') ])) provision_refs.alb = alb
def create_target_group(stack, name, port, protocol='HTTPS', targets=[], http_codes='200', health_check_path='/', target_type='instance', attributes=False): """Add Target Group Resource.""" target_objects = [] for target in targets: target_objects.append(alb.TargetDescription(Id=target)) tg_atts = [] if not attributes: tg_atts.append( alb.TargetGroupAttribute( Key='deregistration_delay.timeout_seconds', Value='300')) else: for att, value in attributes.items(): tg_atts.append(alb.TargetGroupAttribute(Key=att, Value=value)) if http_codes is not None: return stack.stack.add_resource( alb.TargetGroup('{0}TargetGroup'.format(name), HealthCheckIntervalSeconds='30', HealthCheckProtocol=protocol, HealthCheckTimeoutSeconds='10', HealthyThresholdCount='4', HealthCheckPath=health_check_path, Matcher=alb.Matcher(HttpCode=http_codes), Name='{0}Target'.format(name), Port=port, Protocol=protocol, Targets=target_objects, TargetType=target_type, UnhealthyThresholdCount='3', TargetGroupAttributes=tg_atts, VpcId=Ref(stack.vpc))) return stack.stack.add_resource( alb.TargetGroup('{0}TargetGroup'.format(name), HealthCheckIntervalSeconds='30', HealthCheckProtocol=protocol, HealthCheckTimeoutSeconds='10', HealthyThresholdCount='3', Name='{0}Target'.format(name), Port=port, Protocol=protocol, Targets=targets, UnhealthyThresholdCount='3', TargetType=target_type, TargetGroupAttributes=tg_atts, VpcId=Ref(stack.vpc)))
def elbv2_target(self, target_id, port): """ Create an ELBv2 target :param target_id: ID of the target :param port: Target port :return: Target Description CFN object """ return elbv2.TargetDescription(Id=target_id, Port=port)
def app_elb(template, name, subnets, instances, vpc, instance_port=443, load_balancer_port=443, instance_proto='HTTPS', load_balancer_proto='HTTPS', securitygroups=None): """Create an elastic load balancer """ applb = elbv2.LoadBalancer( name, template=template, Subnets=[Ref(r) for r in subnets], SecurityGroups=[Ref(r) for r in securitygroups], ) targetgroup = elbv2.TargetGroup( title=name + 'targetgroup', template=template, Port=instance_port, Protocol=instance_proto, VpcId=Ref(vpc), Targets=[elbv2.TargetDescription(Id=Ref(r)) for r in instances], HealthCheckIntervalSeconds=10, # HealthCheckPath="/", # HealthCheckPort="traffic-port", # HealthCheckProtocol="HTTP", # HealthCheckTimeoutSeconds=5, # UnhealthyThresholdCount=10, # HealthyThresholdCount=2, ) elbv2.Listener( title=(name + 'listener'), template=template, DefaultActions=[ elbv2.Action(TargetGroupArn=Ref(targetgroup), Type='forward') ], LoadBalancerArn=Ref(applb), Port=load_balancer_port, Protocol=load_balancer_proto, ) return applb
def main(): template = Template() template.add_version("2010-09-09") template.add_description( "AWS CloudFormation Sample Template: ELB with 2 EC2 instances") AddAMI(template) # Add the Parameters keyname_param = template.add_parameter(Parameter( "KeyName", Type="String", Default="mark", Description="Name of an existing EC2 KeyPair to " "enable SSH access to the instance", )) template.add_parameter(Parameter( "InstanceType", Type="String", Description="WebServer EC2 instance type", Default="m1.small", AllowedValues=[ "t1.micro", "m1.small", "m1.medium", "m1.large", "m1.xlarge", "m2.xlarge", "m2.2xlarge", "m2.4xlarge", "c1.medium", "c1.xlarge", "cc1.4xlarge", "cc2.8xlarge", "cg1.4xlarge" ], ConstraintDescription="must be a valid EC2 instance type.", )) webport_param = template.add_parameter(Parameter( "WebServerPort", Type="String", Default="8888", Description="TCP/IP port of the web server", )) apiport_param = template.add_parameter(Parameter( "ApiServerPort", Type="String", Default="8889", Description="TCP/IP port of the api server", )) subnetA = template.add_parameter(Parameter( "subnetA", Type="String", Default="subnet-096fd06d" )) subnetB = template.add_parameter(Parameter( "subnetB", Type="String", Default="subnet-1313ef4b" )) VpcId = template.add_parameter(Parameter( "VpcId", Type="String", Default="vpc-82c514e6" )) # Define the instance security group instance_sg = template.add_resource( ec2.SecurityGroup( "InstanceSecurityGroup", GroupDescription="Enable SSH and HTTP access on the inbound port", SecurityGroupIngress=[ ec2.SecurityGroupRule( IpProtocol="tcp", FromPort="22", ToPort="22", CidrIp="0.0.0.0/0", ), ec2.SecurityGroupRule( IpProtocol="tcp", FromPort=Ref(webport_param), ToPort=Ref(webport_param), CidrIp="0.0.0.0/0", ), ec2.SecurityGroupRule( IpProtocol="tcp", FromPort=Ref(apiport_param), ToPort=Ref(apiport_param), CidrIp="0.0.0.0/0", ), ] ) ) # Add the web server instance WebInstance = template.add_resource(ec2.Instance( "WebInstance", SecurityGroups=[Ref(instance_sg)], KeyName=Ref(keyname_param), InstanceType=Ref("InstanceType"), ImageId=FindInMap("RegionMap", Ref("AWS::Region"), "AMI"), UserData=Base64(Ref(webport_param)), )) # Add the api server instance ApiInstance = template.add_resource(ec2.Instance( "ApiInstance", SecurityGroups=[Ref(instance_sg)], KeyName=Ref(keyname_param), InstanceType=Ref("InstanceType"), ImageId=FindInMap("RegionMap", Ref("AWS::Region"), "AMI"), UserData=Base64(Ref(apiport_param)), )) # Add the application ELB ApplicationElasticLB = template.add_resource(elb.LoadBalancer( "ApplicationElasticLB", Name="ApplicationElasticLB", Scheme="internet-facing", Subnets=[Ref(subnetA), Ref(subnetB)] )) TargetGroupWeb = template.add_resource(elb.TargetGroup( "TargetGroupWeb", HealthCheckIntervalSeconds="30", HealthCheckProtocol="HTTP", HealthCheckTimeoutSeconds="10", HealthyThresholdCount="4", Matcher=elb.Matcher( HttpCode="200"), Name="WebTarget", Port=Ref(webport_param), Protocol="HTTP", Targets=[elb.TargetDescription( Id=Ref(WebInstance), Port=Ref(webport_param))], UnhealthyThresholdCount="3", VpcId=Ref(VpcId) )) TargetGroupApi = template.add_resource(elb.TargetGroup( "TargetGroupApi", HealthCheckIntervalSeconds="30", HealthCheckProtocol="HTTP", HealthCheckTimeoutSeconds="10", HealthyThresholdCount="4", Matcher=elb.Matcher( HttpCode="200"), Name="ApiTarget", Port=Ref(apiport_param), Protocol="HTTP", Targets=[elb.TargetDescription( Id=Ref(ApiInstance), Port=Ref(apiport_param))], UnhealthyThresholdCount="3", VpcId=Ref(VpcId) )) Listener = template.add_resource(elb.Listener( "Listener", Port="80", Protocol="HTTP", LoadBalancerArn=Ref(ApplicationElasticLB), DefaultActions=[elb.Action( Type="forward", TargetGroupArn=Ref(TargetGroupWeb) )] )) template.add_resource(elb.ListenerRule( "ListenerRuleApi", ListenerArn=Ref(Listener), Conditions=[elb.Condition( Field="path-pattern", Values=["/api/*"])], Actions=[elb.Action( Type="forward", TargetGroupArn=Ref(TargetGroupApi) )], Priority="1" )) template.add_output(Output( "URL", Description="URL of the sample website", Value=Join("", ["http://", GetAtt(ApplicationElasticLB, "DNSName")]) )) print(template.to_json())
def main(): template = Template() template.add_version("2010-09-09") template.add_description( "AWS CloudFormation Sample Template: ELB with 2 EC2 instances") AddAMI(template) # Add the Parameters keyname_param = template.add_parameter( Parameter( "KeyName", Type='AWS::EC2::KeyPair::KeyName', Default="ansible-key", Description="Name of an existing EC2 KeyPair to " "enable SSH access to the instance", )) template.add_parameter( Parameter( "InstanceType", Type="String", Description="WebServer EC2 instance type", Default="t2.micro", AllowedValues=["t1.micro", "t2.micro"], ConstraintDescription="must be a valid EC2 instance type.", )) webport_param = template.add_parameter( Parameter( "WebServerPort", Type="String", Default="8888", Description="TCP/IP port of the web server", )) web2_param = template.add_parameter( Parameter( "ApiServerPort", Type="String", Default="8889", Description="TCP/IP port of the api server", )) subnetA = template.add_parameter( Parameter("subnetA", Type="List<AWS::EC2::Subnet::Id>", Description="Choose Subnets")) VpcId = template.add_parameter( Parameter("VpcId", Type="AWS::EC2::VPC::Id", Description="Choose VPC")) # Define the instance security group instance_sg = template.add_resource( ec2.SecurityGroup( "InstanceSecurityGroup", GroupDescription="Enable SSH and HTTP access on the inbound port", SecurityGroupIngress=[ ec2.SecurityGroupRule( IpProtocol="tcp", FromPort="22", ToPort="22", CidrIp="0.0.0.0/0", ), ec2.SecurityGroupRule( IpProtocol="tcp", FromPort=Ref(webport_param), ToPort=Ref(webport_param), CidrIp="0.0.0.0/0", ), ec2.SecurityGroupRule( IpProtocol="tcp", FromPort=Ref(web2_param), ToPort=Ref(web2_param), CidrIp="0.0.0.0/0", ), ])) # Add the web server instance WebInstance = template.add_resource( ec2.Instance( "WebInstance", SecurityGroups=[Ref(instance_sg)], KeyName=Ref(keyname_param), InstanceType=Ref("InstanceType"), ImageId=FindInMap("RegionMap", Ref("AWS::Region"), "AMI"), UserData=Base64( Join('', [ '#!/bin/bash\n', 'sudo yum -y update\n', 'sudo yum install -y httpd php\n', 'sudo sed -i "42s/Listen 80/Listen 8888/" /etc/httpd/conf/httpd.conf\n', 'sudo service httpd restart \n', 'Ref(webport_param)', ])))) # Add the api server instance ApiInstance = template.add_resource( ec2.Instance( "ApiInstance", SecurityGroups=[Ref(instance_sg)], KeyName=Ref(keyname_param), InstanceType=Ref("InstanceType"), ImageId=FindInMap("RegionMap", Ref("AWS::Region"), "AMI"), UserData=Base64( Join('', [ '#!/bin/bash\n', 'sudo yum -y update\n', 'sudo yum install -y httpd php\n', 'sudo sed -i "42s/Listen 80/Listen 8889/" /etc/httpd/conf/httpd.conf\n', 'sudo service httpd restart \n', 'Ref(web2_param)', ])))) # Add the application ELB ApplicationElasticLB = template.add_resource( elb.LoadBalancer("ApplicationElasticLB", Name="ApplicationElasticLB", Scheme="internet-facing", Subnets=Ref("subnetA"))) TargetGroupWeb = template.add_resource( elb.TargetGroup("TargetGroupWeb", HealthCheckIntervalSeconds="30", HealthCheckProtocol="HTTP", HealthCheckTimeoutSeconds="10", HealthyThresholdCount="4", Matcher=elb.Matcher(HttpCode="200"), Name="WebTarget", Port=Ref(webport_param), Protocol="HTTP", Targets=[ elb.TargetDescription(Id=Ref(WebInstance), Port=Ref(webport_param)) ], UnhealthyThresholdCount="3", VpcId=Ref(VpcId))) TargetGroupApi = template.add_resource( elb.TargetGroup("TargetGroupApi", HealthCheckIntervalSeconds="30", HealthCheckProtocol="HTTP", HealthCheckTimeoutSeconds="10", HealthyThresholdCount="4", Matcher=elb.Matcher(HttpCode="200"), Name="ApiTarget", Port=Ref(web2_param), Protocol="HTTP", Targets=[ elb.TargetDescription(Id=Ref(ApiInstance), Port=Ref(web2_param)) ], UnhealthyThresholdCount="3", VpcId=Ref(VpcId))) Listener = template.add_resource( elb.Listener("Listener", Port="80", Protocol="HTTP", LoadBalancerArn=Ref(ApplicationElasticLB), DefaultActions=[ elb.Action(Type="forward", TargetGroupArn=Ref(TargetGroupWeb)) ])) template.add_resource( elb.ListenerRule("ListenerRuleApi", ListenerArn=Ref(Listener), Conditions=[ elb.Condition(Field="path-pattern", Values=["/api/*"]) ], Actions=[ elb.Action(Type="forward", TargetGroupArn=Ref(TargetGroupApi)) ], Priority="1")) template.add_output( Output("URL", Description="URL of the sample website", Value=Join("", ["http://", GetAtt(ApplicationElasticLB, "DNSName")]))) print(template.to_json())
