Skip to content
This repository has been archived by the owner on Sep 25, 2020. It is now read-only.

Commit

Permalink
Merge pull request #62 from speee/cloud_formation
Browse files Browse the repository at this point in the history
CloudFormation for Revieee
  • Loading branch information
pataiji authored Jun 9, 2017
2 parents bfad84f + 7fa9df7 commit 8c1d620
Show file tree
Hide file tree
Showing 109 changed files with 227 additions and 8 deletions.
16 changes: 8 additions & 8 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -5,20 +5,20 @@
# git config --global core.excludesfile '~/.gitignore_global'

# Ignore bundler config.
/.bundle
application/.bundle

# Ignore all logfiles and tempfiles.
/log/*
/tmp/*
!/log/.keep
!/tmp/.keep
application/log/*
application/tmp/*
!application/log/.keep
!application/tmp/.keep

# Ignore Byebug command history file.
.byebug_history

config/settings.local.yml
config/settings/*.local.yml
config/environments/*.local.yml
application/config/settings.local.yml
application/config/settings/*.local.yml
application/config/environments/*.local.yml

# Ignore envrc
/.envrc
Expand Down
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
219 changes: 219 additions & 0 deletions infrastructure/cloudformation.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,219 @@
AWSTemplateFormatVersion: "2010-09-09"
Description: revieee development settings
Resources:

# VPC
## VPC Base
RevieeeVPC:
Type: AWS::EC2::VPC
Properties:
CidrBlock: 10.1.0.0/16
EnableDnsSupport: "true"
EnableDnsHostnames: "true"
InstanceTenancy: default
Tags:
- Key: Name
Value: RevieeeDevelopmentVPC
## Revieee Internet Gateway
RevieeeIGW:
Type: AWS::EC2::InternetGateway
Properties:
Tags:
- Key: Name
Value: RevieeeIGW
## Attach Internet Gateway To VPC
AttachIGWtoVPC:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
InternetGatewayId: !Ref RevieeeIGW
VpcId: !Ref RevieeeVPC

# Subnet
## Webhook Server
### Subnet 1a
RevieeeAppSubnet1a:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref RevieeeVPC
AvailabilityZone: ap-northeast-1a
CidrBlock: 10.1.192.0/26
MapPublicIpOnLaunch: true
Tags:
- Key: Name
Value: RevieeeAppSubnet1a
### Subnet 1c
RevieeeAppSubnet1c:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref RevieeeVPC
AvailabilityZone: ap-northeast-1c
CidrBlock: 10.1.192.64/26
MapPublicIpOnLaunch: true
Tags:
- Key: Name
Value: RevieeeAppSubnet1c
## ECS Container Instance
### Subnet1a
ContainerInstanceSubnet1a:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref RevieeeVPC
AvailabilityZone: ap-northeast-1a
CidrBlock: 10.1.194.0/26
MapPublicIpOnLaunch: true
Tags:
- Key: Name
Value: ContainerInstanceSubnet1a
### Subnet1c
ContainerInstanceSubnet1c:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref RevieeeVPC
AvailabilityZone: ap-northeast-1c
CidrBlock: 10.1.194.64/26
MapPublicIpOnLaunch: true
Tags:
- Key: Name
Value: ContainerInstanceSubnet1c
# Route Table
## Public Route Table
PublicRouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref RevieeeVPC
Tags:
- Key: Name
Value: PublicRouteTable
RouteAddInternet:
Type: AWS::EC2::Route
Properties:
DestinationCidrBlock: "0.0.0.0/0"
GatewayId: !Ref RevieeeIGW
RouteTableId: !Ref PublicRouteTable
### App Server Route Table Association
AssociateAppSubnet1aToPublicRouteTable:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId: !Ref PublicRouteTable
SubnetId: !Ref RevieeeAppSubnet1a
AssociateAppSubnet1cToPublicRouteTable:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId: !Ref PublicRouteTable
SubnetId: !Ref RevieeeAppSubnet1c
### Container Instance Route Table Association
AssociateContainerInstanceSubnet1aToPublicRouteTable:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId: !Ref PublicRouteTable
SubnetId: !Ref ContainerInstanceSubnet1a
AssociateContainerInstanceSubnet1cToPublicRouteTable:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId: !Ref PublicRouteTable
SubnetId: !Ref ContainerInstanceSubnet1c

# SecurityGroup
## AppServer Security Group
RevieeeAppServerSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
VpcId: !Ref RevieeeVPC
GroupDescription: "Security Group for Revieee App Server"
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 80
ToPort: 80
CidrIp: !Ref AcceptCidrIp
- IpProtocol: tcp
FromPort: 443
ToPort: 443
CidrIp: !Ref AcceptCidrIp
- IpProtocol: tcp
FromPort: !Ref SSHPort
ToPort: !Ref SSHPort
CidrIp: !Ref AcceptCidrIp
GroupName: !Join [ "-", [ !Ref "AWS::StackName", RevieeeAppServerSecurityGroup ] ]
Tags:
- Key: Name
Value: RevieeeAppServerSecurityGroup

## ECS Container Instance
ContainerInstanceSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
VpcId: !Ref RevieeeVPC
GroupDescription: "Security Group for Revieee Container Instance"
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 32768
ToPort: 61000
SourceSecurityGroupId: !Ref RevieeeAppServerSecurityGroup
- IpProtocol: tcp
FromPort: !Ref SSHPort
ToPort: !Ref SSHPort
CidrIp: !Ref AcceptCidrIp
GroupName: !Join [ "-", [ !Ref "AWS::StackName", RevieeeContainerInstanceSecurityGroup ] ]
Tags:
- Key: Name
Value: RevieeeContainerInstanceSecurityGroup

EcsCluster:
Type: AWS::ECS::Cluster
Properties:
ClusterName: !Join [ "-", [ !Ref "AWS::StackName", RevieeeCluster ] ]

EndpointInstanceIamRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: 2012-10-17
Statement:
-
Effect: Allow
Principal:
Service:
- ec2.amazonaws.com
Action:
- sts:AssumeRole
RoleName: !Join [ "-", [ !Ref "AWS::StackName", RevieeeEndpointInstanceIamRole ] ]

EndpointInstanceProfile:
Type: AWS::IAM::InstanceProfile
Properties:
Roles:
- !Ref EndpointInstanceIamRole

EndpointInstance:
Type: AWS::EC2::Instance
Properties:
IamInstanceProfile: !Ref EndpointInstanceProfile
ImageId: ami-923d12f5
InstanceType: t2.micro
KeyName: !If [ SSHKeySpecified, !Ref SSHKey, !Ref "AWS::NoValue" ]
SecurityGroupIds:
- !GetAtt RevieeeAppServerSecurityGroup.GroupId
SubnetId: !Ref RevieeeAppSubnet1c
Tags:
- Key: Name
Value: RevieeeEndpointInstance
# UserData: [TODO] run itamae

# Parameter
Parameters:
SSHPort:
Default: 22
Type: Number
SSHKey:
Default: ""
Type: String
AcceptCidrIp:
Type: String

Conditions:
SSHKeySpecified:
!Not [ !Equals [ !Ref SSHKey, "" ] ]

Outputs:
EcsClusterName:
Value: !Ref EcsCluster

0 comments on commit 8c1d620

Please sign in to comment.