HUECTRUM · January 25, 2024 17:22
diff --git a/cdk-stack.ts b/cdk-stack.ts
 import * as cdk from 'aws-cdk-lib';
 import {Construct} from 'constructs';
 import {Peer, Port, SecurityGroup, Vpc} from "aws-cdk-lib/aws-ec2";
 import {Cluster, ContainerImage, FargateService, FargateTaskDefinition, LogDrivers} from "aws-cdk-lib/aws-ecs";
 import {DockerImageAsset} from "aws-cdk-lib/aws-ecr-assets";
 import {CfnCacheCluster, CfnSubnetGroup} from "aws-cdk-lib/aws-elasticache";
 import path = require("path");

 export class CdkStack extends cdk.Stack {
    constructor(scope: Construct, id: string, props?: cdk.StackProps) {
        super(scope, id, props);

        const vpc = Vpc.fromLookup(this, 'default-vpc', {isDefault: true, region: 'us-east-1'});

        const ecsSecurityGroup = SecurityGroup.fromSecurityGroupId(this, 'ecs-secgroup', 'sg-0d993e7d03d5f50ed', {
            mutable: true
        })

        //redis
        const redisSubnetGroup = new CfnSubnetGroup(this, 'redis-subnet-group', {
                description: 'Redis subnet group',
                subnetIds: vpc.publicSubnets.map((ps) => ps.subnetId),
                cacheSubnetGroupName: 'Redis-Subnet-Group',
            }
        );

        const redisSecurityGroup = new SecurityGroup(this, 'redis-security-group', {
                vpc: vpc,
                allowAllOutbound: true
            }
        );

        redisSecurityGroup.addIngressRule(
            Peer.anyIpv4(),
            Port.tcp(6379),
            'connect to redis'
        );

        const redisCache = new CfnCacheCluster(this, 'app-redis',
            {
                engine: 'redis',
                cacheNodeType: 'cache.t3.micro',
                numCacheNodes: 1,
                clusterName: 'app-cache-cluster',
                vpcSecurityGroupIds: [redisSecurityGroup.securityGroupId],
                cacheSubnetGroupName: redisSubnetGroup.ref,
                engineVersion: '6.2',
                preferredMaintenanceWindow: 'fri:00:30-fri:01:30',
            }
        );

        redisCache.node.addDependency(redisSubnetGroup);

        const appAsset = new DockerImageAsset(this, 'app-image', {
            directory: path.join(__dirname, '..', '..', 'app'),
            buildArgs: {
                awsAccessKey: process.env.AWS_ACCESS_KEY_ID || 'no aws access key',
                awsSecretKey: process.env.AWS_SECRET_ACCESS_KEY || 'no aws secret key'
            }
        });

        //app
        const appCluster = new Cluster(this, 'app-cluster', {vpc});

        const appTaskDefinition = new FargateTaskDefinition(this, 'app-td', {
            cpu: 8192,
            memoryLimitMiB: 16384
        });

        appTaskDefinition.addContainer('app-container', {
            image: ContainerImage.fromDockerImageAsset(appAsset),
            memoryLimitMiB: 16384,
            environment: {
                'redis.endpoint': redisCache.attrRedisEndpointAddress,
                'redis.port': redisCache.attrRedisEndpointPort,
            },
            logging: LogDrivers.awsLogs({
                streamPrefix: 'app-logs',
            }),
        });

        const appEcsService = new FargateService(this, 'app-service', {
            cluster: appCluster,
            taskDefinition: appTaskDefinition,
            desiredCount: 1,
            assignPublicIp: true,
            securityGroups: [ecsSecurityGroup]
        });
    }
 }
	import * as cdk from 'aws-cdk-lib';
	import {Construct} from 'constructs';
	import {Peer, Port, SecurityGroup, Vpc} from "aws-cdk-lib/aws-ec2";
	import {Cluster, ContainerImage, FargateService, FargateTaskDefinition, LogDrivers} from "aws-cdk-lib/aws-ecs";
	import {DockerImageAsset} from "aws-cdk-lib/aws-ecr-assets";
	import {CfnCacheCluster, CfnSubnetGroup} from "aws-cdk-lib/aws-elasticache";
	import path = require("path");

	export class CdkStack extends cdk.Stack {
	constructor(scope: Construct, id: string, props?: cdk.StackProps) {
	super(scope, id, props);

	const vpc = Vpc.fromLookup(this, 'default-vpc', {isDefault: true, region: 'us-east-1'});

	const ecsSecurityGroup = SecurityGroup.fromSecurityGroupId(this, 'ecs-secgroup', 'sg-0d993e7d03d5f50ed', {
	mutable: true
	})

	//redis
	const redisSubnetGroup = new CfnSubnetGroup(this, 'redis-subnet-group', {
	description: 'Redis subnet group',
	subnetIds: vpc.publicSubnets.map((ps) => ps.subnetId),
	cacheSubnetGroupName: 'Redis-Subnet-Group',
	}
	);

	const redisSecurityGroup = new SecurityGroup(this, 'redis-security-group', {
	vpc: vpc,
	allowAllOutbound: true
	}
	);

	redisSecurityGroup.addIngressRule(
	Peer.anyIpv4(),
	Port.tcp(6379),
	'connect to redis'
	);

	const redisCache = new CfnCacheCluster(this, 'app-redis',
	{
	engine: 'redis',
	cacheNodeType: 'cache.t3.micro',
	numCacheNodes: 1,
	clusterName: 'app-cache-cluster',
	vpcSecurityGroupIds: [redisSecurityGroup.securityGroupId],
	cacheSubnetGroupName: redisSubnetGroup.ref,
	engineVersion: '6.2',
	preferredMaintenanceWindow: 'fri:00:30-fri:01:30',
	}
	);

	redisCache.node.addDependency(redisSubnetGroup);

	const appAsset = new DockerImageAsset(this, 'app-image', {
	directory: path.join(__dirname, '..', '..', 'app'),
	buildArgs: {
	awsAccessKey: process.env.AWS_ACCESS_KEY_ID \|\| 'no aws access key',
	awsSecretKey: process.env.AWS_SECRET_ACCESS_KEY \|\| 'no aws secret key'
	}
	});

	//app
	const appCluster = new Cluster(this, 'app-cluster', {vpc});

	const appTaskDefinition = new FargateTaskDefinition(this, 'app-td', {
	cpu: 8192,
	memoryLimitMiB: 16384
	});

	appTaskDefinition.addContainer('app-container', {
	image: ContainerImage.fromDockerImageAsset(appAsset),
	memoryLimitMiB: 16384,
	environment: {
	'redis.endpoint': redisCache.attrRedisEndpointAddress,
	'redis.port': redisCache.attrRedisEndpointPort,
	},
	logging: LogDrivers.awsLogs({
	streamPrefix: 'app-logs',
	}),
	});

	const appEcsService = new FargateService(this, 'app-service', {
	cluster: appCluster,
	taskDefinition: appTaskDefinition,
	desiredCount: 1,
	assignPublicIp: true,
	securityGroups: [ecsSecurityGroup]
	});
	}
	}