Skip to content

Instantly share code, notes, and snippets.

@ibejohn818

ibejohn818/infra.py

Created December 28, 2017 00:15
Show Gist options
  • Save ibejohn818/5455e0cb28576901f2c931aa8c259847 to your computer and use it in GitHub Desktop.
Save ibejohn818/5455e0cb28576901f2c931aa8c259847 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
infra.py
import stackformation
from stackformation.aws import ( iam, vpc, ec2, user_data,
ebs, s3, eip, elb, sns,
logs, alarms, ami
)
def common_stacks(infra):
# VPC
vpc_stack = infra.add_stack(vpc.VPCStack(num_azs=3))
# VPC Security Groups
ssh_sg = vpc_stack.add_security_group(vpc.SSHSecurityGroup())
web_sg = vpc_stack.add_security_group(vpc.WebSecurityGroup())
self_sg = vpc_stack.add_security_group(vpc.SelfReferenceSecurityGroup())
# IAM
iam_stack = infra.add_stack(iam.IAMStack())
# Instance Profiles
web_profile = iam_stack.add_role(iam.EC2Profile("WebProfile"))
web_profile.add_policy(iam.EC2FullAccess())
web_profile.add_policy(iam.ELBFullAccess())
# S3 stack
s3_stack = infra.add_stack(s3.S3Stack("test"))
# Bucket
test_bucket = s3_stack.add_bucket(s3.S3Bucket("jchtest"))
web_profile.add_policy(iam.S3ReadBucketAccess(test_bucket))
# EIP Stack
eip_stack = infra.add_stack(eip.EIPStack())
# Logs stack
log_stack = infra.add_stack(logs.LogStack("Web"))
# php log group
log_stack.add_group(logs.LogGroup('PHP'))
def prod_stacks():
prod_infra = infra.create_sub_infra("prod")
prod_infra.add_vars({
'InputWebEC2TagName': "WebServer",
'InputWebEC2InstanceType': "t2.medium",
'InputWebEC2RootDeviceSize': "50",
'InputWebEBSDeviceName': "/dev/xvdb",
'InputNFSEBSDeviceName': "/dev/xvdc",
'InputWebLogRetentionPeriodDays': 14,
})
common_stacks(prod_infra)
vpc_stack = prod_infra.find_stack(vpc.VPCStack)
vpc_stack.base_cidr = "10.10"
web_sg = vpc_stack.find_security_group(vpc.WebSecurityGroup)
ssh_sg = vpc_stack.find_security_group(vpc.SSHSecurityGroup)
eip_stack = prod_infra.find_stack(eip.EIPStack)
web_ip = eip_stack.add_ip("WebServer")
ebs_stack = prod_infra.add_stack(ebs.EBSStack("Vols", vpc_stack))
web_vol = ebs_stack.add_volume(ebs.EBSVolume('Web', 100))
nfs_vol = ebs_stack.add_volume(ebs.EBSVolume('NFS', 350))
iam_stack = prod_infra.find_stack(iam.IAMStack)
web_profile = iam_stack.find_role(iam.EC2Profile)
ec2_stack = prod_infra.add_stack(ec2.EC2Stack("WebStack", vpc_stack, web_profile))
ec2_stack.add_security_group(web_sg)
ec2_stack.add_security_group(ssh_sg)
ec2_stack.add_volume(nfs_vol)
ec2_stack.add_volume(web_vol)
ec2_stack.keypair("jch")
ec2_stack.add_user_data(user_data.EIPInfo(web_ip))
ec2_stack.add_user_data(user_data.MountEBS(nfs_vol, "/mnt/nfs"))
ec2_stack.add_user_data(user_data.MountEBS(web_vol, "/mnt/web"))
elb_stack = prod_infra.add_stack(elb.ELBStack("WebStack", vpc_stack))
alarm_stack = prod_infra.add_stack(alarms.AlarmStack())
alarm_stack.add_topic(sns_stack)
alarm_stack.add_alarm(alarms.EC2InstanceFailAlarm(ec2_stack))
alarm_stack.add_alarm(alarms.EC2HighCpuAlarm(ec2_stack))
return prod_infra
def dev_stacks():
dev_infra = infra.create_sub_infra("dev")
dev_infra.add_vars({
'InputWebEC2TagName': "WebServer",
})
common_stacks(dev_infra)
vpc_stack = dev_infra.find_stack(vpc.VPCStack)
vpc_stack.base_cidr = "10.50"
return dev_infra
# boto connection
session = stackformation.BotoSession(region_name='us-east-2')
# top level infra
infra = stackformation.Infra("Jch", session)
infra.add_vars({
'InputJhardySNSEmailAddress': '[email protected]'
})
web_ami = infra.add_ami(ami.Ami('Web','ubuntu'))
print(web_ami.get_base_ami())
web_ami.build()
# top level sns topic
sns_stack = infra.add_stack(sns.SNSTopicStack("AlarmNotifications"))
# topic subscriptions
## slack subscription
slack_sub = sns_stack.add_subscription(sns.SlackSubscription("AwsAlarms"))
## email subscription
jhardy_sub = sns_stack.add_subscription(sns.EmailSubscription('Jhardy'))
# sub-infras
## prod
prod_infra = prod_stacks()
## dev
dev_infra = dev_stacks()
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment