public UnicornStoreFargateStack(Construct parent, string id, UnicornStoreDeploymentEnvStackProps settings) : base(parent, id, settings)
{
this.settings = settings;
var vpc = new Vpc(this, $"{settings.ScopeName}VPC", new VpcProps {
MaxAzs = settings.MaxAzs
});
SecMan.SecretProps databasePasswordSecretSettings =
Helpers.CreateAutoGenPasswordSecretDef($"{settings.ScopeName}DatabasePassword", passwordLength: 8);
SecMan.Secret databasePasswordSecretConstruct = databasePasswordSecretSettings.CreateSecretConstruct(this);
var dbConstructFactory = settings.CreateDbConstructFactory();
DatabaseConstructOutput dbConstructOutput =
dbConstructFactory.CreateDatabaseConstruct(this, vpc, databasePasswordSecretConstruct.SecretValue);
var ecsCluster = new Cluster(this, $"Application{settings.Infrastructure}Cluster", new ClusterProps
{
Vpc = vpc,
ClusterName = settings.EcsClusterName
}
);
ApplicationLoadBalancedFargateService ecsService = this.CreateEcsService(
ecsCluster,
Secret.FromSecretsManager(databasePasswordSecretConstruct),
dbConstructFactory,
dbConstructOutput
);
// Update RDS Security Group to allow inbound database connections from the Fargate Service Security Group
dbConstructOutput.Connections.AllowDefaultPortFrom(ecsService.Service.Connections.SecurityGroups[0]);
}
public FargateStack(Construct scope, string id, FargateStackProps props = null) : base(scope, id, props)
{
var cluster = new Cluster(this, "WhatDayOfWeekCluster", new ClusterProps
{
Vpc = props.Vpc
});
var logging = new AwsLogDriver(new AwsLogDriverProps()
{
StreamPrefix = "WhatDayOfWeek",
LogRetention = Amazon.CDK.AWS.Logs.RetentionDays.ONE_DAY
});
//container
/*
* var repo = Repository.FromRepositoryName(this, "myrepo","MyRepositoryName");
*
* var containerOptions = new ContainerDefinitionOptions
* {
* Image = ContainerImage.FromEcrRepository(repo)
* };
*/
// to build the container image from the app in the local folder, replace lines 29-35 with
//var rootDirectory = Directory.GetCurrentDirectory();
//var path = Path.GetFullPath(Path.Combine(rootDirectory, @"App/WhatDayOfWeek"));
var containerOptions = new ContainerDefinitionOptions
{
Image = ContainerImage.FromAsset(@"App/WhatDayOfWeek"),
Logging = logging
};
var portMapping = new PortMapping()
{
ContainerPort = 80,
HostPort = 80
};
var taskDef = new FargateTaskDefinition(this, "WhatDayOfWeekTaskDefinition");
taskDef.AddContainer("WhatDayOfWeekContainer", containerOptions).AddPortMappings(portMapping);
var serviceProps = new ApplicationLoadBalancedFargateServiceProps()
{
ServiceName = "WhatDayOfWeekService",
MemoryLimitMiB = 512,
Cpu = 256,
TaskDefinition = taskDef,
Cluster = cluster
};
ApplicationLoadBalancedFargateService service = new ApplicationLoadBalancedFargateService(this, "WhatDayOfWeekService", serviceProps);
}
internal Stack(Construct scope, string id, IStackProps props = null) : base(scope, id, props)
{
//setup the image
var asset = new DockerImageAsset(this, $"{Config.AppName}Image", new DockerImageAssetProps {
Directory = Path.Combine(System.Environment.CurrentDirectory, "api"),
});
//Create the Fargate service
var vpc = Vpc.FromLookup(
this, "sandbox", new VpcLookupOptions
{
VpcName = "sandbox_vpc"
}
);
var cluster = new Cluster(this, $"{Config.AppName}Cluster", new ClusterProps
{
Vpc = vpc
});
var applicationDomain = $"{Config.ApplicationSubdomain}.{Config.DomainName}";
var hostedZone = HostedZone.FromLookup(
this, "HostedZone", new HostedZoneProviderProps
{
DomainName = $"{Config.DomainName}.",
PrivateZone = false
}
);
// Create a load-balanced Fargate service and make it public
var fargateService = new ApplicationLoadBalancedFargateService(this, $"{Config.AppName}Service",
new ApplicationLoadBalancedFargateServiceProps
{
Cluster = cluster, // Required
DesiredCount = 1, // Default is 1
TaskImageOptions = new ApplicationLoadBalancedTaskImageOptions
{
Image = ContainerImage.FromDockerImageAsset(asset)
},
MemoryLimitMiB = 1024, // Default is 256
PublicLoadBalancer = true, // Default is false
DomainName = applicationDomain,
DomainZone = hostedZone,
}
);
new CfnOutput(
this, "Route53Url", new CfnOutputProps
{
Value = applicationDomain,
Description = "Nice Route53 Url"
}
);
}
internal MyDotNetCoreServerlessWebAppEcsFargateCdkAppStack(Construct scope, string id, IStackProps props = null) : base(scope, id, props)
{
var imageTagParameter = this.Node.TryGetContext("ImageTag");
string imageTag = imageTagParameter.ToString() ?? "latest";
IRepository ecrRepository = Repository.FromRepositoryArn(this, "MyDotNetCorServerlessWebAppServiceContainerRepository", "arn:aws:ecr:eu-west-1:098208531922:repository/mydotnetcorewebapp");
var loadBalancedFargateService = new ApplicationLoadBalancedFargateService(this, "MyDotNetCorServerlessWebAppService", new ApplicationLoadBalancedFargateServiceProps()
{
AssignPublicIp = true,
TaskImageOptions = new ApplicationLoadBalancedTaskImageOptions()
{
Image = ContainerImage.FromEcrRepository(ecrRepository, imageTag),
}
});;
}
private ApplicationLoadBalancedFargateService CreateEcsService(
Cluster ecsCluster,
Secret dbPasswordSecret,
DatabaseConstructFactory dbConstructFactory,
DatabaseConstructOutput dbConstructOutput
)
{
var imageRepository = Repository.FromRepositoryName(this, "ExistingEcrRepository", settings.DockerImageRepository);
var ecsService = new ApplicationLoadBalancedFargateService(this, $"{settings.ScopeName}FargateService",
new ApplicationLoadBalancedFargateServiceProps
{
Cluster = ecsCluster,
DesiredCount = settings.DesiredComputeReplicaCount,
Cpu = settings.CpuMillicores,
MemoryLimitMiB = settings.MemoryMiB,
PublicLoadBalancer = settings.PublicLoadBalancer,
LoadBalancer = new ApplicationLoadBalancer(this, $"{settings.ScopeName}-ALB", new ApplicationLoadBalancerProps {
LoadBalancerName = "unicorn-store",
Vpc = ecsCluster.Vpc,
InternetFacing = true,
DeletionProtection = false,
}),
TaskImageOptions = new ApplicationLoadBalancedTaskImageOptions
{
Image = ContainerImage.FromEcrRepository(imageRepository, settings.ImageTag),
Environment = new Dictionary <string, string>()
{
{ "ASPNETCORE_ENVIRONMENT", settings.DotNetEnvironment ?? "Production" },
{ "DefaultAdminUsername", settings.DefaultSiteAdminUsername },
{ $"UnicornDbConnectionStringBuilder__{dbConstructFactory.DbConnStrBuilderServerPropName}",
dbConstructOutput.EndpointAddress },
{ $"UnicornDbConnectionStringBuilder__Port", dbConstructOutput.Port },
{ $"UnicornDbConnectionStringBuilder__{dbConstructFactory.DBConnStrBuilderUserPropName}",
settings.DbUsername },
},
Secrets = new Dictionary <string, Secret>
{
{ "DefaultAdminPassword", Helpers.CreateAutoGenPasswordSecretDef($"{settings.ScopeName}DefaultSiteAdminPassword").CreateSecret(this) },
{ $"UnicornDbConnectionStringBuilder__{dbConstructFactory.DBConnStrBuilderPasswordPropName}", dbPasswordSecret }
}
},
}
);
return(ecsService);
}
public ContainersStack(Construct parent, string id, IStackProps props) : base(parent, id, props)
{
var vpc = Vpc.FromLookup(this, id = "DefaultVpc", new VpcLookupOptions
{
IsDefault = true
});
if (vpc == null)
{
throw new System.NullReferenceException($"Unable to determine default VPC in region {this.Region}");
}
var cluster = new Cluster(this, "Cluster", new ClusterProps
{
Vpc = vpc
});
var taskDef = new FargateTaskDefinition(this, "FargateTaskDefinition");
var currentDir = Directory.GetCurrentDirectory();
var path = Path.GetFullPath(Path.Combine(currentDir, @"dotnetapp/"));
var containerOptions = new ContainerDefinitionOptions
{
Image = ContainerImage.FromAsset("dotnetapp")
};
var portMapping = new PortMapping()
{
ContainerPort = 80,
HostPort = 80
};
taskDef.AddContainer("Container", containerOptions).AddPortMappings(portMapping);
var serviceProps = new ApplicationLoadBalancedFargateServiceProps()
{
MemoryLimitMiB = 512,
Cpu = 256,
TaskDefinition = taskDef
};
ApplicationLoadBalancedFargateService service
= new ApplicationLoadBalancedFargateService(this, "DotnetFargateApp", serviceProps);
}
public ContainersStack(Construct parent, string id, IStackProps props) : base(parent, id, props)
{
// The code that defines your stack goes here
var vpc = new Vpc(this, "VPC");
var cluster = new Cluster(this, "Cluster", new ClusterProps
{
Vpc = vpc
});
var taskDef = new FargateTaskDefinition(this, "FargateTaskDefinition");
var rootDirectory = Directory.GetCurrentDirectory();
var path = Path.GetFullPath(Path.Combine(rootDirectory, @"dotnetapp/"));
var containerOptions = new ContainerDefinitionOptions
{
Image = ContainerImage.FromAsset("dotnetapp")
};
var portMapping = new PortMapping()
{
ContainerPort = 80,
HostPort = 80
};
taskDef.AddContainer("Container", containerOptions).AddPortMappings(portMapping);
var serviceProps = new ApplicationLoadBalancedFargateServiceProps()
{
MemoryLimitMiB = 512,
Cpu = 256,
TaskDefinition = taskDef
};
ApplicationLoadBalancedFargateService service = new ApplicationLoadBalancedFargateService(this, "DotnetFargateApp", serviceProps);
}
internal Example3Stack(Construct scope, string id, IStackProps props = null) : base(scope, id, props)
{
var vpcStack = new VpcStack(this, "someTestVpc");
var cluster = new Cluster(this, "WhatDayOfWeekCluster", new ClusterProps
{
Vpc = vpcStack.Vpc
});
var taskDef = new FargateTaskDefinition(this, "WhatDayOfWeekTaskDefinition");
var rootDirectory = Directory.GetCurrentDirectory();
var path = Path.GetFullPath(Path.Combine(rootDirectory, @"App/WhatDayOfWeek"));
var containerOptions = new ContainerDefinitionOptions
{
Image = ContainerImage.FromAsset("App/WhatDayOfWeek")
};
var portMapping = new PortMapping()
{
ContainerPort = 80,
HostPort = 80
};
taskDef.AddContainer("WhatDayOfWeekContainer", containerOptions).AddPortMappings(portMapping);
var serviceProps = new ApplicationLoadBalancedFargateServiceProps()
{
MemoryLimitMiB = 512,
Cpu = 256,
TaskDefinition = taskDef
};
ApplicationLoadBalancedFargateService service = new ApplicationLoadBalancedFargateService(this, "WhatDayOfWeekApp", serviceProps);
}
public ApiStack(Construct scope, string id, ApiProps props = null) : base(scope, id, props)
{
var hostedZone = HostedZone.FromHostedZoneAttributes(this, "HostedZone", new HostedZoneAttributes
{
ZoneName = props.HostedZoneName,
HostedZoneId = props.HostedZoneId
});
FargateService = new ApplicationLoadBalancedFargateService(this, $"{props.ServiceName}-fargate-service", new ApplicationLoadBalancedFargateServiceProps
{
ServiceName = props.ServiceName,
Cluster = props.EcsCluster,
TaskImageOptions = new ApplicationLoadBalancedTaskImageOptions
{
ContainerName = props.ServiceName,
Image = ContainerImage.FromEcrRepository(props.EcrRepository),
Environment = props.ContainerEnvVars,
Secrets = props.ContainerSecrets,
EnableLogging = true
},
Certificate = props.Certificate,
DomainName = $"{props.SubDomain}.{props.HostedZoneName}",
DomainZone = hostedZone,
//this has an internet-facing ALB open to the world - could enhance security by hiding behind an API gateway
});
FargateService.TargetGroup.ConfigureHealthCheck(new HealthCheck
{
Path = "/health"
});
ApiUrl = $"https://{props.SubDomain}.{props.HostedZoneName}";
//seems handy https://github.com/aws/aws-cdk/issues/8352
//also handy https://chekkan.com/iam-policy-perm-for-public-load-balanced-ecs-fargate-on-cdk/
}
public ApiStack(Construct parent, string id, IApiStackProps props) : base(parent, id, props)
{
var cluster = new Cluster(
this,
"Example",
new ClusterProps
{
Vpc = props.Vpc,
});
var logging = new AwsLogDriver(new AwsLogDriverProps
{
StreamPrefix = "Example",
});
var taskDef = new FargateTaskDefinition(
this,
"Task",
new FargateTaskDefinitionProps
{
MemoryLimitMiB = 512,
Cpu = 256,
});
var repo = Repository.FromRepositoryName(
this,
"EcrRepository",
props.Repository.RepositoryName);
var imageTag = new CfnParameter(
this,
props.ApiImageTag,
new CfnParameterProps
{
Default = "latest",
});
var container = new ContainerDefinition(
this,
"ApiContainer",
new ContainerDefinitionProps
{
TaskDefinition = taskDef,
Image = ContainerImage.FromEcrRepository(repo, imageTag.ValueAsString),
Logging = logging,
});
container.AddPortMappings(new PortMapping
{
ContainerPort = 80,
HostPort = 80,
Protocol = Amazon.CDK.AWS.ECS.Protocol.TCP,
});
var loadBalancer = new ApplicationLoadBalancer(
this,
"LoadBalancer",
new ApplicationLoadBalancerProps
{
Vpc = props.Vpc,
Http2Enabled = false,
IdleTimeout = Duration.Seconds(5),
InternetFacing = true,
IpAddressType = IpAddressType.IPV4,
VpcSubnets = new SubnetSelection
{
Subnets = props.Vpc.PublicSubnets,
},
});
var ecsService = new ApplicationLoadBalancedFargateService(
this,
"Service",
new ApplicationLoadBalancedFargateServiceProps
{
Cluster = cluster,
TaskDefinition = taskDef,
AssignPublicIp = false,
PublicLoadBalancer = true,
LoadBalancer = loadBalancer,
});
PrintLoadBalancerDnsName(ecsService);
}