to do weekend 25 aug 17 - nil41/25aug17 GitHub Wiki
################## create vpc, subnet, rt, ig ################## { "AWSTemplateFormatVersion": "2010-09-09", "Description": "test-5",
"Parameters": { "AvailabilityZone": { "Type": "String", "Default": "us-east-1a" } },
"Resources": { "VPC": { "Type": "AWS::EC2::VPC", "Properties": { "CidrBlock": "10.0.0.0/16", "EnableDnsSupport": true, "EnableDnsHostnames": true } },
"InternetGateway": {
"Type": "AWS::EC2::InternetGateway",
"Properties": {}
},
"VPCGatewayAttachment": {
"Type": "AWS::EC2::VPCGatewayAttachment",
"Properties": {
"InternetGatewayId": {
"Ref": "InternetGateway"
},
"VpcId": {
"Ref": "VPC"
}
}
},
"PublicSubnet": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"AvailabilityZone": {
"Ref": "AvailabilityZone"
},
"CidrBlock": "10.0.0.0/24",
"VpcId": {
"Ref": "VPC"
},
"Tags": [
{
"Key": "Name",
"Value": "Public"
}
]
}
},
"PublicRouteTable": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
"VpcId": {
"Ref": "VPC"
},
"Tags": [
{
"Key": "Name",
"Value": "Public"
}
]
}
},
"OutboundConnectionRoute": {
"Type": "AWS::EC2::Route",
"Properties": {
"DestinationCidrBlock": "0.0.0.0/0",
"GatewayId": {
"Ref": "InternetGateway"
},
"RouteTableId": {
"Ref": "PublicRouteTable"
}
}
},
"PublicSubnetRouteTableAssociation": {
"Type": "AWS::EC2::SubnetRouteTableAssociation",
"Properties": {
"RouteTableId": {
"Ref": "PublicRouteTable"
},
"SubnetId": {
"Ref": "PublicSubnet"
}
}
},
"WebServerSG": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"VpcId": {
"Ref": "VPC"
},
"GroupDescription": "Allows inbound http traffic",
"SecurityGroupIngress": [
{
"CidrIp": "0.0.0.0/0",
"FromPort": 80,
"IpProtocol": "tcp",
"ToPort": 80
}
],
"Tags": [
{
"Key": "Name",
"Value": "http"
}
]
}
},
-----------------
"NetworkAcl" : {
"Type" : "AWS::EC2::NetworkAcl",
"Properties" : {
"VpcId" : {"Ref" : "VPC"},
"Tags" : [ {"Key" : "Application", "Value" : { "Ref" : "AWS::StackId"} } ]
}
},
"InboundHTTPNetworkAclEntry" : {
"Type" : "AWS::EC2::NetworkAclEntry",
"Properties" : {
"NetworkAclId" : {"Ref" : "NetworkAcl"},
"RuleNumber" : "100",
"Protocol" : "6",
"RuleAction" : "allow",
"Egress" : "false",
"CidrBlock" : "0.0.0.0/0",
"PortRange" : {"From" : "80", "To" : "80"}
}
},
"InboundSSHNetworkAclEntry" : {
"Type" : "AWS::EC2::NetworkAclEntry",
"Properties" : {
"NetworkAclId" : {"Ref" : "NetworkAcl"},
"RuleNumber" : "101",
"Protocol" : "6",
"RuleAction" : "allow",
"Egress" : "false",
"CidrBlock" : "0.0.0.0/0",
"PortRange" : {"From" : "22", "To" : "22"}
}
},
"InboundResponsePortsNetworkAclEntry" : {
"Type" : "AWS::EC2::NetworkAclEntry",
"Properties" : {
"NetworkAclId" : {"Ref" : "NetworkAcl"},
"RuleNumber" : "102",
"Protocol" : "6",
"RuleAction" : "allow",
"Egress" : "false",
"CidrBlock" : "0.0.0.0/0",
"PortRange" : {"From" : "1024", "To" : "65535"}
}
},
"OutBoundHTTPNetworkAclEntry" : {
"Type" : "AWS::EC2::NetworkAclEntry",
"Properties" : {
"NetworkAclId" : {"Ref" : "NetworkAcl"},
"RuleNumber" : "100",
"Protocol" : "6",
"RuleAction" : "allow",
"Egress" : "true",
"CidrBlock" : "0.0.0.0/0",
"PortRange" : {"From" : "80", "To" : "80"}
}
},
"OutBoundHTTPSNetworkAclEntry" : {
"Type" : "AWS::EC2::NetworkAclEntry",
"Properties" : {
"NetworkAclId" : {"Ref" : "NetworkAcl"},
"RuleNumber" : "101",
"Protocol" : "6",
"RuleAction" : "allow",
"Egress" : "true",
"CidrBlock" : "0.0.0.0/0",
"PortRange" : {"From" : "443", "To" : "443"}
}
},
"OutBoundResponsePortsNetworkAclEntry" : {
"Type" : "AWS::EC2::NetworkAclEntry",
"Properties" : {
"NetworkAclId" : {"Ref" : "NetworkAcl"},
"RuleNumber" : "102",
"Protocol" : "6",
"RuleAction" : "allow",
"Egress" : "true",
"CidrBlock" : "0.0.0.0/0",
"PortRange" : {"From" : "1024", "To" : "65535"}
}
},
"SubnetNetworkAclAssociation" : {
"Type" : "AWS::EC2::SubnetNetworkAclAssociation",
"Properties" : {
"SubnetId" : { "Ref" : "Subnet" },
"NetworkAclId" : { "Ref" : "NetworkAcl" }
}
},
-------------------
"LoadBalancer": {
"Type": "AWS::ElasticLoadBalancing::LoadBalancer",
"Properties": {
"LoadBalancerName": "LoadBalancer",
"Listeners": [
{
"InstancePort": 80,
"InstanceProtocol": "HTTP",
"LoadBalancerPort": 80,
"Protocol": "HTTP"
}
],
"Scheme": "internet-facing",
"SecurityGroups": [
{
"Ref": "WebServerSG"
}
],
"Subnets": [
{
"Ref": "PublicSubnet"
}
]
}
},
"AppLaunchConfiguration": {
"Type": "AWS::AutoScaling::LaunchConfiguration",
"Properties": {
"AssociatePublicIpAddress": true,
"ImageId": "ami-e96134ff",
"InstanceType": "t2.micro",
"SecurityGroups": []
},
"DependsOn": "VPCGatewayAttachment"
},
"AppASG": {
"Type": "AWS::AutoScaling::AutoScalingGroup",
"Properties": {
"AvailabilityZones": [
{
"Ref": "AvailabilityZone"
}
],
"DesiredCapacity": 1,
"LaunchConfigurationName": {
"Ref": "AppLaunchConfiguration"
},
"LoadBalancerNames": [
{
"Ref": "LoadBalancer"
}
],
"MaxSize": 2,
"MinSize": 1,
"VPCZoneIdentifier": [
{
"Ref": "PublicSubnet"
}
]
},
"UpdatePolicy": {
"AutoScalingRollingUpdate": {
"MinInstancesInService": 1
}
}
}
} }
######################################### magento #######################
{ "AWSTemplateFormatVersion" : "2010-09-09",
"Description" : "testing",
"Parameters" : { "VpcId" : { "Type" : "AWS::EC2::VPC::Id", "Description" : "VPC", "ConstraintDescription" : "Enter VPC Id of an existing Virtual Private Cloud." },
"Subnets" : {
"Type" : "List<AWS::EC2::Subnet::Id>",
"Description" : "Select SubnetIds in your VPC",
"ConstraintDescription" : "must be a list of at least two existing subnets associated with at least two different availability zones. They should be residing in the selected Virtual Private Cloud."
