Created
March 27, 2018 06:42
-
-
Save sodiray/9f8cd1e1a11868c177d1e5f2c562d052 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| AWSTemplateFormatVersion: 2010-09-09 | |
| Description: "MyApp Service ECS" | |
| ####################### | |
| ### | |
| ### MAPPINGS | |
| ### | |
| ####################### | |
| # Mappings: | |
| ####################### | |
| ### | |
| ### PARAMETERS | |
| ### | |
| ####################### | |
| Parameters: | |
| Environment: | |
| Type: String | |
| InstanceSecurityGroup: | |
| Type: AWS::EC2::SecurityGroup::Id | |
| DockerImageTag: | |
| Type: String | |
| ####################### | |
| ### | |
| ### CONDITIONS | |
| ### | |
| ####################### | |
| # Conditions: | |
| ####################### | |
| ### | |
| ### METADATA | |
| ### | |
| ####################### | |
| # Metadata: | |
| ####################### | |
| ### | |
| ### RESOURCES | |
| ### | |
| ####################### | |
| Resources: | |
| ## | |
| ## ECS Service | |
| ## | |
| MyECSService: | |
| Type: AWS::ECS::Service | |
| DependsOn: | |
| - MyHTTPSALBListener | |
| - MyTargetGroup | |
| - MyServiceALB | |
| - MyServiceTaskDef | |
| Properties: | |
| Cluster: !Sub ${Environment}-env-cluster | |
| DesiredCount: 1 | |
| DeploymentConfiguration: | |
| MinimumHealthyPercent: 100 | |
| MaximumPercent: 150 | |
| LoadBalancers: | |
| - ContainerName: MyApp_container | |
| ContainerPort: 8053 | |
| TargetGroupArn: !Ref MyTargetGroup | |
| Role: | |
| "Fn::ImportValue": main-groups-ECSServiceRole | |
| TaskDefinition: !Ref MyServiceTaskDef | |
| PlacementStrategies: | |
| - Type: binpack | |
| Field: memory | |
| MyServiceTaskDef: | |
| Type: AWS::ECS::TaskDefinition | |
| Properties: | |
| TaskRoleArn: | |
| "Fn::ImportValue": main-groups-ECSTaskRole | |
| ContainerDefinitions: | |
| - Name: MyApp_container | |
| Cpu: 512 | |
| Memory: 1024 | |
| Essential: true | |
| Image: !Sub "${Account}.dkr.ecr.us-west-2.amazonaws.com/myService:${DockerImageTag}" | |
| PortMappings: | |
| - ContainerPort: 8053 | |
| ## | |
| ## Load Balancer | |
| ## | |
| MyServiceALB: | |
| Type: AWS::ElasticLoadBalancingV2::LoadBalancer | |
| Properties: | |
| Scheme: internal | |
| LoadBalancerAttributes: | |
| - Key: idle_timeout.timeout_seconds | |
| Value: '30' | |
| Subnets: | |
| - Fn::ImportValue: main-vpc-PrivateSubnetA | |
| - Fn::ImportValue: main-vpc-PrivateSubnetB | |
| - Fn::ImportValue: main-vpc-PrivateSubnetC | |
| SecurityGroups: | |
| - Ref: "InstanceSecurityGroup" | |
| Tags: | |
| - Key: Name | |
| Value: !Join [ "-", [ !Ref "AWS::StackName", "MyService-ALB"]] | |
| MyHTTPSALBListener: | |
| Type: AWS::ElasticLoadBalancingV2::Listener | |
| DependsOn: | |
| - MyServiceALB | |
| Properties: | |
| Port: '80' | |
| DefaultActions: | |
| - Type: forward | |
| TargetGroupArn: !Ref MyTargetGroup | |
| LoadBalancerArn: !Ref MyServiceALB | |
| Port: '443' | |
| Protocol: HTTPS | |
| Certificates: | |
| - CertificateArn: !FindInMap [ Environments, !Ref Environment, InternalDomainCertificateArn] | |
| MyHTTPSALBListenerRule: | |
| Type: AWS::ElasticLoadBalancingV2::ListenerRule | |
| DependsOn: | |
| - MyHTTPSALBListener | |
| Properties: | |
| Actions: | |
| - Type: forward | |
| TargetGroupArn: !Ref MyTargetGroup | |
| Conditions: | |
| - Field: path-pattern | |
| Values: [/] | |
| ListenerArn: !Ref 'MyHTTPSALBListener' | |
| Priority: 1 | |
| MyTargetGroup: | |
| Type: AWS::ElasticLoadBalancingV2::TargetGroup | |
| DependsOn: | |
| - MyServiceALB | |
| Properties: | |
| Name: !Join | |
| - '-' | |
| - - 'TG1' | |
| - !Select [ 2, !Split [ '-', !GetAtt MyServiceALB.LoadBalancerName]] | |
| HealthCheckIntervalSeconds: 10 | |
| HealthCheckPath: /ping | |
| HealthCheckProtocol: HTTP | |
| HealthCheckTimeoutSeconds: 5 | |
| HealthyThresholdCount: 2 | |
| Matcher: | |
| HttpCode: '200' | |
| Port: 443 | |
| Protocol: HTTP | |
| UnhealthyThresholdCount: 2 | |
| VpcId: | |
| "Fn::ImportValue": main-vpc-VpcId | |
| TargetGroupAttributes: | |
| - Key: deregistration_delay.timeout_seconds | |
| Value: '60' | |
| Tags: | |
| - Key: Name | |
| Value: !Sub ${AWS::StackName}-MyApp-TargetGroup | |
| ## | |
| ## Auto Scaling | |
| ## | |
| MyECSServiceScalingTarget: | |
| Type: AWS::ApplicationAutoScaling::ScalableTarget | |
| DependsOn: MyECSService | |
| Properties: | |
| MaxCapacity: !FindInMap [Environments, !Ref Environment, ServiceMaximumTasks] | |
| MinCapacity: !FindInMap [Environments, !Ref Environment, ServiceMinimumTasks] | |
| ResourceId: | |
| "Fn::Join": | |
| - '' | |
| - - service/ | |
| - !Sub ${Environment}-env-cluster | |
| - / | |
| - !GetAtt [MyECSService, Name] | |
| RoleARN: | |
| "Fn::ImportValue": main-groups-AutoScalingRoleArn | |
| ScalableDimension: ecs:service:DesiredCount | |
| ServiceNamespace: ecs | |
| ## | |
| ## Continuous Integration/Deployment | |
| ## | |
| MyAppPipeline: | |
| Type: "AWS::CodePipeline::Pipeline" | |
| DependsOn: ArtifactStoreS3Bucket | |
| Properties: | |
| RoleArn: | |
| "Fn::ImportValue": main-groups-CodePipelineRoleArn | |
| Stages: | |
| - | |
| Name: Source | |
| Actions: | |
| - | |
| Name: SourceFromGithub | |
| ActionTypeId: | |
| Category: Source | |
| Owner: ThirdParty | |
| Version: 1 | |
| Provider: GitHub | |
| OutputArtifacts: | |
| - | |
| Name: MyAppSource | |
| Configuration: | |
| Owner: *** | |
| Repo: *** | |
| PollForSourceChanges: true | |
| Branch: !Sub deploy-${Environment} | |
| OAuthToken: *** | |
| RunOrder: 1 | |
| - | |
| Name: Build | |
| Actions: | |
| - | |
| Name: BuildSource | |
| InputArtifacts: | |
| - | |
| Name: MyAppSource | |
| OutputArtifacts: | |
| - | |
| Name: imagedefinitions | |
| ActionTypeId: | |
| Category: Build | |
| Owner: AWS | |
| Version: 1 | |
| Provider: CodeBuild | |
| Configuration: | |
| ProjectName: | |
| Ref: MyAppCodeBuildProject | |
| RunOrder: 1 | |
| - | |
| Name: Deploy | |
| Actions: | |
| - | |
| Name: DeployAction | |
| InputArtifacts: | |
| - | |
| Name: imagedefinitions | |
| ActionTypeId: | |
| Category: Deploy | |
| Owner: AWS | |
| Version: 1 | |
| Provider: ECS | |
| Configuration: | |
| ClusterName: !Sub ${Environment}-env-cluster | |
| ServiceName: !GetAtt [MyECSService, Name] | |
| FileName: imagedefinitions.json | |
| RunOrder: 1 | |
| ArtifactStore: | |
| Type: S3 | |
| Location: !Ref ArtifactStoreS3Bucket | |
| ArtifactStoreS3Bucket: | |
| Type: AWS::S3::Bucket | |
| Properties: | |
| BucketName: myapp-pipeline-artifact-store | |
| AccessControl: Private | |
| VersioningConfiguration: | |
| Status: Enabled | |
| ## | |
| ## Code Build | |
| ## | |
| MyAppCodeBuildProject: | |
| Type: AWS::CodeBuild::Project | |
| Properties: | |
| ServiceRole: | |
| "Fn::ImportValue": main-groups-CodeBuildRole | |
| Artifacts: | |
| Type: CODEPIPELINE | |
| BadgeEnabled: 'false' | |
| Environment: | |
| Type: LINUX_CONTAINER | |
| ComputeType: BUILD_GENERAL1_SMALL | |
| Image: aws/codebuild/docker:17.09.0 | |
| Source: | |
| Type: CODEPIPELINE | |
| BuildSpec: buildspec.yml | |
| TimeoutInMinutes: 10 | |
| VpcConfig: | |
| VpcId: | |
| "Fn::ImportValue": main-vpc-VpcId | |
| Subnets: | |
| - Fn::ImportValue: main-vpc-PrivateSubnetA | |
| - Fn::ImportValue: main-vpc-PrivateSubnetB | |
| - Fn::ImportValue: main-vpc-PrivateSubnetC | |
| SecurityGroupIds: [!Ref CodeBuildSecurityGroup] | |
| CodeBuildSecurityGroup: | |
| Type: 'AWS::EC2::SecurityGroup' | |
| Properties: | |
| GroupDescription: 'CodeBuild SecurityGroup' | |
| VpcId: | |
| "Fn::ImportValue": main-vpc-VpcId | |
| ####################### | |
| ### | |
| ### OUTPUTS | |
| ### | |
| ####################### | |
| # Outputs: |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment