Cloud Fromation で ALB を作成してみる
以前あげた記事で ALB の挙動を見てみました。
今回は ALB 作成も Cloud Formation に組み込んだので記事に残して置こうと思います。
参考
構成
構成は前と同じで下記のとおりです。
テンプレート
テンプレートは下記のとおりです。
AWSTemplateFormatVersion: "2010-09-09"
Description: "CloudFormation Template Test"
# Setting key and IP
Parameters:
KeyName:
Description: The EC2 Key Pair to allow SSH access to the instance
Type: "AWS::EC2::KeyPair::KeyName"
MyIP:
Description: IP address allowed to access EC2
Type: String
Resources:
# VPC
HogeVPC:
Type: AWS::EC2::VPC
Properties:
CidrBlock: "10.0.0.0/16"
EnableDnsSupport: "true"
EnableDnsHostnames: "true"
InstanceTenancy: "default"
Tags:
- Key: Name
Value: "hoge-vpc"
# InternetGateway
HogeInternetGateway:
Type: AWS::EC2::InternetGateway
Properties:
Tags:
- Key: Name
Value: "hoge-igw"
HogeAttachment:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
VpcId: !Ref HogeVPC
InternetGatewayId: !Ref HogeInternetGateway
# Subnet
HogePublicSubnetA:
Type: AWS::EC2::Subnet
Properties:
AvailabilityZone: "ap-northeast-1a"
CidrBlock: "10.0.0.0/24"
VpcId: !Ref HogeVPC
Tags:
- Key: Name
Value: "hoge-public-subnet-1"
HogePublicSubnetB:
Type: AWS::EC2::Subnet
Properties:
AvailabilityZone: "ap-northeast-1c"
CidrBlock: "10.0.1.0/24"
VpcId: !Ref HogeVPC
Tags:
- Key: Name
Value: "hoge-public-subnet-2"
# RouteTable
HogePublicRouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref HogeVPC
Tags:
- Key: Name
Value: !Sub hoge-public-routetable
HogePublicRoute:
Type: AWS::EC2::Route
Properties:
RouteTableId: !Ref HogePublicRouteTable
DestinationCidrBlock: 0.0.0.0/0
GatewayId: !Ref HogeInternetGateway
# Subnet to attach
HogePublicSubnetARouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref HogePublicSubnetA
RouteTableId: !Ref HogePublicRouteTable
HogePublicSubnetBRouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref HogePublicSubnetB
RouteTableId: !Ref HogePublicRouteTable
# EC2
EC2A:
Type: AWS::EC2::Instance
Properties:
ImageId: ami-00d101850e971728d
KeyName: !Ref KeyName
InstanceType: t2.micro
NetworkInterfaces: # assign public IP
- AssociatePublicIpAddress: "true"
DeviceIndex: "0"
SubnetId: !Ref HogePublicSubnetA
GroupSet:
- !Ref EC2SG
UserData: !Base64 | # coding commands what you want
#!/bin/bash
sudo amazon-linux-extras install -y nginx1
sudo systemctl start nginx
Tags:
- Key: Name
Value: hogeEC2A
EC2B:
Type: AWS::EC2::Instance
Properties:
ImageId: ami-00d101850e971728d
KeyName: !Ref KeyName
InstanceType: t2.micro
NetworkInterfaces: # assign public IP
- AssociatePublicIpAddress: "true"
DeviceIndex: "0"
SubnetId: !Ref HogePublicSubnetB
GroupSet:
- !Ref EC2SG
UserData: !Base64 | # coding commands what you want
#!/bin/bash
sudo amazon-linux-extras install -y nginx1
sudo systemctl start nginx
Tags:
- Key: Name
Value: hogeEC2B
# SecurityGroup
EC2SG:
Type: AWS::EC2::SecurityGroup
Properties:
GroupName: hoge-sg
GroupDescription: Allow SSH and HTTP access only MyIP
VpcId: !Ref HogeVPC
SecurityGroupIngress:
# http
- IpProtocol: tcp
FromPort: 80
ToPort: 80
CidrIp: !Ref MyIP
# ssh
- IpProtocol: tcp
FromPort: 22
ToPort: 22
CidrIp: !Ref MyIP
## Target groups
TargetGroupA:
Type: "AWS::ElasticLoadBalancingV2::TargetGroup"
Properties:
VpcId: !Ref HogeVPC
Name: "hoge-target-group-A"
Protocol: HTTP
Port: 80
TargetType: instance
Targets:
- Id: !Ref EC2A
- Id: !Ref EC2B
Port: 80
## ALB security group
ALBSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupName: hoge-alb-sg
GroupDescription: Allow HTTP access
VpcId: !Ref HogeVPC
# Rule
SecurityGroupIngress:
# http
- IpProtocol: tcp
FromPort: 80
ToPort: 80
CidrIp: "0.0.0.0/0"
## ALB
InternetALB:
Type: AWS::ElasticLoadBalancingV2::LoadBalancer
Properties:
Name: hoge-alb
Scheme: "internet-facing"
LoadBalancerAttributes:
- Key: "deletion_protection.enabled"
Value: false
- Key: "idle_timeout.timeout_seconds"
Value: 60
SecurityGroups:
- !Ref ALBSecurityGroup
Subnets:
- !Ref HogePublicSubnetA
- !Ref HogePublicSubnetB
ALBListener:
Type: AWS::ElasticLoadBalancingV2::Listener
Properties:
DefaultActions:
- TargetGroupArn: !Ref TargetGroupA
Type: forward
LoadBalancerArn: !Ref InternetALB
Port: 80
Protocol: HTTP
Outputs:
# Output EC2A status
EC2APublicIP:
Value: !GetAtt EC2A.PublicIp
Description: Public IP of EC2A Ainstance
# Output EC2B status
EC2BPublicIP:
Value: !GetAtt EC2A.PublicIp
Description: Public IP of EC2B Ainstance
ディスカッション
コメント一覧
まだ、コメントがありません