-
Notifications
You must be signed in to change notification settings - Fork 4
/
ECS.yml
212 lines (212 loc) · 6.27 KB
/
ECS.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
AWSTemplateFormatVersion: 2010-09-09
Parameters:
VpcId:
Type: 'AWS::EC2::VPC::Id'
Description: >-
Select a VPC that allows instances to access the Internet. Select same VPC
in which LoadBalancer was created.
SubnetId:
Type: 'List<AWS::EC2::Subnet::Id>'
Description: >-
Select at two subnets in your selected VPC. Select same Subnets in which
LoadBalancer was created.
ClusterName:
Type: String
Default: SampleCluster
Description: Name for the cluster where we will be deploying code to the containers.
EcsSecurityGroup:
Type: 'List<AWS::EC2::SecurityGroup::Id>'
Description: Select security group in your selected VPC.
AppTargetGroupName:
Type: String
Default: sample-target
Description: Target Group Name
Environment:
Type: String
Default: dev
Description: Envirnoment -- 'prod' / 'uat' / 'dev' / 'qa'
ECSTaskRoleArn:
Type: String
Default: 'arn:aws:iam::086429042168:role/ECS-Role'
Description: ECS Task role.
ECSTaskExecutionRoleArn:
Type: String
Default: 'arn:aws:iam::086429042168:role/ECS-Role'
Description: ECS Task execution role
DesiredCapacity:
Type: Number
Default: '0'
Description: Number of instances to launch in your ECS cluster.
MaxSize:
Type: Number
Default: '1'
Description: Maximum number of instances that can be launched in your ECS cluster.
ECSCluster:
Type: String
Default: SampleCluster
Description: ECS CLuster App ARN
ECSServiceName:
Type: String
Default: my-service
Description: This will be used to create service for ECS cluster.
ContainerPort:
Type: Number
Default: 80
Description: 'For Container Port'
HealthCheckPath:
Type: String
Default: /
Description: For Container Health Check
HttpForwardRuleForNginx:
Type: String
Default: sample
ALBListenerHttps:
Type: String
Default: >-
arn:aws:elasticloadbalancing:ap-south-1:086429042168:listener/app/Test-LB/30da2bbd79e0d63d/f757a30ff95ee6b0
Description: 'Https/Http ListenerArn, where we want to add the TargetGroup'
ECRRepositoryName:
Type: String
Default: sample-repo
Description: ECR repo name
EcrRepoArn:
Type: String
Default: 086429042168.dkr.ecr.ap-south-1.amazonaws.com
Description: ECR repo ARN. <Do not add repo name>
ListenerRulePriority:
Type: Number
Default: 1
Description: Listener Rule priority.
Resources:
AppCloudwatchLogsGroup:
Type: 'AWS::Logs::LogGroup'
Properties:
LogGroupName: !Join
- /
- - !Ref ClusterName
- !Ref ECSServiceName
RetentionInDays: 14
EcrRepo:
Type: 'AWS::ECR::Repository'
Properties:
RepositoryName: !Ref ECRRepositoryName
Tags:
- Key: stack-id
Value: !Ref 'AWS::StackName'
taskdef:
Type: 'AWS::ECS::TaskDefinition'
DependsOn:
- AppTargetGroup
- ECSALBListenerRuleForTG
Properties:
RequiresCompatibilities:
- FARGATE
Family: !Ref ECSServiceName
ContainerDefinitions:
- Name: !Ref ECSServiceName
Image: !Join
- ':'
- - !Join
- /
- - !Ref EcrRepoArn
- !Ref ECRRepositoryName
- latest
Essential: 'true'
PortMappings:
- HostPort: !Ref ContainerPort
Protocol: tcp
ContainerPort: !Ref ContainerPort
LogConfiguration:
LogDriver: awslogs
Options:
awslogs-group: !Join
- /
- - !Ref ClusterName
- !Ref ECSServiceName
awslogs-region: ap-south-1
awslogs-stream-prefix: !Ref ECSServiceName
Environment:
- Name: NODE_ENV
Value: !Ref Environment
- Name: PORT
Value: !Ref ContainerPort
NetworkMode: awsvpc
Memory: '1024'
Cpu: '512'
TaskRoleArn: !Ref ECSTaskRoleArn
ExecutionRoleArn: !Ref ECSTaskExecutionRoleArn
service:
Type: 'AWS::ECS::Service'
DependsOn: taskdef
Properties:
ServiceName: !Ref ECSServiceName
Cluster: !Ref ECSCluster
LaunchType: FARGATE
DesiredCount: !Ref DesiredCapacity
DeploymentConfiguration:
MaximumPercent: 200
MinimumHealthyPercent: 100
HealthCheckGracePeriodSeconds: 5
LoadBalancers:
- ContainerName: !Ref ECSServiceName
ContainerPort: !Ref ContainerPort
TargetGroupArn: !Ref AppTargetGroup
TaskDefinition: !Ref taskdef
NetworkConfiguration:
AwsvpcConfiguration:
SecurityGroups: !Ref EcsSecurityGroup
Subnets: !Ref SubnetId
AssignPublicIp: ENABLED
Tags:
- Key: Project
Value: training
- Key: resource
Value: ecs
- Key: env
Value: dev
- Key: 'created-by'
Value: Dhruv Singh
PropagateTags: SERVICE
AppTargetGroup:
Type: 'AWS::ElasticLoadBalancingV2::TargetGroup'
Properties:
HealthCheckIntervalSeconds: 10
HealthCheckPath: !Ref HealthCheckPath
HealthCheckProtocol: HTTP
HealthCheckTimeoutSeconds: 5
HealthyThresholdCount: 2
Name: !Ref AppTargetGroupName
Port: 80
Protocol: HTTP
UnhealthyThresholdCount: 2
VpcId: !Ref VpcId
TargetType: ip
ECSALBListenerRuleForTG:
Type: 'AWS::ElasticLoadBalancingV2::ListenerRule'
Properties:
Actions:
- Type: forward
TargetGroupArn: !Ref AppTargetGroup
Conditions:
- Field: http-header
HttpHeaderConfig:
HttpHeaderName: X-App-Name
Values:
- !Ref HttpForwardRuleForNginx
ListenerArn: !Ref ALBListenerHttps
Priority: !Ref ListenerRulePriority
Outputs:
service:
Value: !Ref service
taskdef:
Value: !Ref taskdef
AppTargetGroup:
Value: !Ref AppTargetGroup
ECRRepo:
Value: !Join
- ':'
- - !Join
- /
- - !Ref EcrRepoArn
- !Ref ECRRepositoryName
- latest