github.com/misfo/deis@v1.0.1-0.20141111224634-e0eee0392b8a/contrib/ec2/deis.template.json (about) 1 { 2 "AWSTemplateFormatVersion" : "2010-09-09", 3 "Description": "Deis on EC2: http://deis.io/", 4 "Parameters" : { 5 "KeyPair" : { 6 "Description" : "Name of an existing EC2 KeyPair to enable SSH access to the Deis hosts", 7 "Type" : "String", 8 "MinLength": "1", 9 "MaxLength": "64", 10 "AllowedPattern" : "[-_ a-zA-Z0-9]*", 11 "ConstraintDescription" : "can contain only alphanumeric characters, spaces, dashes and underscores." 12 }, 13 "ClusterSize": { 14 "Default": "3", 15 "MinValue": "3", 16 "MaxValue": "12", 17 "Description": "Number of nodes in cluster (3-12).", 18 "Type": "Number" 19 }, 20 "SSHFrom" : { 21 "Description" : "Lockdown SSH access to the Deis hosts (default: can be accessed from anywhere)", 22 "Type" : "String", 23 "MinLength": "9", 24 "MaxLength": "18", 25 "Default" : "0.0.0.0/0", 26 "AllowedPattern" : "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})", 27 "ConstraintDescription" : "must be a valid CIDR range of the form x.x.x.x/x." 28 }, 29 "InstanceType" : { 30 "Description" : "EC2 instance type (see http://aws.amazon.com/ec2/instance-types/)", 31 "Type" : "String", 32 "Default" : "m3.large", 33 "AllowedValues" : [ 34 "m3.medium", 35 "m3.large", 36 "m3.xlarge", 37 "m3.2xlarge", 38 "m1.medium", 39 "m1.large", 40 "m1.xlarge", 41 "c3.large", 42 "c3.xlarge", 43 "c3.2xlarge", 44 "c3.4xlarge", 45 "c3.8xlarge", 46 "c1.medium", 47 "c1.xlarge", 48 "cc2.8xlarge", 49 "g2.2xlarge", 50 "cg1.4xlarge", 51 "m2.xlarge", 52 "m2.4xlarge", 53 "cr1.8xlarge", 54 "hi1.4xlarge", 55 "hs1.8xlarge", 56 "i2.xlarge", 57 "i2.2xlarge", 58 "i2.4xlarge", 59 "i2.8xlarge", 60 "r3.large", 61 "r3.xlarge", 62 "r3.2xlarge", 63 "r3.4xlarge", 64 "r3.8xlarge", 65 "t2.medium" 66 ], 67 "ConstraintDescription" : "must be a valid EC2 instance type." 68 }, 69 "EC2VirtualizationType" : { 70 "Description" : "EC2 AMI virtualization type (see http://aws.amazon.com/amazon-linux-ami/instance-type-matrix/)", 71 "Type": "String", 72 "Default": "PV", 73 "AllowedValues" : [ "PV", "HVM" ], 74 "ConstraintDescription" : "must be either PV or HVM" 75 }, 76 "AssociatePublicIP": { 77 "Description": "Whether to associate a public IP address to the instances", 78 "Type": "String", 79 "Default": "true", 80 "AllowedValues" : [ "true", "false" ], 81 "ConstraintDescription" : "must be either true or false" 82 } 83 }, 84 85 "Mappings" : { 86 "CoreOSAMIs" : { 87 "eu-central-1" : { "PV" : "ami-0cae9811", "HVM" : "ami-12ae980f" }, 88 "ap-northeast-1" : { "PV" : "ami-9f60599e", "HVM" : "ami-9d60599c" }, 89 "sa-east-1" : { "PV" : "ami-21ca7c3c", "HVM" : "ami-23ca7c3e" }, 90 "ap-southeast-2" : { "PV" : "ami-adb9d697", "HVM" : "ami-afb9d695" }, 91 "ap-southeast-1" : { "PV" : "ami-0eebc85c", "HVM" : "ami-0cebc85e" }, 92 "us-east-1" : { "PV" : "ami-30058d58", "HVM" : "ami-3e058d56" }, 93 "us-west-2" : { "PV" : "ami-b34f0483", "HVM" : "ami-b14f0481" }, 94 "us-west-1" : { "PV" : "ami-ff7264ba", "HVM" : "ami-f97264bc" }, 95 "eu-west-1" : { "PV" : "ami-1e47f269", "HVM" : "ami-1c47f26b" } 96 97 }, 98 "RootDevices" : { 99 "HVM" : { "Name": "/dev/xvda" }, 