-
Notifications
You must be signed in to change notification settings - Fork 2
SpotFleet CloudFormation #69
Changes from 11 commits
9284a4d
f009c38
3ad17c6
d640683
28fffd0
e4cb0dc
0c162c4
c0084f1
f32f655
85486c9
cc92b41
56c3e83
9438bba
0225f65
7656843
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
## How to Deploy | ||
|
||
```bash | ||
# BUCKET_NAME is used for `aws cloudformation package` | ||
# STACK_NAME is used for `aws cloudformation deploy` | ||
$ BUCKET_NAME=bucket-name STACK_NAME=stack-name bin/deploy | ||
``` |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
#!/bin/bash | ||
|
||
if [ -z "$BUCKET_NAME" ]; then | ||
echo 'BUCKET_NAME is required' | ||
exit 1 | ||
fi | ||
|
||
if [ -z "$STACK_NAME" ]; then | ||
echo 'STACK_NAME is required' | ||
exit 1 | ||
fi | ||
|
||
TEMPLATE_FILE=cloudformation.yml | ||
|
||
# Move project root | ||
cd "$(dirname "$(perl -e 'use Cwd "abs_path";print abs_path(shift)' "$0")")/.." || exit 1 | ||
|
||
sh -c 'cd ./functions/RunEcsTask && npm install && npm run build && cp -rf ./node_modules ./built/' | ||
|
||
mkdir -p ./built | ||
|
||
aws cloudformation package \ | ||
--template-file "$TEMPLATE_FILE" \ | ||
--output-template-file ./built/cloudformation.yml \ | ||
--s3-bucket "$BUCKET_NAME" | ||
|
||
aws cloudformation deploy \ | ||
--capabilities CAPABILITY_NAMED_IAM \ | ||
--template-file built/cloudformation.yml \ | ||
--stack-name "$STACK_NAME" |
Original file line number | Diff line number | Diff line change | ||
---|---|---|---|---|
@@ -1,4 +1,5 @@ | ||||
AWSTemplateFormatVersion: "2010-09-09" | ||||
Transform: AWS::Serverless-2016-10-31 | ||||
Description: revieee development settings | ||||
Resources: | ||||
|
||||
|
@@ -163,6 +164,71 @@ Resources: | |||
Properties: | ||||
ClusterName: !Join [ "-", [ !Ref "AWS::StackName", RevieeeCluster ] ] | ||||
|
||||
#------ SpotFleet ---------# | ||||
EcsSpotFleetRequest: | ||||
Type: AWS::EC2::SpotFleet | ||||
Properties: | ||||
SpotFleetRequestConfigData: | ||||
IamFleetRole: !GetAtt FleetIAMRole.Arn | ||||
SpotPrice: !Ref SpotPrice | ||||
TargetCapacity: !Ref TargetCapacity | ||||
LaunchSpecifications: | ||||
# NOTE: | ||||
# If you want to use other type of ec2 instances, | ||||
# fix these parameters | ||||
- EbsOptimized: 'false' | ||||
InstanceType: 'm4.large' | ||||
ImageId: 'ami-3a000e5d' | ||||
WeightedCapacity: '4' | ||||
UserData: | ||||
Fn::Base64: !Sub | | ||||
#!/bin/bash | ||||
echo ECS_CLUSTER=${ECSCluster} >> /etc/ecs/ecs.config | ||||
NetworkInterfaces: | ||||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. このプロパティはいらないような?
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. このプロパティは、NetworkInterfacesのDeleteOnTerminationをtrueにするために書きました。 明示的に指定しない場合、Subnet設定だけで Network Interfaceが消えるという資料を見つけられなかったからです。とはいえ、この設定だといるかいらないか判断かつかないので、一回消してみて、Network Interfaceが消えなかったら、再度対応します! |
||||
AssociatePublicIpAddress: ture | ||||
DeviceIndex: 0 | ||||
SubnetId: !Ref ContainerInstanceSubnet1a | ||||
Groups: | ||||
- !GetAtt ContainerInstanceSecurityGroup.GroupId | ||||
DeleteOnTermination: true | ||||
|
||||
- EbsOptimizes: 'false' | ||||
InstanceType: 'm3.large' | ||||
ImageId: 'ami-3a000e5d' | ||||
SubnetId: | ||||
Ref: ContainerInstanceSubnet1c | ||||
WeightedCapacity: '1' | ||||
UserData: | ||||
Fn::Base64: !Sub | | ||||
#!/bin/bash | ||||
echo ECS_CLUSTER=${ECSCluster} >> /etc/ecs/ecs.config | ||||
NetworkInterfaces: | ||||
AssociatePublicIpAddress: ture | ||||
DeviceIndex: 0 | ||||
SubnetId: !Ref ContainerInstanceSubnet1a | ||||
Groups: | ||||
- !GetAtt ContainerInstanceSecurityGroup.GroupId | ||||
DeleteOnTermination: true | ||||
|
||||
FleetIAMRole: | ||||
Type: AWS::IAM::Role | ||||
Properties: | ||||
AssumeRolePolicyDocument: | ||||
Version: 2012-10-17 | ||||
Statement: | ||||
- | ||||
Effect: Allow | ||||
Principal: | ||||
Service: | ||||
- ec2.amazonaws.com | ||||
Action: | ||||
- sts:AssumeRole | ||||
ManagedPolicyArns: | ||||
- 'arn:aws:iam::951787653356:role/revieee-spot-fleeet-role' | ||||
RoleName: !Join [ "-", [ !Ref "AWS::StackName", FleetIAMRole ] ] | ||||
|
||||
#------- SpotFleet/ --------# | ||||
|
||||
EndpointInstanceIamRole: | ||||
Type: AWS::IAM::Role | ||||
Properties: | ||||
|
@@ -199,6 +265,159 @@ Resources: | |||
Value: RevieeeEndpointInstance | ||||
# UserData: [TODO] run itamae | ||||
|
||||
# ------ API Gateway ------ | ||||
|
||||
ApiRole: | ||||
Type: AWS::IAM::Role | ||||
Properties: | ||||
AssumeRolePolicyDocument: | ||||
Version: 2012-10-17 | ||||
Statement: | ||||
- | ||||
Effect: Allow | ||||
Principal: | ||||
Service: | ||||
- apigateway.amazonaws.com | ||||
Action: | ||||
- sts:AssumeRole | ||||
Policies: | ||||
- PolicyDocument: | ||||
Version: 2012-10-17 | ||||
Statement: | ||||
- Effect: Allow | ||||
Action: "states:*" | ||||
Resource: "*" | ||||
PolicyName: !Join [ "-", [ !Ref "AWS::StackName", AWSStepFunctionsFullAccess ] ] | ||||
RoleName: !Join [ "-", [ !Ref "AWS::StackName", RevieeeApiRole ] ] | ||||
|
||||
RevieeeApi: | ||||
Type: AWS::ApiGateway::RestApi | ||||
Properties: | ||||
Name: !Join [ "-", [ !Ref "AWS::StackName", RevieeeApi ] ] | ||||
RevieeeApiResource: | ||||
Type: AWS::ApiGateway::Resource | ||||
Properties: | ||||
RestApiId: !Ref RevieeeApi | ||||
ParentId: !GetAtt RevieeeApi.RootResourceId | ||||
PathPart: "stage" | ||||
RevieeeApiCreateMethod: | ||||
Type: AWS::ApiGateway::Method | ||||
Properties: | ||||
RestApiId: !Ref RevieeeApi | ||||
ResourceId: !Ref RevieeeApiResource | ||||
AuthorizationType: NONE | ||||
HttpMethod: POST | ||||
Integration: | ||||
IntegrationHttpMethod: POST | ||||
IntegrationResponses: | ||||
- StatusCode: 200 | ||||
PassthroughBehavior: WHEN_NO_TEMPLATES | ||||
RequestTemplates: | ||||
application/json: !Sub | ||||
- |- | ||||
{ | ||||
"input": "{}", | ||||
"name": "Hello", | ||||
"stateMachineArn": "${stateMachineArn}" | ||||
} | ||||
- { stateMachineArn: !Ref StateMachineCreate } | ||||
Type: AWS | ||||
Uri: !Join [ "", [ "arn:aws:apigateway:", !Ref "AWS::Region", ":states:action/StartExecution" ] ] | ||||
Credentials: !GetAtt ApiRole.Arn | ||||
MethodResponses: | ||||
- StatusCode: 200 | ||||
ApiDeployment: | ||||
Type: AWS::ApiGateway::Deployment | ||||
DependsOn: RevieeeApiCreateMethod | ||||
Properties: | ||||
RestApiId: !Ref RevieeeApi | ||||
StageName: pub | ||||
|
||||
# ------ /API Gateway ------ | ||||
|
||||
# ------ StepFunctions ------ | ||||
|
||||
StateMachineRole: | ||||
Type: AWS::IAM::Role | ||||
Properties: | ||||
AssumeRolePolicyDocument: | ||||
Version: 2012-10-17 | ||||
Statement: | ||||
- | ||||
Effect: Allow | ||||
Principal: | ||||
Service: | ||||
- states.ap-northeast-1.amazonaws.com | ||||
Action: | ||||
- sts:AssumeRole | ||||
Policies: | ||||
- PolicyDocument: | ||||
Version: 2012-10-17 | ||||
Statement: | ||||
- Effect: Allow | ||||
Action: "lambda:InvokeFunction" | ||||
Resource: "*" | ||||
PolicyName: !Join [ "-", [ !Ref "AWS::StackName", StatesExecutionPolicy ] ] | ||||
RoleName: !Join [ "-", [ !Ref "AWS::StackName", RevieeeStateMachineRole ] ] | ||||
|
||||
StateMachineCreate: | ||||
Type: AWS::StepFunctions::StateMachine | ||||
Properties: | ||||
DefinitionString: !Sub | ||||
- |- | ||||
{ | ||||
"Comment": "Run ECS Task", | ||||
"StartAt": "RunEcsTask", | ||||
"States": { | ||||
"RunEcsTask": { | ||||
"Type": "Task", | ||||
"Resource": "${taskArn}", | ||||
"End": true | ||||
} | ||||
} | ||||
} | ||||
- { "taskArn": !Ref RunEcsTaskFunction } | ||||
RoleArn: !GetAtt StateMachineRole.Arn | ||||
|
||||
# ------ /StepFunctions ------ | ||||
|
||||
# ------ Lambda ------ | ||||
|
||||
RunEcsTaskFunctionRole: | ||||
Type: AWS::IAM::Role | ||||
Properties: | ||||
AssumeRolePolicyDocument: | ||||
Version: 2012-10-17 | ||||
Statement: | ||||
- | ||||
Effect: Allow | ||||
Principal: | ||||
Service: | ||||
- lambda.amazonaws.com | ||||
Action: | ||||
- sts:AssumeRole | ||||
Policies: | ||||
- PolicyDocument: | ||||
Version: 2012-10-17 | ||||
Statement: | ||||
- Effect: Allow | ||||
Action: "ecs:RunTask" | ||||
Resource: "*" | ||||
PolicyName: !Join [ "-", [ !Ref "AWS::StackName", RunEcsTaskFunctionPolicy ] ] | ||||
ManagedPolicyArns: | ||||
- 'arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole' | ||||
RoleName: !Join [ "-", [ !Ref "AWS::StackName", RevieeeRunEcsTaskFunctionRole ] ] | ||||
|
||||
RunEcsTaskFunction: | ||||
Type: AWS::Serverless::Function | ||||
Properties: | ||||
Handler: index.handler | ||||
Runtime: nodejs6.10 | ||||
CodeUri: ./functions/RunEcsTask/built/ | ||||
Role: !GetAtt RunEcsTaskFunctionRole.Arn | ||||
|
||||
# ------ /Lambda ------ | ||||
|
||||
# Parameter | ||||
Parameters: | ||||
SSHPort: | ||||
|
@@ -209,6 +428,13 @@ Parameters: | |||
Type: String | ||||
AcceptCidrIp: | ||||
Type: String | ||||
# Parameters for SpotFleetRequest | ||||
SpotPrice: | ||||
Default: 0.139 | ||||
Type: Number | ||||
TargetCapacity: | ||||
Default: 2 | ||||
Type: Number | ||||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. @pataiji There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 差分、見やすい様に lambda-endpointをmerge先に向けています。 There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. @pataiji |
||||
|
||||
Conditions: | ||||
SSHKeySpecified: | ||||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
{ | ||
"name": "run-ecs-task", | ||
"version": "0.0.1", | ||
"description": "Lambda function that to run ECS Task", | ||
"main": "index.js", | ||
"scripts": { | ||
"build": "tsc -p ./tsconfig.json", | ||
"clean": "rm -rf ./built" | ||
}, | ||
"author": "", | ||
"license": "MIT", | ||
"repository": { | ||
"type": "git", | ||
"url": "git://github.com/speee/webapp-revieee" | ||
}, | ||
"devDependencies": { | ||
"@types/aws-lambda": "0.0.12", | ||
"@types/node": "^7.0.31", | ||
"aws-sdk": "^2.71.0", | ||
"tslint": "^5.4.3", | ||
"typescript": "^2.3.4" | ||
} | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
import { Callback, Context } from "aws-lambda"; | ||
import * as AWS from "aws-sdk"; | ||
|
||
const ecs = new AWS.ECS(); | ||
|
||
export function handler(event: any, context: Context, callback: Callback) { | ||
const envBranch: AWS.ECS.KeyValuePair = { | ||
name: "BRANCH", | ||
value: "master", | ||
}; | ||
const containerOverride: AWS.ECS.ContainerOverride = { | ||
name: "main", | ||
environment: [envBranch], | ||
}; | ||
const taskOverride: AWS.ECS.TaskOverride = { | ||
containerOverrides: [containerOverride], | ||
}; | ||
const params: AWS.ECS.RunTaskRequest = { | ||
cluster: "revieee", | ||
taskDefinition: "arn:aws:ecs:ap-northeast-1:951787653356:task-definition/im-ieul-core:3", | ||
overrides: taskOverride, | ||
}; | ||
|
||
(async () => { | ||
return await ecs.runTask(params).promise(); | ||
})().then((result: AWS.ECS.RunTaskResponse) => { | ||
console.log(result.tasks); | ||
callback(null, result.tasks[0].taskArn); | ||
}).catch((err: AWS.AWSError) => { | ||
callback(err); | ||
}); | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
parametersでinstanceType指定できるようにした方が良い気がします。(デフォルト設定はいれておいて)
weightを偏らせているのでMainInstanceTypeとSubInstanceTypeとか?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
たしかに!
parameterに入れといた方が、typeやidを変えたいときに、コード変えなくても大丈夫ですしね。
対応しておきます