API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 27th, 2023
54
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
YAML 5.33 KB | None | 0 0
raw download clone embed print report
  1. AWSTemplateFormatVersion: 2010-09-09
  2. Description: Creating ECS service
  3. Parameters:
  4.   AppName:
  5.     Type: String
  6.     Description: Name of app requiring ELB exposure
  7.     Default: simple-app
  8.   AppContainerPort:
  9.     Type: Number
  10.     Description: Container port of app requiring ELB exposure
  11.     Default: "80"
  12.   AppHostPort:
  13.     Type: Number
  14.     Description: Host port of app requiring ELB exposure
  15.     Default: "80"
  16.   ServiceName:
  17.     Type: String
  18.     Default: "MiggeTest"
  19.   LoadBalancerName:
  20.     Type: String
  21.     Default: MiggeTestLoadBalancer
  22.   HealthCheckGracePeriodSeconds:
  23.     Type: String
  24.     Default: "30"
  25.   DockerImageTimerService:
  26.     Description: Docker image for EC2Instance1
  27.     Type: String
  28.     Default: gitlab.my-company.com:4567/platform/dummy-service/master:latest@sha256:fda95bc8fb7be463c1e704981ef40a00fb32d5032962325a7cd6881833611ace
  29.   DockerImageExternalAPIService:
  30.     Description: Docker image for the External API Service
  31.     Type: String
  32.     Default: gitlab.my-company.com:4567/platform/api-service/master:ffba5a5116adece9fcf72315da31967dc6c85f44
  33.  
  34. Resources:
  35.   cluster:
  36.     Type: AWS::ECS::Cluster
  37.  
  38.   DockerUsername:
  39.     Type: AWS::SSM::Parameter
  40.     Properties:
  41.       Name: docker-username
  42.       Description: gitlab user
  43.       Tier: Intelligent-Tiering
  44.       Value: my-user
  45.       Type: String
  46.  
  47.   DockerPassword:
  48.     Type: AWS::SSM::Parameter
  49.     Properties:
  50.       Name: docker-password
  51.       Description: gitlab user
  52.       Tier: Intelligent-Tiering
  53.       Value: my-password
  54.       Type: String
  55.  
  56.   DockerCredentialsSecret:
  57.     Type: AWS::SecretsManager::Secret
  58.     Properties:
  59.       Name: DockerCredentials
  60.       Description: Secret for storing Docker credentials
  61.       SecretString:
  62.         Fn::Sub: '{"username": "${DockerUsername}", "password": "${DockerPassword}"}'
  63.  
  64.   taskdefinition:
  65.     Type: AWS::ECS::TaskDefinition
  66.     Properties:
  67.       ExecutionRoleArn: !GetAtt TaskRole.Arn
  68.       ContainerDefinitions:
  69.         - Name: !Ref AppName
  70.           MountPoints:
  71.             - SourceVolume: my-vol
  72.               ContainerPath: /var/www/my-vol
  73.           Image: !Ref DockerImageTimerService
  74.           RepositoryCredentials:
  75.             CredentialsParameter: !Ref DockerCredentialsSecret
  76.           Cpu: "10"
  77.           PortMappings:
  78.             - ContainerPort: !Ref AppContainerPort
  79.               HostPort: !Ref AppHostPort
  80.           EntryPoint:
  81.            - /usr/sbin/apache2
  82.             - "-D"
  83.             - FOREGROUND
  84.           Memory: "500"
  85.           Essential: true
  86.         - Name: api-service
  87.           Image: !Ref DockerImageExternalAPIService
  88.           RepositoryCredentials:
  89.             CredentialsParameter: !Ref DockerCredentialsSecret
  90.           Cpu: "10"
  91.           EntryPoint:
  92.            - sh
  93.             - "-c"
  94.           Memory: "500"
  95.           Command:
  96.            - >-
  97.               /bin/sh -c "while true; do /bin/date > /var/www/my-vol/date; sleep
  98.              1; done"
  99.           Essential: false
  100.           VolumesFrom:
  101.             - SourceContainer: !Ref AppName
  102.       Volumes:
  103.         - Host:
  104.             SourcePath: /var/lib/docker/vfs/dir/
  105.           Name: my-vol
  106.  
  107.   TaskRole:
  108.     Type: AWS::IAM::Role
  109.     Properties:
  110.       AssumeRolePolicyDocument:
  111.         Version: "2012-10-17"
  112.         Statement:
  113.           - Effect: Allow
  114.             Principal:
  115.               Service: ecs-tasks.amazonaws.com
  116.             Action: sts:AssumeRole
  117.   service:
  118.     Type: AWS::ECS::Service
  119.     Properties:
  120.       Cluster: !Ref cluster
  121.       DeploymentConfiguration:
  122.         MaximumPercent: 200
  123.         MinimumHealthyPercent: 100
  124.       DesiredCount: 1
  125.       HealthCheckGracePeriodSeconds: !Ref HealthCheckGracePeriodSeconds
  126.       LoadBalancers:
  127.         - ContainerName: !Ref AppName
  128.           ContainerPort: !Ref AppContainerPort
  129.           LoadBalancerName: !Ref elb
  130.       PlacementStrategies:
  131.         - Type: binpack
  132.           Field: memory
  133.         - Type: spread
  134.           Field: host
  135.       PlacementConstraints:
  136.         - Type: memberOf
  137.           Expression: "attribute:ecs.availability-zone != us-east-1d"
  138.         - Type: distinctInstance
  139.       TaskDefinition: !Ref taskdefinition
  140.       ServiceName: !Ref ServiceName
  141.       Role: !Ref Role
  142.  
  143.   elb:
  144.     Type: AWS::ElasticLoadBalancing::LoadBalancer
  145.     Properties:
  146.       LoadBalancerName: !Ref LoadBalancerName
  147.       Listeners:
  148.         - InstancePort: !Ref AppHostPort
  149.           LoadBalancerPort: "80"
  150.           Protocol: HTTP
  151.       Subnets:
  152.        - !Ref Subnet1
  153.     DependsOn: GatewayAttachment
  154.   VPC:
  155.     Type: AWS::EC2::VPC
  156.     Properties:
  157.       CidrBlock: 10.0.0.0/24
  158.   Subnet1:
  159.     Type: AWS::EC2::Subnet
  160.     Properties:
  161.       VpcId: !Ref VPC
  162.       CidrBlock: 10.0.0.0/25
  163.   InternetGateway:
  164.     Type: AWS::EC2::InternetGateway
  165.   GatewayAttachment:
  166.     Type: AWS::EC2::VPCGatewayAttachment
  167.     Properties:
  168.       InternetGatewayId: !Ref InternetGateway
  169.       VpcId: !Ref VPC
  170.   Role:
  171.     Type: AWS::IAM::Role
  172.     Properties:
  173.       AssumeRolePolicyDocument:
  174.         Version: 2008-10-17
  175.         Statement:
  176.           - Sid: ""
  177.             Effect: Allow
  178.             Principal:
  179.               Service: ecs.amazonaws.com
  180.             Action: "sts:AssumeRole"
  181.       ManagedPolicyArns:
  182.        - "arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceRole"
  183. Outputs:
  184.   Cluster:
  185.     Value: !Ref cluster
  186.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!