100 "PV" : { "Name": "/dev/sda" } 101 }, 102 "SubnetConfig" : { 103 "VPC" : { "CIDR" : "10.21.0.0/16" }, 104 "Subnet1" : { "CIDR" : "10.21.1.0/24" }, 105 "Subnet2" : { "CIDR" : "10.21.2.0/24" } 106 } 107 }, 108 109 "Resources" : { 110 "VPC" : { 111 "Type" : "AWS::EC2::VPC", 112 "Properties" : { 113 "EnableDnsSupport" : "true", 114 "EnableDnsHostnames" : "true", 115 "CidrBlock" : { "Fn::FindInMap" : [ "SubnetConfig", "VPC", "CIDR" ]}, 116 "Tags" : [ 117 { "Key" : "Application", "Value" : "Deis" } 118 ] 119 } 120 }, 121 "Subnet1" : { 122 "Type" : "AWS::EC2::Subnet", 123 "Properties" : { 124 "VpcId" : { "Ref" : "VPC" }, 125 "AvailabilityZone": { "Fn::Select" : [ 0, { "Fn::GetAZs" : "" } ] }, 126 "CidrBlock" : { "Fn::FindInMap" : [ "SubnetConfig", "Subnet1", "CIDR" ]}, 127 "Tags" : [ 128 { "Key" : "Application", "Value" : "Deis" }, 129 { "Key" : "Network", "Value" : "Private" } 130 ] 131 } 132 }, 133 "Subnet2" : { 134 "Type" : "AWS::EC2::Subnet", 135 "Properties" : { 136 "VpcId" : { "Ref" : "VPC" }, 137 "AvailabilityZone": { "Fn::Select" : [ 1, { "Fn::GetAZs" : "" } ] }, 138 "CidrBlock" : { "Fn::FindInMap" : [ "SubnetConfig", "Subnet2", "CIDR" ]}, 139 "Tags" : [ 140 { "Key" : "Application", "Value" : "Deis" }, 141 { "Key" : "Network", "Value" : "Private" } 142 ] 143 } 144 }, 145 "InternetGateway" : { 146 "Type" : "AWS::EC2::InternetGateway", 147 "Properties" : { 148 "Tags" : [ 149 { "Key" : "Application", "Value" : "Deis" }, 150 { "Key" : "Network", "Value" : "Public" } 151 ] 152 } 153 }, 154 "GatewayToInternet" : { 155 "Type" : "AWS::EC2::VPCGatewayAttachment", 156 "Properties" : { 157 "VpcId" : { "Ref" : "VPC" }, 158 "InternetGatewayId" : { "Ref" : "InternetGateway" } 159 } 160 }, 161 "PublicRouteTable" : { 162 "Type" : "AWS::EC2::RouteTable", 163 "DependsOn" : "GatewayToInternet", 164 "Properties" : { 165 "VpcId" : { "Ref" : "VPC" }, 166 "Tags" : [ 167 { "Key" : "Application", "Value" : "Deis" }, 168 { "Key" : "Network", "Value" : "Public" } 169 ] 170 } 171 }, 172 "PublicRoute" : { 173 "Type" : "AWS::EC2::Route", 174 "DependsOn" : "GatewayToInternet", 175 "Properties" : { 176 "RouteTableId" : { "Ref" : "PublicRouteTable" }, 177 "DestinationCidrBlock" : "0.0.0.0/0", 178 "GatewayId" : { "Ref" : "InternetGateway" } 179 } 180 }, 181 "Subnet1RouteTableAssociation" : { 182 "Type" : "AWS::EC2::SubnetRouteTableAssociation", 183 "Properties" : { 184 "SubnetId" : { "Ref" : "Subnet1" }, 185 "RouteTableId" : { "Ref" : "PublicRouteTable" } 186 } 187 }, 188 "Subnet2RouteTableAssociation" : { 189 "Type" : "AWS::EC2::SubnetRouteTableAssociation", 190 "Properties" : { 191 "SubnetId" : { "Ref" : "Subnet2" }, 192 "RouteTableId" : { "Ref" : "PublicRouteTable" } 193 } 194 }, 195 "CoreOSServerAutoScale": { 196 "Type": "AWS::AutoScaling::AutoScalingGroup", 197 "Properties": { 198 "AvailabilityZones": [ 199 { "Fn::GetAtt" : [ "Subnet1", "AvailabilityZone" ] }, 200 { "Fn::GetAtt" : [ "Subnet2", "AvailabilityZone" ] } 201 ], 202 "VPCZoneIdentifier": [ 203 { "Ref" : "Subnet1" }, 204 { "Ref" : "Subnet2" } 205 ], 206 "LaunchConfigurationName": {"Ref": "CoreOSServerLaunchConfig"}, 207 "MinSize": "3", 208 "MaxSize": "12", 209 "DesiredCapacity": {"Ref": "ClusterSize"}, 210 "Tags": [ 211 {"Key": "Name", "Value": "Deis", "PropagateAtLaunch": true} 212 ], 213 "LoadBalancerNames": [ 214 { "Ref": "DeisWebELB" } 215 ] 216 } 217 }, 218 "CoreOSServerLaunchConfig": { 219 "Type": "AWS::AutoScaling::LaunchConfiguration", 220 "DependsOn" : "GatewayToInternet", 221 "Properties": { 222 "ImageId" : { "Fn::FindInMap" : [ "CoreOSAMIs", { "Ref" : "AWS::Region" }, { "Ref" : "EC2VirtualizationType" }]}, 223 "InstanceType": {"Ref": "InstanceType"}, 224 "KeyName": {"Ref": "KeyPair"}, 225 "UserData" : { "Fn::Base64": { "Fn::Join": [ "", [ ] ] } }, 226 "AssociatePublicIpAddress": {"Ref": "AssociatePublicIP"}, 227 "SecurityGroups": [ { "Fn::GetAtt": ["VPCSecurityGroup", "GroupId"] } ], 228 "BlockDeviceMappings" : [ 229 { 230 "DeviceName" : { "Fn::FindInMap": [ "RootDevices", { "Ref": "EC2VirtualizationType" }, "Name" ] }, 231 "Ebs" : { "VolumeSize" : "100" } 232 } 233 ] 234 } 235 }, 236 "DeisWebELB": { 237 "Type": "AWS::ElasticLoadBalancing::LoadBalancer", 238 "DependsOn" : "GatewayToInternet", 239 "Properties": { 240 "HealthCheck": { 241 "HealthyThreshold": "4", 242 "Interval": "15", 243 "Target": "HTTP:80/health-check", 244 "Timeout": "5", 245 "UnhealthyThreshold": "2" 246 }, 247 "Subnets": [ 248 { "Ref" : "Subnet1" }, 249 { "Ref" : "Subnet2" } 250 ], 251 "Listeners": [ 252 { 253 "InstancePort": "80", 254 "InstanceProtocol": "HTTP", 255 "LoadBalancerPort": "80", 256 "Protocol": "HTTP" 257 }, 258 { 259 "InstancePort": "2222", 260 "InstanceProtocol": "TCP", 261 "LoadBalancerPort": "2222", 262 "Protocol": "TCP" 263 } 264 ], 265 "SecurityGroups": [ 266 { 267 "Fn::GetAtt": ["DeisWebELBSecurityGroup", "GroupId"] 268 } 269 ] 270 } 271 }, 272 "DeisWebELBSecurityGroup": { 273 "Type": "AWS::EC2::SecurityGroup", 274 "Properties": { 275 "GroupDescription": "Deis Web ELB SecurityGroup", 276 "SecurityGroupIngress": [ 277 {"IpProtocol": "tcp", "FromPort": "80", "ToPort": "80", "CidrIp": "0.0.0.0/0"}, 278 {"IpProtocol": "tcp", "FromPort": "2222", "ToPort": "2222", "CidrIp": "0.0.0.0/0"} 279 ], 280 "VpcId": { "Ref" : "VPC" } 281 } 282 }, 283 "VPCSecurityGroup" : { 284 "Type" : "AWS::EC2::SecurityGroup", 285 "Properties" : { 286 "GroupDescription" : "Enable public SSH and intra-VPC communication", 287 "SecurityGroupIngress" : [ 288 {"IpProtocol": "tcp", "FromPort" : "22", "ToPort" : "22", "CidrIp" : { "Ref" : "SSHFrom" }}, 289 {"IpProtocol": "tcp", "FromPort": "80", "ToPort": "80", "SourceSecurityGroupId": { "Ref": "DeisWebELBSecurityGroup" } }, 290 {"IpProtocol": "tcp", "FromPort": "2222", "ToPort": "2222", "SourceSecurityGroupId": { "Ref": "DeisWebELBSecurityGroup" } } 291 ], 292 "VpcId" : { "Ref" : "VPC" } 293 } 294 }, 295 "VPCSecurityGroupIngress": { 296 "Type": "AWS::EC2::SecurityGroupIngress", 297 "Properties": { 298 "GroupId": { "Ref": "VPCSecurityGroup" }, 299 "IpProtocol": "-1", 300 "FromPort": "0", 301 "ToPort": "65535", 302 "SourceSecurityGroupId": { "Ref": "VPCSecurityGroup" } 303 } 304 } 305 }, 306 "Outputs" : { 307 "DNSName" : { 308 "Description" : "DNS Name of the ELB", 309 "Value" : { "Fn::GetAtt" : ["DeisWebELB", "DNSName"] } 310 } 311 } 312 }