def __init__(self, title, lambda_arn, **kwargs): super().__init__(title, **kwargs) self.Targets = [elbv2.TargetDescription(Id=lambda_arn, )] self.TargetType = 'lambda'
) target_group_web = t.add_resource( elb.TargetGroup( "TestTargetGroupWeb", HealthCheckIntervalSeconds="60", HealthCheckProtocol="HTTP", HealthCheckTimeoutSeconds="30", HealthyThresholdCount="4", UnhealthyThresholdCount="3", Matcher=elb.Matcher(HttpCode="200"), Name="WebTarget", Port="8080", Protocol="HTTP", Targets=[elb.TargetDescription( Id=Ref(web_instance), Port="8080" )], VpcId=Ref(vpc) ) ) target_group_api = t.add_resource( elb.TargetGroup( "TestTargetGroupApi", HealthCheckIntervalSeconds="30", HealthCheckProtocol="HTTP", HealthCheckTimeoutSeconds="10", HealthyThresholdCount="4", UnhealthyThresholdCount="3", Matcher=elb.Matcher(HttpCode="200"), Name="ApiTarget",
"RUST_BACKTRACE": "1", "RUST_LOG": "debug" }), Handler="not_used", Role=GetAtt(LambdaExecutionRole, "Arn"), Runtime="provided", )) ec2_client = boto3.client('ec2') subnets = ec2_client.describe_subnets()["Subnets"] targetGroup = t.add_resource( elb.TargetGroup( "TargetGroup", TargetType="lambda", Targets=[elb.TargetDescription(Id=GetAtt(app_function, 'Arn'))], DependsOn="InvokePermission")) t.add_resource( Permission( "InvokePermission", Action="lambda:InvokeFunction", FunctionName=GetAtt(app_function, 'Arn'), Principal="elasticloadbalancing.amazonaws.com", #SourceArn=Ref(targetGroup) # This would create a creation loop #SourceAccount=Ref('AWS::AccountId') )) # Add the application ELB ApplicationElasticLB = t.add_resource( elb.LoadBalancer("ApplicationElasticLB",
If( 'EnableAccessLogsCondition', elbv2.LoadBalancerAttributes(Key='access_logs.s3.prefix', Value=Ref(param_log_perfix)), Ref(AWS_NO_VALUE)), ])) targetgroup = t.add_resource( elbv2.TargetGroup('TargetGroup', DependsOn='LoadBalancer', VpcId=Ref(param_vpcid), Protocol='HTTP', Port='80', Targets=[ elbv2.TargetDescription( Id=Ref(param_instance_id), Port='80', ) ], HealthCheckIntervalSeconds='15', HealthCheckPath='/', HealthCheckPort='80', HealthCheckProtocol='HTTP', HealthCheckTimeoutSeconds='5', HealthyThresholdCount='3', UnhealthyThresholdCount='5', Matcher=elbv2.Matcher(HttpCode='200'), TargetGroupAttributes=[ elbv2.TargetGroupAttribute( Key='deregistration_delay.timeout_seconds', Value='20') ]))
} }) })) instance.Tags = [{"Key": "Name", "Value": "StorReduce-QS-Base-Host"}] instance.CreationPolicy = CreationPolicy(ResourceSignal=ResourceSignal( Timeout='PT15M')) return instance base_instance = generate_new_instance(counter) t.add_resource(base_instance) instances.append(base_instance) srr_targets_80.append(elb.TargetDescription(Id=Ref(base_instance), Port=80)) srr_targets_443.append(elb.TargetDescription(Id=Ref(base_instance), Port=443)) srr_targets_8080.append(elb.TargetDescription(Id=Ref(base_instance), Port=8080)) counter += 1 num_mandatory_instances = MIN_INSTANCES - 1 # Create monitor VM # -> sudo storreduce-monitor --initial_cluster_discovery_token="eyJDbHVzdGVySWQiOiJCREFBQzM1NC1GQ0MzLTQzNTgtQjY2MC02RjYwRUQwNDc4OEYiLCJFdGNkQ2xpZW50VXJsIjoiaHR0cDovLzEwLjAuMTQuMTc0OjIzNzkiLCJFdGNkQ2xpZW50UGFzc3dvcmQiOiIiLCJFdGNkQ2xpZW50VXNlcm5hbWUiOiIiLCJFeHRlcm5hbEV0Y2RTZXJ2ZXIiOmZhbHNlfQ==" monitor_instance = t.add_resource( ec2.Instance( "MonitorInstance", # Fix connect-srr.sh and init-srr.sh DependsOn=[base_instance.title, StorReduceHostProfile.title],