AWS CDK introduction
•
3 likes•2,144 views
This document provides an overview of a presentation about quick stack building using AWS CDK and infrastructure as code. The presentation introduces AWS CDK and infrastructure as code, discusses CloudFormation and CDK, and provides tips. Slides from the presentation will be made available online later.
Recommended
More Related Content
What's hot
What's hot (20)
Similar to AWS CDK introduction
Similar to AWS CDK introduction (20)
More from leo lapworth
Recently uploaded
Recently uploaded (20)
AWS CDK introduction
- 1. Quick stack building, an introduction to AWS CDK and infrastructure as code. Slides will be online later Leo Lapworth (@leolapworth)
- 3. Me: Leo Lapworth @leolapworth • 20+ years developer / sysadmin / team lead
- 4. Me: Leo Lapworth @leolapworth • 20+ years developer / sysadmin / team lead • Talk: @YAPC::EU 2007 - Evolving Architecture
- 5. Me: Leo Lapworth @leolapworth • 20+ years developer / sysadmin / team lead • Talk: @YAPC::EU 2007 - Evolving Architecture • Talk @ YAPC::EU 2008 - Evolving Architecture - further
- 6. Me: Leo Lapworth @leolapworth • 20+ years developer / sysadmin / team lead • Talk: @YAPC::EU 2007 - Evolving Architecture • Talk @ YAPC::EU 2008 - Evolving Architecture - further • Everything has changed… even more!
- 7. Exceptions
- 9. Exceptions • Cache invalidation • Naming
- 10. Topics
- 11. Topics • Infrastructure as Code
- 12. Topics • Infrastructure as Code • CloudFormation
- 13. Topics • Infrastructure as Code • CloudFormation • CDK
- 14. Topics • Infrastructure as Code • CloudFormation • CDK • Tips along the way
- 15. Context…
- 16. A history of… before… `Infrastructure as Code` ( abridged )
- 18. Version control (history) > cp important_file.txt important_file.txt.bak
- 19. Version control (history) > cp important_file.txt important_file.txt.bak > cp important_file.txt important_file.txt.bak2
- 20. Version control (history) > cp important_file.txt important_file.txt.bak > cp important_file.txt important_file.txt.bak2 > cvs
- 21. Version control (history) > cp important_file.txt important_file.txt.bak > cp important_file.txt important_file.txt.bak2 > cvs > svn ➜ subversion
- 22. Version control (history) > cp important_file.txt important_file.txt.bak > cp important_file.txt important_file.txt.bak2 > cvs > svn ➜ subversion > mercurial
- 24. Version control (now) > git “Git proved I could be more than a one- hit wonder” - Linus Oct 2019
- 25. Provisioning
- 27. Provisioning > Client “Hello” > Hosting “Hello, how can we help?”
- 28. Provisioning > Client “Hello” > Hosting “Hello, how can we help?” > Client “Can I have a new server please?”
- 29. Provisioning > Client “Hello” > Hosting “Hello, how can we help?” > Client “Can I have a new server please?” > Hosting “Sure.. what are the specs and which Christmas do you need it by?”
- 30. Configuration
- 31. Configuration > scp config/* root@new99.example.com:/
- 32. Configuration > scp config/* root@new99.example.com:/ > NEW_HOST=new99.example.com sh setup_script.sh
- 33. Configuration > scp config/* root@new99.example.com:/ > NEW_HOST=new99.example.com sh setup_script.sh > ssh root@new99.example.com; apt-get install puppet; puppet run —master: puppet.example.com; make tea; puppet run
- 34. Configuration > scp config/* root@new99.example.com:/ > NEW_HOST=new99.example.com sh setup_script.sh > ssh root@new99.example.com; apt-get install puppet; puppet run —master: puppet.example.com; make tea; puppet run > ansible new99.example.com <playbook>
- 38. Configuration? provisioning? > docker > docker-compose > docker-swarm
- 39. Configuration? provisioning? > docker > docker-compose > docker-swarm > Kubernetties something or other
- 51. Provisioning AWS
- 52. Provisioning AWS > aws sqs create-queue
- 53. Provisioning AWS > aws sqs create-queue > aws ec2 run-instances --image-id ami-xxxxxxxx --count 1 --instance-type t2.micro --key-name MyKeyPair --security- group-ids sg-903004f8 --subnet-id subnet-6e7f829e
- 54. Provisioning AWS > aws sqs create-queue > aws ec2 run-instances --image-id ami-xxxxxxxx --count 1 --instance-type t2.micro --key-name MyKeyPair --security- group-ids sg-903004f8 --subnet-id subnet-6e7f829e > aws s3api create-bucket —bucket demo-for-scl-2019
- 56. What about
- 57. What about
- 62. What about Version control? Reproducibility? Speed of provisioning?
- 63. That’s what Infrastructure as code gives you!
- 64. Some approaches to IaC
- 65. Some approaches to IaC • Serverless framework https://serverless.com/
- 66. Some approaches to IaC • Serverless framework https://serverless.com/ • Arc https://arc.codes
- 67. Some approaches to IaC • Serverless framework https://serverless.com/ • Arc https://arc.codes • Terraform https://www.terraform.io/
- 68. Some approaches to IaC • Serverless framework https://serverless.com/ • Arc https://arc.codes • Terraform https://www.terraform.io/ • AWS SAM (Serverless Application Model)
- 69. Some approaches to IaC • Serverless framework https://serverless.com/ • Arc https://arc.codes • Terraform https://www.terraform.io/ • AWS SAM (Serverless Application Model) • AWS Native cloudformation
- 70. How do they work? (for AWS)
- 71. How do they work? (for AWS) • Interface with AWS service APIs
- 72. How do they work? (for AWS) • Interface with AWS service APIs • AWS CloudFormation
- 73. What are we trying to define?
- 74. What are we trying to define? Resources
- 75. What are we trying to define? ParametersResources
- 76. What are we trying to define? Permissions ParametersResources
- 77. What are we trying to define? Permissions Triggers ParametersResources
- 78. What are we trying to define? Permissions Dependencies Triggers ParametersResources
- 79. What are we trying to define? Permissions Dependencies Triggers Outputs ParametersResources
- 85. Infrastructure graph Execution permissions Read/Write permissions Event source
- 92. > cat template.yaml Resources: MyDemoBucket: Type: AWS::S3::Bucket Properties: BucketName: demo-for-scl-2019
- 93. > cat template.yaml Resources: MyDemoBucket: Type: AWS::S3::Bucket Properties: BucketName: demo-for-scl-2019 > aws cloudformation deploy --template-file template.yaml --stack-name DemoStack3
- 95. Waiting for change-set to be created..
- 96. Waiting for change-set to be created.. Waiting for stack create/update to complete
- 97. Waiting for change-set to be created.. Waiting for stack create/update to complete Successfully created/updated stack - DemoStack3
- 98. Why DemoStack3?
- 101. Why DemoStack3? BucketName: dem_for_scl_2019 Failed to create/update the stack. Run the following command
- 102. Why DemoStack3? BucketName: dem_for_scl_2019 Failed to create/update the stack. Run the following command to fetch the list of events leading up to the failure
- 103. Why DemoStack3? BucketName: dem_for_scl_2019 Failed to create/update the stack. Run the following command to fetch the list of events leading up to the failure
- 104. Why DemoStack3? BucketName: dem_for_scl_2019 Failed to create/update the stack. Run the following command to fetch the list of events leading up to the failure aws cloudformation describe-stack-events --stack-name DemoStack3
- 105. Why DemoStack3? BucketName: dem_for_scl_2019 Failed to create/update the stack. Run the following command to fetch the list of events leading up to the failure aws cloudformation describe-stack-events --stack-name DemoStack3 { "StackEvents": [ { "StackId": "arn:aws:cloudformation:eu-west-1:374733882471:stack/DemoStack2/0363ce60-d8ba-11e9-b8ea-069f6d7e1780", "EventId": "1959c120-d8ba-11e9-bb16-0abc432e4032", "StackName": "DemoStack2", "LogicalResourceId": "DemoStack2", "PhysicalResourceId": "arn:aws:cloudformation:eu-west-1:374733882471:stack/DemoStack2/0363ce60-d8ba-11e9-b8ea-069f6d7e1780", "ResourceType": "AWS::CloudFormation::Stack", "Timestamp": "2019-09-16T19:42:21.223Z", "ResourceStatus": "ROLLBACK_COMPLETE" }, { "StackId": "arn:aws:cloudformation:eu-west-1:374733882471:stack/DemoStack2/0363ce60-d8ba-11e9-b8ea-069f6d7e1780", "EventId": "MyFirstBucket-DELETE_COMPLETE-2019-09-16T19:42:20.814Z", "StackName": "DemoStack2", "LogicalResourceId": "MyFirstBucket", "PhysicalResourceId": "", "ResourceType": "AWS::S3::Bucket", "Timestamp": "2019-09-16T19:42:20.814Z", "ResourceStatus": "DELETE_COMPLETE",
- 107. I thought this was a talk about CDK?
- 108. Using CDK to generate CloudFormation
- 113. CDK synth
- 114. CDK synth > cdk synth
- 115. CDK synth > cdk synth @aws-cdk/aws-s3/lib/bucket.js:539 throw new Error(`Invalid S3 bucket name (value: ${bucketName})${os_1.EOL}$ {errors.join(os_1.EOL)}`); Error: Invalid S3 bucket name (value: demo_for_scl_2019) Bucket name must only contain lowercase characters and the symbols, period (.) and dash (-) (offset: 3) at ….
- 116. CDK synth > cdk synth @aws-cdk/aws-s3/lib/bucket.js:539 throw new Error(`Invalid S3 bucket name (value: ${bucketName})${os_1.EOL}$ {errors.join(os_1.EOL)}`); Error: Invalid S3 bucket name (value: demo_for_scl_2019) Bucket name must only contain lowercase characters and the symbols, period (.) and dash (-) (offset: 3) at ….
- 117. CDK synth > cdk synth @aws-cdk/aws-s3/lib/bucket.js:539 throw new Error(`Invalid S3 bucket name (value: ${bucketName})${os_1.EOL}$ {errors.join(os_1.EOL)}`); Error: Invalid S3 bucket name (value: demo_for_scl_2019) Bucket name must only contain lowercase characters and the symbols, period (.) and dash (-) (offset: 3) at ….
- 121. > cdk synth
- 126. CDK structure (bottom up) • CloudFormation (Cfn)
- 127. CDK structure (bottom up) • CloudFormation (Cfn) • Resource Constructs
- 128. CDK structure (bottom up) • CloudFormation (Cfn) • Resource Constructs • Constructs (reusable)
- 129. CDK structure (bottom up) • CloudFormation (Cfn) • Resource Constructs • Constructs (reusable) • Stacks
- 130. CDK structure (bottom up) • CloudFormation (Cfn) • Resource Constructs • Constructs (reusable) • Stacks • Applications
- 132. Basic stack demo
- 133. CDK constructor interface (3 params)
- 134. CDK constructor interface (3 params) • Scope ( app for stacks, this for constructs )
- 135. CDK constructor interface (3 params) • Scope ( app for stacks, this for constructs ) • Id (unique within this scope)
- 136. CDK constructor interface (3 params) • Scope ( app for stacks, this for constructs ) • Id (unique within this scope) • Properties (arguments)
- 139. export class HelloCdkStack extends cdk.Stack { constructor( scope: cdk.App, id: string, props?: props ) { super(scope, id); new s3.Bucket( this, ‘MyFirstBucket', { bucketName: “demo-for-scl-2019”, } ); } } Scope Id
- 140. export class HelloCdkStack extends cdk.Stack { constructor( scope: cdk.App, id: string, props?: props ) { super(scope, id); new s3.Bucket( this, ‘MyFirstBucket', { bucketName: “demo-for-scl-2019”, } ); } } Scope Id Properties
- 141. export class HelloCdkStack extends cdk.Stack { constructor( scope: cdk.App, id: string, props?: props ) { super(scope, id); new s3.Bucket( this, ‘MyFirstBucket', { bucketName: “demo-for-scl-2019”, } ); } } Scope Id Properties Scope
- 142. export class HelloCdkStack extends cdk.Stack { constructor( scope: cdk.App, id: string, props?: props ) { super(scope, id); new s3.Bucket( this, ‘MyFirstBucket', { bucketName: “demo-for-scl-2019”, } ); } } Scope Id Properties Scope Id
- 143. export class HelloCdkStack extends cdk.Stack { constructor( scope: cdk.App, id: string, props?: props ) { super(scope, id); new s3.Bucket( this, ‘MyFirstBucket', { bucketName: “demo-for-scl-2019”, } ); } } Scope Id Properties Scope Id Properties
- 148. Events & Permissions
- 149. S3 event source
- 150. S3 event source Execution permissions Event source
- 151. S3 event source Execution permissions Read/Write permissions Event source
- 154. import cdk =
- 167. // object store
- 191. CDK synth
- 194. Full s3/lambda demo
- 196. Other Lambda event sources? • SQS
- 197. Other Lambda event sources? • SQS • SNS
- 198. Other Lambda event sources? • SQS • SNS • DynamoDB Streams
- 199. Other Lambda event sources? • SQS • SNS • DynamoDB Streams • Kinesis
- 200. Other Lambda event sources? • SQS • SNS • DynamoDB Streams • Kinesis • More planned
- 201. HTTP event source with ApiGateway
- 202. HTTP event source with ApiGateway const apigateway = require("@aws-cdk/aws-apigateway");
- 203. HTTP event source with ApiGateway const apigateway = require("@aws-cdk/aws-apigateway");
- 204. HTTP event source with ApiGateway const apigateway = require("@aws-cdk/aws-apigateway"); const api = new apigateway.RestApi(this, "itemsApi", {
- 205. HTTP event source with ApiGateway const apigateway = require("@aws-cdk/aws-apigateway"); const api = new apigateway.RestApi(this, "itemsApi", { restApiName: "Items Service"
- 206. HTTP event source with ApiGateway const apigateway = require("@aws-cdk/aws-apigateway"); const api = new apigateway.RestApi(this, "itemsApi", { restApiName: "Items Service" });
- 207. HTTP event source with ApiGateway const apigateway = require("@aws-cdk/aws-apigateway"); const api = new apigateway.RestApi(this, "itemsApi", { restApiName: "Items Service" });
- 208. HTTP event source with ApiGateway const apigateway = require("@aws-cdk/aws-apigateway"); const api = new apigateway.RestApi(this, "itemsApi", { restApiName: "Items Service" }); const items = api.root.addResource("items");
- 209. HTTP event source with ApiGateway const apigateway = require("@aws-cdk/aws-apigateway"); const api = new apigateway.RestApi(this, "itemsApi", { restApiName: "Items Service" }); const items = api.root.addResource("items");
- 210. HTTP event source with ApiGateway const apigateway = require("@aws-cdk/aws-apigateway"); const api = new apigateway.RestApi(this, "itemsApi", { restApiName: "Items Service" }); const items = api.root.addResource("items"); const lambdaIntergration
- 211. HTTP event source with ApiGateway const apigateway = require("@aws-cdk/aws-apigateway"); const api = new apigateway.RestApi(this, "itemsApi", { restApiName: "Items Service" }); const items = api.root.addResource("items"); const lambdaIntergration = new apigateway.LambdaIntegration(aLambdaObject);
- 212. HTTP event source with ApiGateway const apigateway = require("@aws-cdk/aws-apigateway"); const api = new apigateway.RestApi(this, "itemsApi", { restApiName: "Items Service" }); const items = api.root.addResource("items"); const lambdaIntergration = new apigateway.LambdaIntegration(aLambdaObject);
- 213. HTTP event source with ApiGateway const apigateway = require("@aws-cdk/aws-apigateway"); const api = new apigateway.RestApi(this, "itemsApi", { restApiName: "Items Service" }); const items = api.root.addResource("items"); const lambdaIntergration = new apigateway.LambdaIntegration(aLambdaObject); items.addMethod("GET", lambdaIntergration);
- 214. Tips & tricks
- 215. Stack base class
- 231. Misc
- 232. Misc • Stack.of(construct) - access stack at any point (useful if you need stack.region)
- 233. Misc • Stack.of(construct) - access stack at any point (useful if you need stack.region) • Do not edit anything through web UI
- 236. Serverless Application Model (SAM) • Serverless YAML shortcuts for CloudFormation YAML (not as nice as CDK IMHO!)
- 237. Serverless Application Model (SAM) • Serverless YAML shortcuts for CloudFormation YAML (not as nice as CDK IMHO!) • Local testing and debugging
- 238. Setup for local testing
- 239. Setup for local testing • cdk synth —no-staging > template.yaml
- 240. Setup for local testing • cdk synth —no-staging > template.yaml • Find lambda resource name
- 241. Setup for local testing • cdk synth —no-staging > template.yaml • Find lambda resource name • Create payload.json (sam local generate- event s3) and env.json
- 242. Setup for local testing • cdk synth —no-staging > template.yaml • Find lambda resource name • Create payload.json (sam local generate- event s3) and env.json • sam local invoke —env-var env.json — event payload.json lambdaResourceName
- 243. Local invoke demo
- 244. Lambda Layers
- 245. Layer
- 246. Layer • Runtime (OS + Language)
- 247. Layer • Runtime (OS + Language) • Your code (with all dependencies)
- 248. Layer
- 249. Layer • Runtime (OS + Language)
- 250. Layer • Runtime (OS + Language) • Shared dependencies (in a Layer)
- 251. Layer • Runtime (OS + Language) • Shared dependencies (in a Layer) • Your code
- 252. Creating a layer
- 254. // Create a layer const baseLayer = new lambda.LayerVersion( this, 'MyBaseLayer', { compatibleRuntimes: [ lambda.Runtime.NODEJS_8_10 ], code: lambda.Code.fromAsset('../layer/base') } ); layer └── base └── nodejs ├── node_modules/.. ├── package-lock.json └── package.json
- 255. // Create a layer const baseLayer = new lambda.LayerVersion( this, 'MyBaseLayer', { compatibleRuntimes: [ lambda.Runtime.NODEJS_8_10 ], code: lambda.Code.fromAsset('../layer/base') } ); layer └── base └── nodejs ├── node_modules/.. ├── package-lock.json └── package.json
- 256. CDK: Chicken & Egg • Layer has ARN (Amazon Resource Name) • Lambda depends on ARN • CDK: Updating layer deletes old ARN… which breaks dependency across stacks
- 277. Using the layer (in another stack)
- 285. Balance
- 288. YAML Is Better than Your Favorite Language: Fightin' words about Infrastructure as code | Ben Kehoe https://acloud.guru/series/ serverlessconf-nyc-2019/view/ yaml-better
- 289. Review
- 290. Review
- 291. Review • IaC: repeatable, versionable, speed of deploy
- 292. Review • IaC: repeatable, versionable, speed of deploy • CloudFormation: Infrastructure Graph Engine - learn to read it
- 293. Review • IaC: repeatable, versionable, speed of deploy • CloudFormation: Infrastructure Graph Engine - learn to read it • CDK: apps, stacks, constructs
- 294. Review • IaC: repeatable, versionable, speed of deploy • CloudFormation: Infrastructure Graph Engine - learn to read it • CDK: apps, stacks, constructs • Local dev and Lambda Layers
- 295. Review • IaC: repeatable, versionable, speed of deploy • CloudFormation: Infrastructure Graph Engine - learn to read it • CDK: apps, stacks, constructs • Local dev and Lambda Layers • A bunch of other bits that I hope are useful
- 296. The end • Slides online later • Contact / follow: @leolapworth • Thank you
- 297. Here to answer questions Richard Boyd - AWS Developer Advocate for developer tools