},
"InstanceType" : {
"Description" : "EC2 instance type",
"Type" : "String",
"Default" : "t2.micro",
"AllowedValues" : [ "t1.micro", "t2.nano", "t2.micro", "t2.small", "t2.medium", "t2.large", "m1.small", "m1.medium", "m1.large", "m1.xlarge", "m2.xlarge", "m2.2xlarge", "m2.4xlarge", "m3.medium", "m3.large", "m3.xlarge", "m3.2xlarge", "m4.large", "m4.xlarge", "m4.2xlarge", "m4.4xlarge", "m4.10xlarge", "c1.medium", "c1.xlarge", "c3.large", "c3.xlarge", "c3.2xlarge", "c3.4xlarge", "c3.8xlarge", "c4.large", "c4.xlarge", "c4.2xlarge", "c4.4xlarge", "c4.8xlarge", "g2.2xlarge", "g2.8xlarge", "r3.large", "r3.xlarge", "r3.2xlarge", "r3.4xlarge", "r3.8xlarge", "i2.xlarge", "i2.2xlarge", "i2.4xlarge", "i2.8xlarge", "d2.xlarge", "d2.2xlarge", "d2.4xlarge", "d2.8xlarge", "hi1.4xlarge", "hs1.8xlarge", "cr1.8xlarge", "cc2.8xlarge", "cg1.4xlarge"]
, "ConstraintDescription" : "must be a valid EC2 instance type." },
"KeyName" : {
"Description" : "Name of an existing EC2 KeyPair to enable SSH access to the instances",
"Type" : "AWS::EC2::KeyPair::KeyName",
"ConstraintDescription" : "must be the name of an existing EC2 KeyPair."
},
"SSHLocation" : {
"Description" : "The IP address range that can be used to SSH to the EC2 instances",
"Type": "String",
"MinLength": "9",
"MaxLength": "18",
"Default": "0.0.0.0/0",
"AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})",
"ConstraintDescription": "must be a valid IP CIDR range of the form x.x.x.x/x."
}
},
"Mappings" : {
"AWSRegionArch2AMI" : {
"us-east-1" : { "AMI" : "ami-e96134ff" }
}
},
"Resources" : {
"WebServerGroup" : {
"Type" : "AWS::AutoScaling::AutoScalingGroup",
"Properties" : {
"VPCZoneIdentifier" : { "Ref" : "Subnets" },
"LaunchConfigurationName" : { "Ref" : "LaunchConfig" },
"MinSize" : "2",
"MaxSize" : "2",
"TargetGroupARNs" : [ { "Ref" : "ALBTargetGroup" } ]
},
"UpdatePolicy": {
"AutoScalingRollingUpdate": {
"MinInstancesInService": "1",
"MaxBatchSize": "1"
}
}
},
"LaunchConfig" : {
"Type" : "AWS::AutoScaling::LaunchConfiguration",
"Properties" : {
"ImageId" : { "Fn::FindInMap" : [ "AWSRegionArch2AMI", { "Ref" : "AWS::Region" }, "AMI" ]},
"SecurityGroups" : [ { "Ref" : "InstanceSecurityGroup" } ],
"InstanceType" : { "Ref" : "InstanceType" },
"KeyName" : { "Ref" : "KeyName" }
}
},
"ApplicationLoadBalancer" : {
"Type" : "AWS::ElasticLoadBalancingV2::LoadBalancer",
"Properties" : {
"Subnets" : { "Ref" : "Subnets"},
"SecurityGroups": [{"Ref": "InstanceSecurityGroup"}]
}
},
"ALBListener" : {
"Type" : "AWS::ElasticLoadBalancingV2::Listener",
"Properties" : {
"DefaultActions" : [{
"Type" : "forward",
"TargetGroupArn" : { "Ref" : "ALBTargetGroup" }
}],
"LoadBalancerArn" : { "Ref" : "ApplicationLoadBalancer" },
"Port" : "80",
"Protocol" : "HTTP"
}
},
"ALBTargetGroup" : {
"Type" : "AWS::ElasticLoadBalancingV2::TargetGroup",
"Properties" : {
"HealthCheckIntervalSeconds" : 30,
"HealthCheckTimeoutSeconds" : 5,
"HealthyThresholdCount" : 3,
"Port" : 80,
"Protocol" : "HTTP",
"UnhealthyThresholdCount" : 5,
"VpcId" : {"Ref" : "VpcId"}
}
},
"InstanceSecurityGroup" : {
"Type" : "AWS::EC2::SecurityGroup",
"Properties" : {
"GroupDescription" : "Enable SSH access and HTTP access on the inbound port",
"SecurityGroupIngress" : [ {
"IpProtocol" : "tcp",
"FromPort" : "80",
"ToPort" : "80",
"CidrIp" :"0.0.0.0/0"
},{
"IpProtocol" : "tcp",
"FromPort" : "22",
"ToPort" : "22",
"CidrIp" :"0.0.0.0/0"
} ],
"VpcId" : { "Ref" : "VpcId" }
}
}
},
"Outputs" : { "URL" : { "Description" : "URL of the website", "Value" : { "Fn::Join" : [ "", [ "http://", { "Fn::GetAtt" : [ "ApplicationLoadBalancer", "DNSName" ]}]]} } } }
################################ magento github jenkins ################
{ "AWSTemplateFormatVersion" : "2010-09-09",
"Description" : "testing",
"Parameters" : { "VpcId" : { "Type" : "AWS::EC2::VPC::Id", "Description" : "VPC", "ConstraintDescription" : "Enter VPC Id of an existing Virtual Private Cloud." },
"Subnets" : {
"Type" : "List<AWS::EC2::Subnet::Id>",
"Description" : "Select SubnetIds in your VPC",
"ConstraintDescription" : "must be a list of at least two existing subnets associated with at least two different availability zones. They should be residing in the selected Virtual Private Cloud."
