github.com/arkadijs/deis@v1.5.1/contrib/ec2/deis.template.json (about) 1 { 2 "AWSTemplateFormatVersion" : "2010-09-09", 3 "Description": "Deis on EC2: http://deis.io/", 4 "Parameters" : { 5 "KeyPair" : { 6 "Description" : "Name of an existing EC2 KeyPair to enable SSH access to the Deis hosts", 7 "Type" : "String", 8 "MinLength": "1", 9 "MaxLength": "64", 10 "AllowedPattern" : "[-_ a-zA-Z0-9]*", 11 "ConstraintDescription" : "can contain only alphanumeric characters, spaces, dashes and underscores." 12 }, 13 "ClusterSize": { 14 "Default": "3", 15 "MinValue": "3", 16 "MaxValue": "12", 17 "Description": "Number of nodes in cluster (3-12).", 18 "Type": "Number" 19 }, 20 "IamInstanceProfile" : { 21 "Description" : "(Optional) Set IAM instance profile for Deis hosts (default: none)", 22 "Type" : "String", 23 "Default": "" 24 }, 25 "SSHFrom" : { 26 "Description" : "Lockdown SSH access to the Deis hosts (default: can be accessed from anywhere)", 27 "Type" : "String", 28 "MinLength": "9", 29 "MaxLength": "18", 30 "Default" : "0.0.0.0/0", 31 "AllowedPattern" : "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})", 32 "ConstraintDescription" : "must be a valid CIDR range of the form x.x.x.x/x." 33 }, 34 "InstanceType" : { 35 "Description" : "EC2 instance type (see http://aws.amazon.com/ec2/instance-types/)", 36 "Type" : "String", 37 "Default" : "m3.large", 38 "AllowedValues" : [ 39 "m3.medium", 40 "m3.large", 41 "m3.xlarge", 42 "m3.2xlarge", 43 "m1.medium", 44 "m1.large", 45 "m1.xlarge", 46 "c3.large", 47 "c3.xlarge", 48 "c3.2xlarge", 49 "c3.4xlarge", 50 "c3.8xlarge", 51 "c1.medium", 52 "c1.xlarge", 53 "cc2.8xlarge", 54 "g2.2xlarge", 55 "cg1.4xlarge", 56 "m2.xlarge", 57 "m2.4xlarge", 58 "cr1.8xlarge", 59 "hi1.4xlarge", 60 "hs1.8xlarge", 61 "i2.xlarge", 62 "i2.2xlarge", 63 "i2.4xlarge", 64 "i2.8xlarge", 65 "r3.large", 66 "r3.xlarge", 67 "r3.2xlarge", 68 "r3.4xlarge", 69 "r3.8xlarge", 70 "t2.medium" 71 ], 72 "ConstraintDescription" : "must be a valid EC2 instance type." 73 }, 74 "EC2VirtualizationType" : { 75 "Description" : "EC2 AMI virtualization type (see http://aws.amazon.com/amazon-linux-ami/instance-type-matrix/)", 76 "Type": "String", 77 "Default": "PV", 78 "AllowedValues" : [ "PV", "HVM" ], 79 "ConstraintDescription" : "must be either PV or HVM" 80 }, 81 "EC2EBSVolumeType" : { 82 "Description" : "EC2 EBS VolumeType", 83 "Type": "String", 84 "Default": "gp2", 85 "AllowedValues" : [ "gp2", "standard" ], 86 "ConstraintDescription" : "must be either 'gp2' for SSD or 'standard' for magnetic (provisioned iOPS requires further manual changes)" 87 }, 88 "AssociatePublicIP": { 89 "Description": "Whether to associate a public IP address to the instances", 90 "Type": "String", 91 "Default": "true", 92 "AllowedValues" : [ "true", "false" ], 93 "ConstraintDescription" : "must be either true or false" 94 }, 95 "ELBScheme": { 96 "Description": "Whether to create an internal-only load balancer, or a public-facing one (default)", 97 "Type": "String", 98 "Default": "internet-facing", 99 "AllowedValues" : [ "internet-facing", "internal" ], 100 "ConstraintDescription" : "must be either 'internet-facing' for public use, or 'internal' for private use" 101 } 102 }, 103 104 "Mappings" : { 105 "CoreOSAMIs" : { 106 "eu-central-1" : { "PV" : "ami-0c300d11", "HVM" : "ami-0e300d13" }, 107 "ap-northeast-1" : { "PV" : "ami-b128dcb1", "HVM" : "ami-af28dcaf" }, 108 "sa-east-1" : { "PV" : "ami-2154ec3c", "HVM" : "ami-2354ec3e" }, 109 "ap-southeast-2" : { "PV" : "ami-bbb5c581", "HVM" : "ami-b9b5c583" }, 110 "ap-southeast-1" : { "PV" : "ami-fa0b3aa8", "HVM" : "ami-f80b3aaa" }, 111 "us-east-1" : { "PV" : "ami-343b195c", "HVM" : "ami-323b195a" }, 112 "us-west-2" : { "PV" : "ami-0989a439", "HVM" : "ami-0789a437" }, 113 "us-west-1" : { "PV" : "ami-83d533c7", "HVM" : "ami-8dd533c9" }, 114 "eu-west-1" : { "PV" : "ami-57950a20", "HVM" : "ami-55950a22" } 115 116 }, 117 "RootDevices" : { 118 "HVM" : { "Name": "/dev/xvda" }, 119 "PV" : { "Name": "/dev/sda" } 120 }, 121 "SubnetConfig" : { 122 "VPC" : { "CIDR" : "10.21.0.0/16" }, 123 "Subnet1" : { "CIDR" : "10.21.1.0/24" }, 124 "Subnet2" : { "CIDR" : "10.21.2.0/24" } 125 } 126 }, 127 128 "Conditions" : { 129 "UseIamInstanceProfile" : { 130 "Fn::Not" : [{ 131 "Fn::Equals" : [ 132 { "Ref" : "IamInstanceProfile" }, 133 "" 134 ] 135 }] 136 } 137 }, 138 139 "Resources" : { 140 "VPC" : { 141 "Type" : "AWS::EC2::VPC", 142 "Properties" : { 143 "EnableDnsSupport" : "true", 144 "EnableDnsHostnames" : "true", 145 "CidrBlock" : { "Fn::FindInMap" : [ "SubnetConfig", "VPC", "CIDR" ]}, 146 "Tags" : [ 147 { "Key" : "Application", "Value" : "Deis" } 148 ] 149 } 150 }, 151 "Subnet1" : { 152 "Type" : "AWS::EC2::Subnet", 153 "Properties" : { 154 "VpcId" : { "Ref" : "VPC" }, 155 "AvailabilityZone": { "Fn::Select" : [ 0, { "Fn::GetAZs" : "" } ] }, 156 "CidrBlock" : { "Fn::FindInMap" : [ "SubnetConfig", "Subnet1", "CIDR" ]}, 157 "Tags" : [ 158 { "Key" : "Application", "Value" : "Deis" }, 159 { "Key" : "Network", "Value" : "Private" } 160 ] 161 } 162 }, 163 "Subnet2" : { 164 "Type" : "AWS::EC2::Subnet", 165 "Properties" : { 166 "VpcId" : { "Ref" : "VPC" }, 167 "AvailabilityZone": { "Fn::Select" : [ 1, { "Fn::GetAZs" : "" } ] }, 168 "CidrBlock" : { "Fn::FindInMap" : [ "SubnetConfig", "Subnet2", "CIDR" ]}, 169 "Tags" : [ 170 { "Key" : "Application", "Value" : "Deis" }, 171 { "Key" : "Network", "Value" : "Private" } 172 ] 173 } 174 }, 175 "InternetGateway" : { 176 "Type" : "AWS::EC2::InternetGateway", 177 "Properties" : { 178 "Tags" : [ 179 { "Key" : "Application", "Value" : "Deis" }, 180 { "Key" : "Network", "Value" : "Public" } 181 ] 182 } 183 }, 184 "GatewayToInternet" : { 185 "Type" : "AWS::EC2::VPCGatewayAttachment", 186 "Properties" : { 187 "VpcId" : { "Ref" : "VPC" }, 188 "InternetGatewayId" : { "Ref" : "InternetGateway" } 189 } 190 }, 191 "PublicRouteTable" : { 192 "Type" : "AWS::EC2::RouteTable", 193 "DependsOn" : "GatewayToInternet", 194 "Properties" : { 195 "VpcId" : { "Ref" : "VPC" }, 196 "Tags" : [ 197 { "Key" : "Application", "Value" : "Deis" }, 198 { "Key" : "Network", "Value" : "Public" } 199 ] 200 } 201 }, 202 "PublicRoute" : { 203 "Type" : "AWS::EC2::Route", 204 "DependsOn" : "GatewayToInternet", 205 "Properties" : { 206 "RouteTableId" : { "Ref" : "PublicRouteTable" }, 207 "DestinationCidrBlock" : "0.0.0.0/0", 208 "GatewayId" : { "Ref" : "InternetGateway" } 209 } 210 }, 211 "Subnet1RouteTableAssociation" : { 212 "Type" : "AWS::EC2::SubnetRouteTableAssociation", 213 "Properties" : { 214 "SubnetId" : { "Ref" : "Subnet1" }, 215 "RouteTableId" : { "Ref" : "PublicRouteTable" } 216 } 217 }, 218 "Subnet2RouteTableAssociation" : { 219 "Type" : "AWS::EC2::SubnetRouteTableAssociation", 220 "Properties" : { 221 "SubnetId" : { "Ref" : "Subnet2" }, 222 "RouteTableId" : { "Ref" : "PublicRouteTable" } 223 } 224 }, 225 "CoreOSServerAutoScale": { 226 "Type": "AWS::AutoScaling::AutoScalingGroup", 227 "Properties": { 228 "AvailabilityZones": [ 229 { "Fn::GetAtt" : [ "Subnet1", "AvailabilityZone" ] }, 230 { "Fn::GetAtt" : [ "Subnet2", "AvailabilityZone" ] } 231 ], 232 "VPCZoneIdentifier": [ 233 { "Ref" : "Subnet1" }, 234 { "Ref" : "Subnet2" } 235 ], 236 "LaunchConfigurationName": {"Ref": "CoreOSServerLaunchConfig"}, 237 "MinSize": "3", 238 "MaxSize": "12", 239 "DesiredCapacity": {"Ref": "ClusterSize"}, 240 "Tags": [ 241 {"Key": "Name", "Value": "Deis", "PropagateAtLaunch": true} 242 ], 243 "LoadBalancerNames": [ 244 { "Ref": "DeisWebELB" } 245 ] 246 } 247 }, 248 "CoreOSServerLaunchConfig": { 249 "Type": "AWS::AutoScaling::LaunchConfiguration", 250 "DependsOn" : "GatewayToInternet", 251 "Properties": { 252 "ImageId" : { "Fn::FindInMap" : [ "CoreOSAMIs", { "Ref" : "AWS::Region" }, { "Ref" : "EC2VirtualizationType" }]}, 253 "InstanceType": {"Ref": "InstanceType"}, 254 "IamInstanceProfile" : { 255 "Fn::If" : [ 256 "UseIamInstanceProfile", 257 { "Ref" : "IamInstanceProfile" }, 258 { "Ref" : "AWS::NoValue" } 259 ] 260 }, 261 "KeyName": {"Ref": "KeyPair"}, 262 "UserData" : { "Fn::Base64": { "Fn::Join": [ "", [ ] ] } }, 263 "AssociatePublicIpAddress": {"Ref": "AssociatePublicIP"}, 264 "SecurityGroups": [ { "Fn::GetAtt": ["VPCSecurityGroup", "GroupId"] } ], 265 "BlockDeviceMappings" : [ 266 { 267 "DeviceName" : { "Fn::FindInMap": [ "RootDevices", { "Ref": "EC2VirtualizationType" }, "Name" ] }, 268 "Ebs" : { "VolumeSize" : "50", "VolumeType": { "Ref": "EC2EBSVolumeType" } } 269 }, 270 { 271 "DeviceName" : "/dev/xvdf", 272 "Ebs" : { "VolumeSize" : "100", "VolumeType": { "Ref": "EC2EBSVolumeType" } } 273 } 274 ] 275 } 276 }, 277 "DeisWebELB": { 278 "Type": "AWS::ElasticLoadBalancing::LoadBalancer", 279 "DependsOn" : "GatewayToInternet", 280 "Properties": { 281 "Scheme" : {"Ref": "ELBScheme"}, 282 "HealthCheck": { 283 "HealthyThreshold": "4", 284 "Interval": "15", 285 "Target": "HTTP:80/health-check", 286 "Timeout": "5", 287 "UnhealthyThreshold": "2" 288 }, 289 "Subnets": [ 290 { "Ref" : "Subnet1" }, 291 { "Ref" : "Subnet2" } 292 ], 293 "Listeners": [ 294 { 295 "InstancePort": "80", 296 "InstanceProtocol": "HTTP", 297 "LoadBalancerPort": "80", 298 "Protocol": "HTTP" 299 }, 300 { 301 "InstancePort": "443", 302 "InstanceProtocol": "TCP", 303 "LoadBalancerPort": "443", 304 "Protocol": "TCP" 305 }, 306 { 307 "InstancePort": "2222", 308 "InstanceProtocol": "TCP", 309 "LoadBalancerPort": "2222", 310 "Protocol": "TCP" 311 } 312 ], 313 "SecurityGroups": [ 314 { 315 "Fn::GetAtt": ["DeisWebELBSecurityGroup", "GroupId"] 316 } 317 ], 318 "ConnectionSettings": { 319 "IdleTimeout": 1200 320 } 321 } 322 }, 323 "DeisWebELBSecurityGroup": { 324 "Type": "AWS::EC2::SecurityGroup", 325 "Properties": { 326 "GroupDescription": "Deis Web ELB SecurityGroup", 327 "SecurityGroupIngress": [ 328 {"IpProtocol": "tcp", "FromPort": "80", "ToPort": "80", "CidrIp": "0.0.0.0/0"}, 329 {"IpProtocol": "tcp", "FromPort": "443", "ToPort": "443", "CidrIp": "0.0.0.0/0"}, 330 {"IpProtocol": "tcp", "FromPort": "2222", "ToPort": "2222", "CidrIp": "0.0.0.0/0"} 331 ], 332 "VpcId": { "Ref" : "VPC" } 333 } 334 }, 335 "VPCSecurityGroup" : { 336 "Type" : "AWS::EC2::SecurityGroup", 337 "Properties" : { 338 "GroupDescription" : "Enable public SSH and intra-VPC communication", 339 "SecurityGroupIngress" : [ 340 {"IpProtocol": "tcp", "FromPort" : "22", "ToPort" : "22", "CidrIp" : { "Ref" : "SSHFrom" }}, 341 {"IpProtocol": "tcp", "FromPort": "80", "ToPort": "80", "SourceSecurityGroupId": { "Ref": "DeisWebELBSecurityGroup" } }, 342 {"IpProtocol": "tcp", "FromPort": "443", "ToPort": "443", "SourceSecurityGroupId": { "Ref": "DeisWebELBSecurityGroup" } }, 343 {"IpProtocol": "tcp", "FromPort": "2222", "ToPort": "2222", "SourceSecurityGroupId": { "Ref": "DeisWebELBSecurityGroup" } } 344 ], 345 "VpcId" : { "Ref" : "VPC" } 346 } 347 }, 348 "VPCSecurityGroupIngress": { 349 "Type": "AWS::EC2::SecurityGroupIngress", 350 "Properties": { 351 "GroupId": { "Ref": "VPCSecurityGroup" }, 352 "IpProtocol": "-1", 353 "FromPort": "0", 354 "ToPort": "65535", 355 "SourceSecurityGroupId": { "Ref": "VPCSecurityGroup" } 356 } 357 } 358 }, 359 "Outputs" : { 360 "DNSName" : { 361 "Description" : "DNS Name of the ELB", 362 "Value" : { "Fn::GetAtt" : ["DeisWebELB", "DNSName"] } 363 } 364 } 365 }