mirror of
https://github.com/yeslayla/aws-cluster-stack.git
synced 2025-01-13 12:33:31 +01:00
148 lines
4.2 KiB
YAML
148 lines
4.2 KiB
YAML
AWSTemplateFormatVersion: '2010-09-09'
|
|
Description: General use ECS Cluster
|
|
Parameters:
|
|
VpcId:
|
|
Type: AWS::EC2::VPC::Id
|
|
Description: The id of the VPC the cluster will be in
|
|
ConstraintDescription: VPC Id must begin with 'vpc-'
|
|
SubnetIds:
|
|
Type: List<AWS::EC2::Subnet::Id>
|
|
Description: Comma seperated list of subnets for ECS instances to run in
|
|
Project:
|
|
Type: String
|
|
Description: Project used in naming in tagging to associate with cluster
|
|
Environment:
|
|
Type: String
|
|
Description: Environment used in naming and tagging to associate with cluster
|
|
LatestAmiId :
|
|
Type : 'AWS::SSM::Parameter::Value<AWS::EC2::Image::Id>'
|
|
Default: '/aws/service/ecs/optimized-ami/amazon-linux-2/recommended/image_id'
|
|
InstanceType:
|
|
Type: String
|
|
Default: "t3.micro"
|
|
AsgMinSize:
|
|
Type: Number
|
|
Default: 0
|
|
AsgMaxSize:
|
|
Type: Number
|
|
Default: 1
|
|
AsgDesiredCapacity:
|
|
Type: Number
|
|
Default: 1
|
|
Resources:
|
|
EcsCluster:
|
|
Type: AWS::ECS::Cluster
|
|
Properties:
|
|
ClusterName: !Sub "${Project}-${Environment}"
|
|
|
|
EcsInstanceRole:
|
|
Type: AWS::IAM::Role
|
|
Properties:
|
|
AssumeRolePolicyDocument:
|
|
Version: '2012-10-17'
|
|
Statement:
|
|
- Action:
|
|
- sts:AssumeRole
|
|
Principal:
|
|
Service:
|
|
- ec2.amazonaws.com
|
|
Effect: Allow
|
|
Sid: ''
|
|
Description: IAM role for instances in ECS cluster
|
|
ManagedPolicyArns:
|
|
- "arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role"
|
|
RoleName: !Sub "${Project}-ecs-role-${Environment}"
|
|
Tags:
|
|
- Key: Environment
|
|
Value: !Ref Environment
|
|
- Key: Project
|
|
Value: !Ref Project
|
|
Path: /
|
|
|
|
EcsRoleInstaceProfile:
|
|
Type: AWS::IAM::InstanceProfile
|
|
Properties:
|
|
InstanceProfileName: !Sub "${Project}-ecs-instance-profile-${Environment}"
|
|
Path: /
|
|
Roles:
|
|
- !Ref EcsInstanceRole
|
|
|
|
EcsSecurityGroup:
|
|
Type: AWS::EC2::SecurityGroup
|
|
Properties:
|
|
GroupDescription: ECS Allowed Ports
|
|
VpcId: !Ref VpcId
|
|
SecurityGroupIngress:
|
|
- IpProtocol: icmp
|
|
FromPort: '-1'
|
|
ToPort: '-1'
|
|
CidrIp: 0.0.0.0/0
|
|
- IpProtocol: tcp
|
|
FromPort: '0'
|
|
ToPort: '65535'
|
|
CidrIp: 0.0.0.0/0
|
|
- IpProtocol: udp
|
|
FromPort: '0'
|
|
ToPort: '65535'
|
|
CidrIp: 0.0.0.0/0
|
|
SecurityGroupEgress:
|
|
- IpProtocol: icmp
|
|
FromPort: '-1'
|
|
ToPort: '-1'
|
|
CidrIp: 0.0.0.0/0
|
|
- IpProtocol: tcp
|
|
FromPort: '0'
|
|
ToPort: '65535'
|
|
CidrIp: 0.0.0.0/0
|
|
- IpProtocol: udp
|
|
FromPort: '0'
|
|
ToPort: '65535'
|
|
CidrIp: 0.0.0.0/0
|
|
|
|
EcsInstanceLc:
|
|
Type: AWS::AutoScaling::LaunchConfiguration
|
|
Properties:
|
|
ImageId: !Ref LatestAmiId
|
|
InstanceType: !Ref InstanceType
|
|
AssociatePublicIpAddress: true
|
|
IamInstanceProfile: !Ref EcsRoleInstaceProfile
|
|
KeyName: !Ref AWS::NoValue
|
|
SecurityGroups:
|
|
- !Ref EcsSecurityGroup
|
|
BlockDeviceMappings:
|
|
- DeviceName: /dev/xvdcz
|
|
Ebs:
|
|
VolumeSize: 22
|
|
VolumeType: gp2
|
|
UserData: !Base64
|
|
Fn::Sub: |
|
|
#!/bin/bash
|
|
echo ECS_CLUSTER=${EcsCluster} >> /etc/ecs/ecs.config;
|
|
echo ECS_BACKEND_HOST= >> /etc/ecs/ecs.config;
|
|
EcsInstanceAsg:
|
|
Type: AWS::AutoScaling::AutoScalingGroup
|
|
DependsOn: EcsCluster
|
|
Properties:
|
|
VPCZoneIdentifier: !Ref SubnetIds
|
|
LaunchConfigurationName: !Ref EcsInstanceLc
|
|
MinSize: !Ref AsgMinSize
|
|
MaxSize: !Ref AsgMaxSize
|
|
DesiredCapacity: !Ref AsgDesiredCapacity
|
|
Tags:
|
|
- Key: Name
|
|
Value: !Sub "${Project}-ECS-ASG-${Environment}"
|
|
PropagateAtLaunch: 'true'
|
|
- Key: Environment
|
|
Value: !Sub Environment
|
|
PropagateAtLaunch: 'true'
|
|
- Key: Project
|
|
Value: !Sub Project
|
|
PropagateAtLaunch: 'true'
|
|
|
|
Outputs:
|
|
Cluster:
|
|
Description: Name of the EcsCluster
|
|
Value: !Ref EcsCluster
|
|
ClusterArn:
|
|
Description: Arn of the EcsCluster
|
|
Value: !GetAtt EcsCluster.Arn |