1{ 2 "AWSTemplateFormatVersion": "2010-09-09", 3 4 "Mappings" : { 5 "AWSNATAMI" : { 6 "us-east-1" : { "AMI" : "ami-c6699baf" }, 7 "us-west-2" : { "AMI" : "ami-52ff7262" }, 8 "us-west-1" : { "AMI" : "ami-3bcc9e7e" }, 9 "eu-west-1" : { "AMI" : "ami-0b5b6c7f" }, 10 "ap-southeast-1" : { "AMI" : "ami-02eb9350" }, 11 "ap-southeast-2" : { "AMI" : "ami-ab990e91" }, 12 "ap-northeast-1" : { "AMI" : "ami-14d86d15" }, 13 "sa-east-1" : { "AMI" : "ami-0439e619" } 14 }, 15 16 "AWSINSTAMI" : { 17 "us-east-1" : { "AMI" : "ami-a73264ce" }, 18 "us-west-2" : { "AMI" : "ami-6aad335a" }, 19 "us-west-1" : { "AMI" : "ami-acf9cde9" }, 20 "eu-west-1" : { "AMI" : "ami-8e987ef9" }, 21 "ap-southeast-1" : { "AMI" : "ami-b84e04ea" }, 22 "ap-southeast-2" : { "AMI" : "ami-3d128f07" }, 23 "ap-northeast-1" : { "AMI" : "ami-3f32ac3e" }, 24 "sa-east-1" : { "AMI" : "ami-35258228" } 25 } 26 }, 27 28 "Parameters": { 29 "WebNodes": { 30 "Type": "String", 31 "Default": "5", 32 "Description": "Number of web servers to launch." 33 } 34 }, 35 36 "Outputs": { 37 "LoadBalancerIP": { 38 "Value": { "Ref": "LoadBalancerIP" } 39 } 40 }, 41 42 "Resources": { 43 "Gateway": { 44 "Type": "AWS::EC2::InternetGateway" 45 }, 46 47 "VPC": { 48 "Type": "AWS::EC2::VPC", 49 "Properties": { 50 "CidrBlock": "10.0.0.0/16", 51 "EnableDnsHostnames": true 52 } 53 }, 54 55 "VPCGateway": { 56 "Type" : "AWS::EC2::VPCGatewayAttachment", 57 "Properties" : { 58 "InternetGatewayId" : { "Ref": "Gateway" }, 59 "VpcId": { "Ref": "VPC" } 60 } 61 }, 62 63 "PublicSubnet": { 64 "Type": "AWS::EC2::Subnet", 65 "Properties": { 66 "CidrBlock": "10.0.0.0/24", 67 "VpcId": { "Ref": "VPC" } 68 } 69 }, 70 71 "PrivateSubnet": { 72 "Type": "AWS::EC2::Subnet", 73 "Properties": { 74 "CidrBlock": "10.0.1.0/24", 75 "VpcId": { "Ref": "VPC" } 76 } 77 }, 78 79 "PrivateSubnetRoute": { 80 "Type" : "AWS::EC2::SubnetRouteTableAssociation", 81 "Properties" : { 82 "RouteTableId" : { "Ref": "PrivateRouteTable" }, 83 "SubnetId" : { "Ref": "PrivateSubnet" } 84 } 85 }, 86 87 "PrivateRouteTable": { 88 "Type": "AWS::EC2::RouteTable", 89 "Properties": { 90 "VpcId": { "Ref": "VPC" } 91 } 92 }, 93 94 "PrivateRouteGlobal": { 95 "Type": "AWS::EC2::Route", 96 "Properties": { 97 "RouteTableId": { "Ref": "PrivateRouteTable" }, 98 "DestinationCidrBlock": "0.0.0.0/0", 99 "InstanceId" : { "Ref" : "NATDevice" } 100 }, 101 "DependsOn": "PublicRouteGlobal" 102 }, 103 104 "PublicSubnetRoute": { 105 "Type" : "AWS::EC2::SubnetRouteTableAssociation", 106 "Properties" : { 107 "RouteTableId" : { "Ref": "PublicRouteTable" }, 108 "SubnetId" : { "Ref": "PublicSubnet" } 109 } 110 }, 111 112 "PublicRouteTable": { 113 "Type": "AWS::EC2::RouteTable", 114 "Properties": { 115 "VpcId": { "Ref": "VPC" } 116 } 117 }, 118 119 "PublicRouteGlobal": { 120 "Type": "AWS::EC2::Route", 121 "Properties": { 122 "RouteTableId": { "Ref": "PublicRouteTable" }, 123 "DestinationCidrBlock": "0.0.0.0/0", 124 "GatewayId": { "Ref": "Gateway" } 125 } 126 }, 127 128 "NATIPAddress": { 129 "Type": "AWS::EC2::EIP", 130 "Properties": { 131 "Domain": "vpc", 132 "InstanceId": { "Ref": "NATDevice" } 133 }, 134 "DependsOn": "VPCGateway" 135 }, 136 137 "NATDevice" : { 138 "Type" : "AWS::EC2::Instance", 139 "Properties" : { 140 "SubnetId" : { "Ref" : "PublicSubnet" }, 141 "SourceDestCheck" : "false", 142 "ImageId" : { "Fn::FindInMap" : [ "AWSNATAMI", { "Ref" : "AWS::Region" }, "AMI" ]}, 143 "SecurityGroupIds" : [ 144 { "Ref" : "InstanceSecurityGroup" } 145 ], 146 "Tags": [ 147 { "Key": "Name", "Value": "Serf Demo NAT Device" } 148 ] 149 } 150 }, 151 152 "LoadBalancer": { 153 "Type": "AWS::EC2::Instance", 154 "Properties": { 155 "ImageId": { "Fn::FindInMap" : [ "AWSINSTAMI", { "Ref" : "AWS::Region" }, "AMI" ]}, 156 "PrivateIpAddress": "10.0.0.5", 157 "SecurityGroupIds": [ 158 {"Ref": "InstanceSecurityGroup"} 159 ], 160 "SubnetId": { "Ref": "PublicSubnet" }, 161 "Tags": [ 162 { "Key": "Name", "Value": "Serf Demo LB" } 163 ], 164 "UserData": "IyEvYmluL2Jhc2gKTk9ERV9TRVRVUF9VUkw9Imh0dHBzOi8vcmF3LmdpdGh1Yi5jb20vaGFzaGljb3JwL3NlcmYvbWFzdGVyL2RlbW8vd2ViLWxvYWQtYmFsYW5jZXIvc2V0dXBfbG9hZF9iYWxhbmNlci5zaCIKClNFUkZfU0VUVVBfVVJMPSJodHRwczovL3Jhdy5naXRodWIuY29tL2hhc2hpY29ycC9zZXJmL21hc3Rlci9kZW1vL3dlYi1sb2FkLWJhbGFuY2VyL3NldHVwX3NlcmYuc2giCgojIFNldHVwIHRoZSBub2RlIGl0c2VsZgp3Z2V0IC1PIC0gJE5PREVfU0VUVVBfVVJMIHwgYmFzaAoKIyBTZXR1cCB0aGUgc2VyZiBhZ2VudApleHBvcnQgU0VSRl9ST0xFPSJsYiIKd2dldCAtTyAtICRTRVJGX1NFVFVQX1VSTCB8IGJhc2gK" 165 }, 166 "DependsOn": "PublicRouteGlobal" 167 }, 168 169 "LoadBalancerIP": { 170 "Type" : "AWS::EC2::EIP", 171 "Properties" : { 172 "InstanceId" : { "Ref": "LoadBalancer" }, 173 "Domain" : "vpc" 174 }, 175 "DependsOn": "VPCGateway" 176 }, 177 178 "WebGroup": { 179 "Type": "AWS::AutoScaling::AutoScalingGroup", 180 "Properties": { 181 "AvailabilityZones": [ 182 { "Fn::GetAtt" : [ "PrivateSubnet", "AvailabilityZone" ] } 183 ], 184 "LaunchConfigurationName": { "Ref": "WebLaunchConfig" }, 185 "DesiredCapacity": { "Ref": "WebNodes" }, 186 "MinSize": { "Ref": "WebNodes" }, 187 "MaxSize": { "Ref": "WebNodes" }, 188 "VPCZoneIdentifier": [ 189 { "Ref": "PrivateSubnet" } 190 ] 191 }, 192 "DependsOn": ["NATDevice", "NATIPAddress", "PrivateRouteGlobal"] 193 }, 194 195 "WebLaunchConfig": { 196 "Type": "AWS::AutoScaling::LaunchConfiguration", 197 "Properties": { 198 "ImageId": { "Fn::FindInMap" : [ "AWSINSTAMI", { "Ref" : "AWS::Region" }, "AMI" ]}, 199 "InstanceType": "m1.small", 200 "SecurityGroups": [ 201 {"Ref": "InstanceSecurityGroup"} 202 ], 203 "UserData": "IyEvYmluL2Jhc2gKTk9ERV9TRVRVUF9VUkw9Imh0dHBzOi8vcmF3LmdpdGh1Yi5jb20vaGFzaGljb3JwL3NlcmYvbWFzdGVyL2RlbW8vd2ViLWxvYWQtYmFsYW5jZXIvc2V0dXBfd2ViX3NlcnZlci5zaCIKClNFUkZfU0VUVVBfVVJMPSJodHRwczovL3Jhdy5naXRodWIuY29tL2hhc2hpY29ycC9zZXJmL21hc3Rlci9kZW1vL3dlYi1sb2FkLWJhbGFuY2VyL3NldHVwX3NlcmYuc2giCgojIFNldHVwIHRoZSBub2RlIGl0c2VsZgp3Z2V0IC1PIC0gJE5PREVfU0VUVVBfVVJMIHwgYmFzaAoKIyBTZXR1cCB0aGUgc2VyZiBhZ2VudApleHBvcnQgU0VSRl9ST0xFPSJ3ZWIiCndnZXQgLU8gLSAkU0VSRl9TRVRVUF9VUkwgfCBiYXNoCg==" 204 } 205 }, 206 207 "InstanceSecurityGroup": { 208 "Type": "AWS::EC2::SecurityGroup", 209 "Properties": { 210 "GroupDescription": "Serf demo security group", 211 "VpcId": { "Ref": "VPC" }, 212 "SecurityGroupIngress": [{ 213 "IpProtocol": "icmp", 214 "FromPort": "-1", 215 "ToPort": "-1", 216 "CidrIp": "0.0.0.0/0" 217 }, { 218 "IpProtocol": "tcp", 219 "FromPort": "22", 220 "ToPort": "22", 221 "CidrIp": "0.0.0.0/0" 222 }, { 223 "IpProtocol": "tcp", 224 "FromPort": "80", 225 "ToPort": "80", 226 "CidrIp": "0.0.0.0/0" 227 }, { 228 "IpProtocol": "tcp", 229 "FromPort": "9999", 230 "ToPort": "9999", 231 "CidrIp": "0.0.0.0/0" 232 }] 233 } 234 }, 235 236 "InstanceSecurityGroupSelfRule": { 237 "Type": "AWS::EC2::SecurityGroupIngress", 238 "Properties": { 239 "GroupId": { "Ref": "InstanceSecurityGroup" }, 240 "IpProtocol": "-1", 241 "FromPort": "0", 242 "ToPort": "65535", 243 "SourceSecurityGroupId": { "Ref": "InstanceSecurityGroup" } 244 } 245 } 246 } 247} 248