},
"InstanceType" : {
"Description" : "EC2 instance type",
"Type" : "String",
"Default" : "t2.micro",
"AllowedValues" : [ "t1.micro", "t2.nano", "t2.micro", "t2.small", "t2.medium", "t2.large", "m1.small", "m1.medium", "m1.large", "m1.xlarge", "m2.xlarge", "m2.2xlarge", "m2.4xlarge", "m3.medium", "m3.large", "m3.xlarge", "m3.2xlarge", "m4.large", "m4.xlarge", "m4.2xlarge", "m4.4xlarge", "m4.10xlarge", "c1.medium", "c1.xlarge", "c3.large", "c3.xlarge", "c3.2xlarge", "c3.4xlarge", "c3.8xlarge", "c4.large", "c4.xlarge", "c4.2xlarge", "c4.4xlarge", "c4.8xlarge", "g2.2xlarge", "g2.8xlarge", "r3.large", "r3.xlarge", "r3.2xlarge", "r3.4xlarge", "r3.8xlarge", "i2.xlarge", "i2.2xlarge", "i2.4xlarge", "i2.8xlarge", "d2.xlarge", "d2.2xlarge", "d2.4xlarge", "d2.8xlarge", "hi1.4xlarge", "hs1.8xlarge", "cr1.8xlarge", "cc2.8xlarge", "cg1.4xlarge"]
, "ConstraintDescription" : "must be a valid EC2 instance type." },
"KeyName" : {
"Description" : "Name of an existing EC2 KeyPair to enable SSH access to the instances",
"Type" : "AWS::EC2::KeyPair::KeyName",
"ConstraintDescription" : "must be the name of an existing EC2 KeyPair."
},
"SSHLocation" : {
"Description" : "The IP address range that can be used to SSH to the EC2 instances",
"Type": "String",
"MinLength": "9",
"MaxLength": "18",
"Default": "0.0.0.0/0",
"AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})",
"ConstraintDescription": "must be a valid IP CIDR range of the form x.x.x.x/x."
}
},
"Mappings" : {
"AWSRegionArch2AMI" : {
"us-east-1" : { "AMI" : "ami-e96134ff" }
}
},
"Resources" : {
"WebServerGroup" : {
"Type" : "AWS::AutoScaling::AutoScalingGroup",
"Properties" : {
"VPCZoneIdentifier" : { "Ref" : "Subnets" },
"LaunchConfigurationName" : { "Ref" : "LaunchConfig" },
"MinSize" : "2",
"MaxSize" : "2",
"TargetGroupARNs" : [ { "Ref" : "ALBTargetGroup" } ]
},
"UpdatePolicy": {
"AutoScalingRollingUpdate": {
"MinInstancesInService": "1",
"MaxBatchSize": "1"
}
}
},
"LaunchConfig" : {
"Type" : "AWS::AutoScaling::LaunchConfiguration",
"Properties" : {
"ImageId" : { "Fn::FindInMap" : [ "AWSRegionArch2AMI", { "Ref" : "AWS::Region" }, "AMI" ]},
"SecurityGroups" : [ { "Ref" : "InstanceSecurityGroup" } ],
"InstanceType" : { "Ref" : "InstanceType" },
"KeyName" : { "Ref" : "KeyName" }
}
},
"ApplicationLoadBalancer" : {
"Type" : "AWS::ElasticLoadBalancingV2::LoadBalancer",
"Properties" : {
"Subnets" : { "Ref" : "Subnets"},
"SecurityGroups": [{"Ref": "InstanceSecurityGroup"}]
}
},
"ALBListener" : {
"Type" : "AWS::ElasticLoadBalancingV2::Listener",
"Properties" : {
"DefaultActions" : [{
"Type" : "forward",
"TargetGroupArn" : { "Ref" : "ALBTargetGroup" }
}],
"LoadBalancerArn" : { "Ref" : "ApplicationLoadBalancer" },
"Port" : "80",
"Protocol" : "HTTP"
}
},
"ALBTargetGroup" : {
"Type" : "AWS::ElasticLoadBalancingV2::TargetGroup",
"Properties" : {
"HealthCheckIntervalSeconds" : 30,
"HealthCheckTimeoutSeconds" : 5,
"HealthyThresholdCount" : 3,
"Port" : 80,
"Protocol" : "HTTP",
"UnhealthyThresholdCount" : 5,
"VpcId" : {"Ref" : "VpcId"}
}
},
"InstanceSecurityGroup" : {
"Type" : "AWS::EC2::SecurityGroup",
"Properties" : {
"GroupDescription" : "Enable SSH access and HTTP access on the inbound port",
"SecurityGroupIngress" : [ {
"IpProtocol" : "tcp",
"FromPort" : "80",
"ToPort" : "80",
"CidrIp" :"0.0.0.0/0"
},{
"IpProtocol" : "tcp",
"FromPort" : "22",
"ToPort" : "22",
"CidrIp" :"0.0.0.0/0"
} ],
"VpcId" : { "Ref" : "VpcId" }
}
}
},
"Outputs" : { "URL" : { "Description" : "URL of the website", "Value" : { "Fn::Join" : [ "", [ "http://", { "Fn::GetAtt" : [ "ApplicationLoadBalancer", "DNSName" ]}]]} } } }
####################################### RDS ##############################
{ "AWSTemplateFormatVersion" : "2010-09-09",
"Description" : "VPC_RDS_DB_Instance",
"Parameters" : { // To take inputes
"VpcId" : { // select VPC for RDS instance
"Type" : "AWS::EC2::VPC::Id",
"Description" : "VPC",
"ConstraintDescription" : "Enter VPC Id of an existing Virtual Private Cloud."
},
"Subnets" : { // select 2 subnets for RDS instance required in AWS::RDS::DBSubnetGroup "Type" : "ListAWS::EC2::Subnet::Id", "Description" : "Select SubnetIds in your VPC", "ConstraintDescription" : "must be a list of at least two existing subnets associated with at least two different availability zones. They should be residing in the selected Virtual Private Cloud." },
"DBName": { // select database name, default is MyDatabase
"Default": "MyDatabase",
"Description" : "The database name",
"Type": "String",
"MinLength": "1",
"MaxLength": "64",
"AllowedPattern" : "[a-zA-Z][a-zA-Z0-9]*", // valid pattern
"ConstraintDescription" : "must begin with a letter and contain only alphanumeric characters."
},
"DBUsername": { // select db username
"Default": "admin",
"NoEcho": "true", // it shows dbusername in ***** format
"Description" : "The database admin account username",
"Type": "String",
"MinLength": "1",
"MaxLength": "16",
"AllowedPattern" : "[a-zA-Z][a-zA-Z0-9]*",
"ConstraintDescription" : "must begin with a letter and contain only alphanumeric characters."
},
"DBPassword": { // set db password
"Default": "password",
"NoEcho": "true",
"Description" : "The database admin account password",
"Type": "String",
"MinLength": "8",
"MaxLength": "41",
"AllowedPattern" : "[a-zA-Z0-9]*",
"ConstraintDescription" : "must contain only alphanumeric characters."
},
"DBClass" : { // RDS instance type
"Default" : "db.t2.micro", // default RDS instance type
"Description" : "Database instance class",
"Type" : "String",
"AllowedValues" : [ "db.m1.small", "db.t2.micro", "db.m1.large", "db.m1.xlarge", "db.m2.xlarge", "db.m2.2xlarge", "db.m2.4xlarge" ],
"ConstraintDescription" : "must select a valid database instance type."
},
"DBAllocatedStorage" : { // RDS instance storage size
"Default": "5",
"Description" : "The size of the database (Gb)",
"Type": "Number",
"MinValue": "5",
"MaxValue": "1024",
"ConstraintDescription" : "must be between 5 and 1024Gb."
},
"mysec" : { // select existing security group for RDS instance
"Description" : "security group IDs",
"Type" : "List<AWS::EC2::SecurityGroup::Id>"
},
"MultiAZ": { // multiple availability zone setting for RDS instance "Default": "true", // default is Yes "Description" : "Create a multi-AZ RDS database instance", "Type": "String", "AllowedValues" : [ "true", "false" ], "ConstraintDescription" : "must be either true or false." } }, // end of input parameters
"Resources" : { // aws resources
"MyDBSubnetGroup" : { // subnet group for RDS, must contains at least 2 subnets in 2 different AZ in same region
"Type" : "AWS::RDS::DBSubnetGroup",
"Properties" : {
"DBSubnetGroupDescription" : "Subnets available for the RDS DB Instance",
"SubnetIds" : { "Ref" : "Subnets" } // it refers to Input parameter "Subnets"
}
},
"myVPCSecurityGroup" : { // security group for RDS instance
"Type" : "AWS::EC2::SecurityGroup",
"Properties" :
{
"GroupDescription" : "Security group for RDS DB Instance.",
"VpcId" : { "Ref" : "VpcId" },
"SecurityGroupIngress" : [{ // inbound rule
"IpProtocol" : "tcp",
"FromPort" : "0",
"ToPort" : "65535",
"CidrIp" : "0.0.0.0/0" // 0-65535 ports are open from any location (0.0.0.0/0)
}]
}
},
"MyDB" : { // RDS instance
"Type" : "AWS::RDS::DBInstance",
"Properties" : {
"DBName" : { "Ref" : "DBName" }, // database name
"AllocatedStorage" : { "Ref" : "DBAllocatedStorage" }, // storage
"DBInstanceClass" : { "Ref" : "DBClass" }, // type
"Engine" : "MySQL", // mysql engine
"EngineVersion" : "5.7", // mysql version
"MasterUsername" : { "Ref" : "DBUsername" } , // db username
"MasterUserPassword" : { "Ref" : "DBPassword" }, // db password
"DBSubnetGroupName" : { "Ref" : "MyDBSubnetGroup" }, // subnet
"MultiAZ" : { "Ref" : "MultiAZ" }, // multi-AZ
"VPCSecurityGroups" : [ { "Ref" : "myVPCSecurityGroup" } ] // security group for RDS instance
}
}
}, // end of Resources
"Outputs" : { // to get output parameter "RDSEndpoint": { // it will show RDS endpoint into output tab "Description" : "RDS database endpoint", "Value" : { "Fn::Join": [ "", [ "", // intrinsic function Fn::Join appends a set of values into a single value, separated by the specified delimiter { "Fn::GetAtt": [ "MyDB", "Endpoint.Address" ] }, // Fn::GetAtt intrinsic function returns the value of an attribute from a resource in the template ":", { "Fn::GetAtt": [ "MyDB", "Endpoint.Port" ] }
]]}
}
} // end of output parameter }
####################################### what to do ########################
-create nw stack -create RDS stack -create magento stack -try to run it
-create diagram -imp points to tell (study template) and show how to get parameters and what is optional (4hr)
also keep github with jenkins example ready (2hr)
-read GCP notebook 3 times
-study appEngine (2hr)
-study python basics (4hr) =========================================================================================== no more study
m- t- w- drop mail about planned leave t- f- s- s- m- t- w- t- f-
######################################################################