Created
July 16, 2015 18:08
-
-
Save JadedEvan/cf6421fc2c76b4828be6 to your computer and use it in GitHub Desktop.
Amazon CloudFormation script to create a new EC2 server that runs the GNIP "sample-kinesis-connector" java application. This can be used to read incoming data from GNIP stream and push it over to Amazon Kinesis. GNIP pulled support for the Public AMI in the Amazon Marketplace, so here's one that will take you most of the way.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"AWSTemplateFormatVersion" : "2010-09-09", | |
"Description": "Create EC2 instance to run a GNIP Kinesis connector. Creates CloudWatch alarms when 85% stream capacity reached.", | |
"Parameters" : { | |
"Environment" : { | |
"Type": "String", | |
"Description": "Environment in which to run", | |
"AllowedValues": ["production", "development"] | |
}, | |
"InstanceTerminationProtection": { | |
"Type": "String", | |
"Description": "Disable instance termination protection via API", | |
"Default": "false" | |
}, | |
"InstanceRegion": { | |
"Type": "String", | |
"Description": "Target region for stack creation", | |
"Default": "us-east-1a" | |
}, | |
"AllowedSecurityGroupCIDRIP": { | |
"Type": "String", | |
"Description": "Allowed IP addresses for security group to be created" | |
}, | |
"KeyPairName": { | |
"Type": "String", | |
"Description": "EC2 keypair to associate to instance" | |
}, | |
"GNIPUsername": { | |
"Type": "String", | |
"Description": "GNIP username" | |
}, | |
"GNIPPassword": { | |
"Type": "String", | |
"Description": "GNIP password", | |
"NoEcho": true | |
}, | |
"GNIPAccountName": { | |
"Type": "String", | |
"Description": "GNIP account name", | |
"Default": "Chirpify" | |
}, | |
"GNIPProduct": { | |
"Type": "String", | |
"Description": "GNIP product", | |
"Default": "track" | |
}, | |
"ShardCount": { | |
"Type": "Number", | |
"Description": "Number of shards in Kinesis stream", | |
"Default": "1", | |
"MaxValue": 8, | |
"MinValue": 1 | |
} | |
}, | |
"Conditions": { | |
"IsProduction": {"Fn::Equals": [{"Ref": "Environment"}, "production"]}, | |
"IsDevelopment": {"Fn::Equals": [{"Ref": "Environment"}, "development"]} | |
}, | |
"Mappings": { | |
"GNIPMap": { | |
"production": { | |
"KinesisStreamName": "gnip-production", | |
"PowerTrackStream": "production" | |
}, | |
"development": { | |
"KinesisStreamName": "gnip-development", | |
"PowerTrackStream": "development" | |
} | |
}, | |
"Threshold": { | |
"1": { | |
"IncomingRecords": 850, | |
"IncomingBytes": 850000, | |
"GetRecordsBytes": 1700000 | |
}, | |
"2": { | |
"IncomingRecords": 1700, | |
"IncomingBytes": 1700000, | |
"GetRecordsBytes": 3400000 | |
}, | |
"3": { | |
"IncomingRecords": 2550, | |
"IncomingBytes": 2550000, | |
"GetRecordsBytes": 5100000 | |
}, | |
"4": { | |
"IncomingRecords": 3400, | |
"IncomingBytes": 3400000, | |
"GetRecordsBytes": 6800000 | |
}, | |
"5": { | |
"IncomingRecords": 4250, | |
"IncomingBytes": 4250000, | |
"GetRecordsBytes": 8500000 | |
}, | |
"6": { | |
"IncomingRecords": 5100, | |
"IncomingBytes": 5100000, | |
"GetRecordsBytes": 10200000 | |
}, | |
"7": { | |
"IncomingRecords": 5950, | |
"IncomingBytes": 5950000, | |
"GetRecordsBytes": 11900000 | |
}, | |
"8": { | |
"IncomingRecords": 6800, | |
"IncomingBytes": 6800000, | |
"GetRecordsBytes": 13600000 | |
} | |
}, | |
"SNS": { | |
"production": { | |
"Topics": [ | |
"arn:aws:sns:us-east-1:123456789:production" | |
] | |
}, | |
"development": { | |
"Topics": [ | |
"arn:aws:sns:us-east-1:123456789:development" | |
] | |
} | |
} | |
}, | |
"Resources" : { | |
"AlarmIncomingRecords": { | |
"Type": "AWS::CloudWatch::Alarm", | |
"Properties": { | |
"ActionsEnabled": true, | |
"AlarmActions": {"Fn::FindInMap": ["SNS", {"Ref": "Environment"}, "Topics"]}, | |
"AlarmDescription": "Low count for Kinesis incoming records (85% capacity)", | |
"AlarmName": {"Fn::Join": ["", ["Kinesis ", {"Ref": "Environment"}, " incoming records"]]}, | |
"ComparisonOperator": "GreaterThanThreshold", | |
"Dimensions": [ | |
{ | |
"Name": "StreamName", | |
"Value": {"Fn::FindInMap": ["GNIPMap", {"Ref": "Environment"}, "KinesisStreamName"]} | |
} | |
], | |
"EvaluationPeriods": 3, | |
"MetricName": "IncomingRecords", | |
"Namespace": "AWS/Kinesis", | |
"Period": 60, | |
"Statistic": "Sum", | |
"Threshold": {"Fn::FindInMap": ["Threshold", {"Ref": "ShardCount"}, "IncomingRecords"]}, | |
"Unit": "Count" | |
} | |
}, | |
"AlarmIncomingRecordsBytes": { | |
"Type": "AWS::CloudWatch::Alarm", | |
"Properties": { | |
"ActionsEnabled": true, | |
"AlarmActions": {"Fn::FindInMap": ["SNS", {"Ref": "Environment"}, "Topics"]}, | |
"AlarmDescription": "High write throughput for incoming records (bytesize) (85% capacity)", | |
"AlarmName": {"Fn::Join": ["", ["Kinesis ", {"Ref": "Environment"}, " incoming records bytesize"]]}, | |
"ComparisonOperator": "GreaterThanThreshold", | |
"Dimensions": [ | |
{ | |
"Name": "StreamName", | |
"Value": {"Fn::FindInMap": ["GNIPMap", {"Ref": "Environment"}, "KinesisStreamName"]} | |
} | |
], | |
"EvaluationPeriods": 3, | |
"MetricName": "IncomingBytes", | |
"Namespace": "AWS/Kinesis", | |
"Period": 60, | |
"Statistic": "Sum", | |
"Threshold": {"Fn::FindInMap": ["Threshold", {"Ref": "ShardCount"}, "IncomingBytes"]}, | |
"Unit": "Bytes" | |
} | |
}, | |
"AlarmReadRecordsBytes": { | |
"Type": "AWS::CloudWatch::Alarm", | |
"Properties": { | |
"ActionsEnabled": true, | |
"AlarmActions": {"Fn::FindInMap": ["SNS", {"Ref": "Environment"}, "Topics"]}, | |
"AlarmDescription": "High read throughput (bytesize) (85% capacity)", | |
"AlarmName": {"Fn::Join": ["", ["Kinesis ", {"Ref": "Environment"}, " read throughput bytesize"]]}, | |
"ComparisonOperator": "GreaterThanThreshold", | |
"Dimensions": [ | |
{ | |
"Name": "StreamName", | |
"Value": {"Fn::FindInMap": ["GNIPMap", {"Ref": "Environment"}, "KinesisStreamName"]} | |
} | |
], | |
"EvaluationPeriods": 3, | |
"MetricName": "GetRecords.Bytes", | |
"Namespace": "AWS/Kinesis", | |
"Period": 60, | |
"Statistic": "Sum", | |
"Threshold": {"Fn::FindInMap": ["Threshold", {"Ref": "ShardCount"}, "GetRecordsBytes"]}, | |
"Unit": "Bytes" | |
} | |
}, | |
"EC2SecurityGroup": { | |
"Type": "AWS::EC2::SecurityGroup", | |
"Properties": { | |
"GroupDescription": {"Fn::Join": ["", [ | |
"Security group for ", | |
{"Ref": "AWS::StackName"} | |
]]}, | |
"Tags": [ | |
{ | |
"Key": "name", | |
"Value": {"Ref": "AWS::StackName"} | |
}, | |
{ | |
"Key": "Name", | |
"Value": {"Ref": "AWS::StackName"} | |
}, | |
{ | |
"Key": "environment", | |
"Value": {"Ref": "Environment"} | |
} | |
], | |
"SecurityGroupIngress": [ | |
{ | |
"CidrIp": {"Ref": "AllowedSecurityGroupCIDRIP"}, | |
"IpProtocol": "tcp", | |
"FromPort": "22", | |
"ToPort": "22" | |
}, | |
{ | |
"CidrIp": {"Ref": "AllowedSecurityGroupCIDRIP"}, | |
"IpProtocol": "icmp", | |
"FromPort": "-1", | |
"ToPort": "-1" | |
} | |
] | |
} | |
}, | |
"KinesisServer" : { | |
"Type": "AWS::EC2::Instance", | |
"Properties": { | |
"AvailabilityZone": {"Ref": "InstanceRegion"}, | |
"DisableApiTermination": {"Ref": "InstanceTerminationProtection"}, | |
"InstanceType": "m3.large", | |
"Tags" : [ | |
{"Key": "environment", "Value": {"Ref": "Environment"}}, | |
{"Key": "Name", "Value": {"Ref": "AWS::StackName"}} | |
], | |
"ImageId": "ami-d05e75b8", | |
"SecurityGroups": [{"Ref": "EC2SecurityGroup"}], | |
"KeyName": {"Ref": "KeyPairName"}, | |
"UserData": { | |
"Fn::Base64": {"Fn::Join": ["\n", [ | |
"#!/bin/bash", | |
"/usr/bin/apt-get update", | |
"/usr/bin/apt-get install awscli git maven openjdk-7-jdk -y", | |
"chown ubuntu:root /opt", | |
"cd /opt && git clone https://github.com/twitterdev/sample-kinesis-connector kinesis-connector", | |
"mv /opt/kinesis-connector/src/main/resources/config.properties.example /opt/kinesis-connector/src/main/resources/config.properties", | |
"echo 'export JAVA_HOME=/usr/lib/jvm/java-7-openjdk-amd64' > /home/ubuntu/.bash_profile", | |
"chown ubuntu:ubuntu /home/ubuntu/.bash_profile", | |
"/bin/sed -i '/aws.access.key.*/d' /opt/kinesis-connector/src/main/resources/config.properties", | |
"/bin/sed -i '/aws.secret.key.*/d' /opt/kinesis-connector/src/main/resources/config.properties", | |
"/bin/sed -i 's/aws.kinesis.shard.count.*/aws.kinesis.shard.count=1/' /opt/kinesis-connector/src/main/resources/config.properties", | |
{"Fn::Join": ["", ["/bin/sed -i '1 i aws.access.key=", {"Ref": "KinesisIAMCredentials"}, "' /opt/kinesis-connector/src/main/resources/config.properties"]]}, | |
{"Fn::Join": ["", ["/bin/sed -i '1 i aws.secret.key=", {"Fn::GetAtt": ["KinesisIAMCredentials", "SecretAccessKey"]}, "' /opt/kinesis-connector/src/main/resources/config.properties"]]}, | |
{"Fn::Join": ["", ["/bin/sed -i 's/gnip.user.name.*/gnip.user.name=", {"Ref": "GNIPUsername"}, "/' /opt/kinesis-connector/src/main/resources/config.properties"]]}, | |
{"Fn::Join": ["", ["/bin/sed -i 's/gnip.user.password.*/gnip.user.password=", {"Ref": "GNIPPassword"}, "/' /opt/kinesis-connector/src/main/resources/config.properties"]]}, | |
{"Fn::Join": ["", ["/bin/sed -i 's/gnip.account.name.*/gnip.account.name=", {"Ref": "GNIPAccountName"}, "/' /opt/kinesis-connector/src/main/resources/config.properties"]]}, | |
{"Fn::Join": ["", ["/bin/sed -i 's/gnip.product.*/gnip.product=", {"Ref": "GNIPProduct"}, "/' /opt/kinesis-connector/src/main/resources/config.properties"]]}, | |
{"Fn::Join": ["", ["/bin/sed -i 's/gnip.stream.label.*/gnip.stream.label=", {"Fn::FindInMap": ["GNIPMap", {"Ref": "Environment"}, "PowerTrackStream"]}, "/' /opt/kinesis-connector/src/main/resources/config.properties"]]}, | |
{"Fn::Join": ["", ["/bin/sed -i 's/aws.kinesis.stream.name.*/aws.kinesis.stream.name=", {"Fn::FindInMap": ["GNIPMap", {"Ref": "Environment"}, "KinesisStreamName"]}, "/' /opt/kinesis-connector/src/main/resources/config.properties"]]}, | |
"sudo chown -R ubuntu:root /opt/kinesis-connector", | |
"cd /opt/kinesis-connector && mvn clean install" | |
]]} | |
} | |
} | |
}, | |
"KinesisIAM": { | |
"Type": "AWS::IAM::User", | |
"Properties": { | |
"Path": "/", | |
"Policies": [ | |
{ | |
"PolicyName": "KinesisScopedPermissions", | |
"PolicyDocument": { | |
"Version": "2012-10-17", | |
"Statement": [{ | |
"Effect": "Allow", | |
"Action": "kinesis:*", | |
"Resource": {"Fn::Join": [":", [ | |
"arn", | |
"aws", | |
"kinesis", | |
"*", | |
{"Ref": "AWS::AccountId"}, | |
{"Fn::Join": ["", ["stream/", {"Fn::FindInMap": ["GNIPMap", {"Ref": "Environment"}, "KinesisStreamName"]}]]} | |
]]} | |
}] | |
} | |
}, | |
{ | |
"PolicyName": "KinesisDescribeAll", | |
"PolicyDocument": { | |
"Version": "2012-10-17", | |
"Statement": [{ | |
"Effect": "Allow", | |
"Action": [ | |
"kinesis:DescribeStream", | |
"kinesis:ListStreams" | |
], | |
"Resource": "*" | |
}] | |
} | |
} | |
] | |
} | |
}, | |
"KinesisIAMCredentials": { | |
"Type": "AWS::IAM::AccessKey", | |
"Properties": { | |
"UserName": {"Ref": "KinesisIAM"} | |
} | |
} | |
}, | |
"Outputs": { | |
"InstanceID": { | |
"Description": "Identifer of EC2 instance", | |
"Value": {"Ref": "KinesisServer"} | |
}, | |
"PublicDnsName": { | |
"Description": "Public DNS name of EC2 instance", | |
"Value": {"Fn::GetAtt": ["KinesisServer", "PublicDnsName"]} | |
}, | |
"EC2SecurityGroupID": { | |
"Description": "Name of governing security group", | |
"Value": {"Ref": "EC2SecurityGroup"} | |
}, | |
"IAMAccessKey": { | |
"Value": {"Ref": "KinesisIAMCredentials"} | |
}, | |
"IAMSecretAccessKey": { | |
"Value": {"Fn::GetAtt": ["KinesisIAMCredentials", "SecretAccessKey"]} | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment