-
Notifications
You must be signed in to change notification settings - Fork 0
/
docker-ec2-cloudformation.yml
149 lines (147 loc) · 4.22 KB
/
docker-ec2-cloudformation.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
AWSTemplateFormatVersion: '2010-09-09'
Description: Use EC2 to Create a Lambda Function zip file
Parameters:
KeyName:
Description: Name of an existing EC2 KeyPair to enable SSH access
Default: esbi-dev
Type: AWS::EC2::KeyPair::KeyName
ConstraintDescription: Must be the name of an existing EC2 KeyPair
# Mapping to find the Amazon Linux AMI in each region.
Mappings:
RegionMap:
us-east-1:
AMI: ami-97785bed
us-east-2:
AMI: ami-f63b1193
us-west-1:
AMI: ami-824c4ee2
us-west-2:
AMI: ami-f2d3638a
ca-central-1:
AMI: ami-a954d1cd
eu-west-1:
AMI: ami-d834aba1
eu-west-2:
AMI: ami-403e2524
eu-west-3:
AMI: ami-8ee056f3
eu-central-1:
AMI: ami-5652ce39
sa-east-1:
AMI: ami-84175ae8
ap-south-1:
AMI: ami-531a4c3c
ap-southeast-1:
AMI: ami-68097514
ap-southeast-2:
AMI: ami-942dd1f6
ap-northeast-1:
AMI: ami-ceafcba8
ap-northeast-2:
AMI: ami-863090e8
Resources:
EC2Instance:
Type: AWS::EC2::Instance
Properties:
KeyName: !Ref 'KeyName'
SecurityGroups: [!Ref 'LambdaZipEC2SecurityGroup']
InstanceType: 't2.micro'
IamInstanceProfile:
Ref: EC2InstanceProfile
Tags:
-
Key: Name
Value: LambdaZip
ImageId: !FindInMap
- RegionMap
- !Ref 'AWS::Region'
- AMI
UserData:
Fn::Base64: !Sub |
#!/bin/bash
set -x
# Run update
sudo yum update -y
exec > >(tee /var/log/user-data.log|logger -t user-data ) 2>&1
# Get the latest CloudFormation package
echo "Installing aws-cfn"
yum install -y aws-cfn-bootstrap
# Start cfn-init
/opt/aws/bin/cfn-init -v -c install --stack ${AWS::StackId} --resource EC2Instance --region ${AWS::Region}
# Install git
sudo yum install -y git
# Install docker
sudo yum install -y docker
# Install docker-compose version:
sudo curl -L https://github.com/docker/compose/releases/download/1.21.0/docker-compose-$(uname -s)-$(uname -m) -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
# Allow ec2-user to run docker commands:
sudo usermod -a -G docker ec2-user
# Refresh bash_profile
source /home/ec2-user/.bash_profile
# Start the docker service:
sudo service docker start
# Pull the git hub image:
# cd /home/ec2-user/
# git clone https://github.com/username/repo.git
Metadata:
AWS::CloudFormation::Init:
configSets:
install:
- gcc
gcc:
packages:
yum:
gcc: []
DependsOn:
- LambdaZipEC2SecurityGroup
LambdaZipEC2SecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupName: LambdaZipEC2SG
GroupDescription: Enable Access for ESBI Stream App
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 80
ToPort: 80
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 8080
ToPort: 8080
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 22
ToPort: 22
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 5432
ToPort: 5432
CidrIp: 0.0.0.0/0
EC2Role:
Type: AWS::IAM::Role
Properties:
RoleName: LambdaZipEC2InstanceRole
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
-
Effect: "Allow"
Principal:
Service:
- "ec2.amazonaws.com"
Action:
- "sts:AssumeRole"
ManagedPolicyArns:
- arn:aws:iam::aws:policy/AmazonS3FullAccess
EC2InstanceProfile:
Type: AWS::IAM::InstanceProfile
Properties:
InstanceProfileName: LambdaZipEC2InstanceProfile
Roles:
-
Ref: EC2Role
Outputs:
LambdaZipEC2PublicDNSName:
Description: Public DNS Name of the EC2 instance to create a Lambda Instance
Value: !Join ["", ["http://", !GetAtt EC2Instance.PublicDnsName, ":8080"]]