Last active
April 21, 2022 15:06
-
-
Save CodingLink/8742f872d76cc5093d11bcf50f91e0f4 to your computer and use it in GitHub Desktop.
模块 10 – 指导实验:使用 AWS CloudFormation 实现自动化基础设施部署
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| AWSTemplateFormatVersion: 2010-09-09 | |
| Description: Cafe application | |
| Parameters: | |
| LatestAmiId: | |
| Type: 'AWS::SSM::Parameter::Value<AWS::EC2::Image::Id>' | |
| Default: '/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2' | |
| CafeNetworkParameter: | |
| Type: String | |
| Default: update-cafe-network | |
| InstanceTypeParameter: | |
| Type: String | |
| Default: t2.small | |
| AllowedValues: | |
| - t2.micro | |
| - t2.small | |
| - t3.micro | |
| Description: Enter t2.micro, t2.small, t3.micro. Default is t2.small. | |
| Mappings: | |
| RegionMap: | |
| us-east-1: | |
| "keypair": "vockey" | |
| us-west-2: | |
| "keypair": "cafe-oregon" | |
| Resources: | |
| CafeSG: | |
| Type: 'AWS::EC2::SecurityGroup' | |
| Properties: | |
| GroupDescription: Enable SSH, HTTP access | |
| VpcId: !ImportValue | |
| 'Fn::Sub': '${CafeNetworkParameter}-VpcID' | |
| Tags: | |
| - Key: Name | |
| Value: CafeSG | |
| SecurityGroupIngress: | |
| - IpProtocol: tcp | |
| FromPort: '80' | |
| ToPort: '80' | |
| CidrIp: 0.0.0.0/0 | |
| - IpProtocol: tcp | |
| FromPort: '22' | |
| ToPort: '22' | |
| CidrIp: 0.0.0.0/0 | |
| CafeInstance: | |
| Type: 'AWS::EC2::Instance' | |
| Properties: | |
| ## 一个引用 LatestAmiId 参数的 ImageId | |
| ImageId: !Ref LatestAmiId | |
| InstanceType: !Ref InstanceTypeParameter | |
| KeyName: !FindInMap [RegionMap, !Ref "AWS::Region", keypair] | |
| IamInstanceProfile: 'CafeRole' | |
| NetworkInterfaces: | |
| - DeviceIndex: '0' | |
| AssociatePublicIpAddress: 'true' | |
| SubnetId: !ImportValue | |
| 'Fn::Sub': '${CafeNetworkParameter}-SubnetID' | |
| GroupSet: | |
| - !Ref CafeSG | |
| Tags: | |
| - Key: Name | |
| Value: Cafe Web Server | |
| UserData: | |
| Fn::Base64: | |
| !Sub | | |
| #!/bin/bash | |
| yum -y update | |
| yum install -y httpd mariadb-server wget | |
| amazon-linux-extras install -y lamp-mariadb10.2-php7.2 php7.2 | |
| systemctl enable httpd | |
| systemctl start httpd | |
| systemctl enable mariadb | |
| systemctl start mariadb | |
| wget https://aws-tc-largeobjects.s3-us-west-2.amazonaws.com/ILT-TF-200-ACACAD-20-EN/mod10-challenge/cafe-app.sh | |
| chmod +x cafe-app.sh | |
| ./cafe-app.sh | |
| Outputs: | |
| WebServerPublicIP: | |
| Value: !GetAtt 'CafeInstance.PublicIp' |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| AWSTemplateFormatVersion: 2010-09-09 | |
| Description: Network layer for the cafe | |
| Resources: | |
| VPC: | |
| Type: AWS::EC2::VPC | |
| Properties: | |
| CidrBlock: 10.0.0.0/16 | |
| EnableDnsSupport: true | |
| EnableDnsHostnames: true | |
| Tags: | |
| - Key: Name | |
| Value: Cafe VPC | |
| IGW: | |
| Type: AWS::EC2::InternetGateway | |
| Properties: | |
| Tags: | |
| - Key: Name | |
| Value: Cafe IGW | |
| VPCtoIGWConnection: | |
| Type: AWS::EC2::VPCGatewayAttachment | |
| DependsOn: | |
| - IGW | |
| - VPC | |
| Properties: | |
| InternetGatewayId: !Ref IGW | |
| VpcId: !Ref VPC | |
| PublicRouteTable: | |
| Type: AWS::EC2::RouteTable | |
| DependsOn: VPC | |
| Properties: | |
| VpcId: !Ref VPC | |
| Tags: | |
| - Key: Name | |
| Value: Cafe Public Route Table | |
| PublicRoute: | |
| Type: AWS::EC2::Route | |
| DependsOn: | |
| - PublicRouteTable | |
| - VPCtoIGWConnection | |
| Properties: | |
| DestinationCidrBlock: 0.0.0.0/0 | |
| GatewayId: !Ref IGW | |
| RouteTableId: !Ref PublicRouteTable | |
| PublicSubnet: | |
| Type: AWS::EC2::Subnet | |
| DependsOn: VPC | |
| Properties: | |
| VpcId: !Ref VPC | |
| MapPublicIpOnLaunch: true | |
| CidrBlock: 10.0.0.0/24 | |
| AvailabilityZone: !Select | |
| - 0 | |
| - !GetAZs | |
| Ref: AWS::Region | |
| Tags: | |
| - Key: Name | |
| Value: Cafe Public Subnet | |
| PublicRouteTableAssociation: | |
| Type: AWS::EC2::SubnetRouteTableAssociation | |
| DependsOn: | |
| - PublicRouteTable | |
| - PublicSubnet | |
| Properties: | |
| RouteTableId: !Ref PublicRouteTable | |
| SubnetId: !Ref PublicSubnet | |
| Outputs: | |
| PublicSubnet: | |
| Description: The subnet ID to use for public web servers | |
| Value: | |
| Ref: PublicSubnet | |
| Export: | |
| Name: | |
| 'Fn::Sub': '${AWS::StackName}-SubnetID' | |
| VpcId: | |
| Description: The VPC ID | |
| Value: | |
| Ref: VPC | |
| Export: | |
| Name: | |
| 'Fn::Sub': '${AWS::StackName}-VpcID' | |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| AWSTemplateFormatVersion: "2010-09-09" | |
| Description: cafe S3 template | |
| Resources: | |
| S3Bucket: | |
| Type: AWS::S3::Bucket | |
| ## Attach a deletion policy that will retain the bucket | |
| DeletionPolicy: Retain | |
| Properties: | |
| AccessControl: PublicRead | |
| WebsiteConfiguration: | |
| IndexDocument: index.html | |
| ErrorDocument: error.html | |
| outputs: | |
| S3BucketName: | |
| Description: Name of the S3 bucket | |
| Value: !Ref S3Bucket | |
| S3BucketDomainName: | |
| Description: Domain name of the S3 bucket | |
| Value: !Join [ "", [ "http://", !Ref S3Bucket, ".s3-website-", !Ref AWS::Region, ".amazonaws.com" ] ] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment