Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Defining VPC Based Web Apps in AWS CloudFormation

4,065 views

Published on

CloudFormation is a rich automation framework that can automate the deployment of services, databases and even complex network definitions. In this interactive session we’ll demonstrate how the service can be used for efficient Separation of Duties, Disaster Recovery and Change Management.

Published in: Technology
  • If u need a hand in making your writing assignments - visit HelpWriting.net for mire detailed information.
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Dating for everyone is here: ❶❶❶ http://bit.ly/36cXjBY ❶❶❶
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Dating direct: ❤❤❤ http://bit.ly/36cXjBY ❤❤❤
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

Defining VPC Based Web Apps in AWS CloudFormation

  1. 1. Tom Maddox –
  2. 2. Elastic Beanstalk OpsWorks CloudFormation EC2 Convenience Control Higher-level services Do it yourself
  3. 3. Continuous integration for your complete stack Version Control Jenkins Test Live Amazon S3 AWS CloudFormation App commit Infra commit Pull Deploy new template Deploy new app
  4. 4. Continuous integration for your complete stack Version Control Jenkins Test Live Amazon S3 AWS CloudFormation App commit Infra commit Pull Promote new template Promote new app
  5. 5. "Parameters" "Mappings" "Conditions" "Resources" "Outputs"
  6. 6. "Parameters" : { “InstanceType” : { “Description” : “The EC2 Instance Type to launch.”, “Type” : “String”, “AllowedValues” : [“t1.micro”, “m1.small”, “m1.medium”] } }, “InstanceType” : { “Ref” : “InstanceType” }
  7. 7. "Outputs" : { "InstancePublicDnsName" : { "Description" : "The public DNS name of the newly created EC2 instance", "Value" : { ”Fn::GetAtt" : [ "Ec2Instance”, “PublicDnsName” ] } } }
  8. 8. "Environment" : { "Description" : "Specifies if this a Dev QA or Prod Environment", "Type" : "String", "Default" : "Dev", "AllowedValues" : [ "Dev", "QA", "Prod"] }, "Conditions" : { "ProdEnvironment" : { "Fn::Equals" : [ { "Ref" : "Environment" }, "Prod" ]} }, "InstanceType" : { "Fn::If" : [ "ProdEnvironment", “m3.2xlarge”, “m3.medium” ] }
  9. 9. "Mappings" : { "RegionMap" : { "us-east-1" : { "32" : "ami-6411e20d", "64" : "ami-7a11e213" }, "us-west-1" : { "32" : "ami-c9c7978c", "64" : "ami-cfc7978a" }, "eu-west-1" : { "32" : "ami-37c2f643", "64" : "ami-31c2f645" }, "ap-southeast-1" : { "32" : "ami-66f28c34", "64" : "ami-60f28c32" }, "ap-northeast-1" : { "32" : "ami-9c03a89d", "64" : "ami-a003a8a1" } } }, "ImageId" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "32"]},
  10. 10. http://aws.amazon.com/cloudformation/aws-cloudformation-templates/ http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/CHAP_Te mplateQuickRef.html http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/template- reference.html
  11. 11. "Metadata" : { "AWS::CloudFormation::Init" : { "webapp-config": { "packages" : {}, "sources" : {}, "files" : {}, "groups" : {}, "users" : {}, "commands" : {}, "services" : {} } } },
  12. 12. "packages" : {}, "sources" : {}, "files" : {}, "groups" : {}, "users" : {}, "commands" : {}, "services" : {}
  13. 13. Managing your stacks
  14. 14. Frontend Services • E-Commerce Website Backend Services • Search, Payment Gateway, Reviews, Recommendations Shared Services • Common Monitoring tools, Queues Base Network • VPCs, Subnets, VPNs, NATs Identity • IAM Users, Groups, Roles
  15. 15. E-Commerce Website Recommendations Engine "Parameters" : { “RecommendationsEndPoint” : { “Description” : “URL of the recommendations ELB”, “Type” : “String” } }, "Outputs" : { "RecommendationsEndPoint" : { "Description" : "URL of the recommendations ELB", "Value" : { ”Fn::GetAtt" : [ "RecommendationsELB”, “PublicDnsName” ] } } }
  16. 16. ELB_AND_AS “Resources” : { “ELB”, “AutoScaling” } Website1 “Resources” : { “NestedStack”, “RDS” } Website2 “Resources” : { “NestedStack”, “DynamoDB” } Website1 “Resources” : { “ELB”, “AutoScaling”, “RDS” } Website2 “Resources” : { “ELB”, “AutoScaling”, “DynamoDB” }
  17. 17. Amazon Route 53
  18. 18. "UpdatePolicy" : { "AutoScalingRollingUpdate" : { "MaxBatchSize" : “2”, "MinInstancesInService" : ”2”, "PauseTime" : “PT20M” } }
  19. 19. "UpdatePolicy": { "AutoScalingRollingUpdate": { "PauseTime": "PT0S", "MaxBatchSize": “6", "MinInstancesInService": "0" } } "UpdatePolicy": { "AutoScalingRollingUpdate": { "PauseTime": "PT15S", "MaxBatchSize": "2", "MinInstancesInService": "2" } }
  20. 20. AWS::EC2::VPC::Id List<AWS::EC2::Subnet::Id> List<AWS::EC2::SecurityGroup::Id> AWS::EC2::KeyPair::KeyName
  21. 21. { "AWSTemplateFormatVersion" : "2010-09-09", "Resources" : { "myS3Bucket" : { "Type" : "AWS::S3::Bucket", "DeletionPolicy" : "Retain" "Properties" : { "BucketName" : “MyBucket” } } } } { "AWSTemplateFormatVersion" : "2010-09-09", "Resources" : { "myVolume" : { "Type":"AWS::EC2::Volume", "DeletionPolicy" : "Snapshot” "Properties" : { "AvailabilityZone" :”us-east-1a”, "Size” : “100” } } } } MyBucket myVolume Snapshot
  22. 22. “Do not update the databases” "Effect" : "Deny", "Principal" : "*", "Action" : "Update:*", "Resource" : "*", "Condition" : { "StringEquals" : { "ResourceType” : [ "AWS::RDS::DBInstance”, "AWS::Redshift::Cluster” ] } } “Okay to update, unless the update requires replacement” "Effect" : "Deny", "Principal": "*", "Action" : "Update:Replace", "Resource" : "LogicalResourceId/MyInstance"
  23. 23. { "Version": "2012-10-17", "Statement": [ { "Effect": ”Deny", "Action": “*", "Resource": "*" }, { "Effect" : ”Allow", "Action" : [ "Action": "ec2:Describe*” ], "Condition": { "Null": { "ec2:ResourceTag/*cloudformation*" : "true" } }, "Resource" : "*" } ] }
  24. 24. http://tinyurl.com/pgs3mjo http://tinyurl.com/pd86795

×