public static FargateTaskDefinition CreateTaskDefinition1(Construct scope)
{
var repo = CreateDockerContainerImage(scope);
var taskDefinition = new FargateTaskDefinition(scope, "DownloadAccuzipFileTaskDefinition", new FargateTaskDefinitionProps()
{
MemoryLimitMiB = 2048,
});
taskDefinition.AddContainer(Config.ECR_REPO_NAME, new ContainerDefinitionProps()
{
MemoryLimitMiB = 2048,
Image = ContainerImage.FromEcrRepository(repo),
Logging = new AwsLogDriver(new AwsLogDriverProps()
{
StreamPrefix = "dmappresort"
})
});
var policyStatement = new Amazon.CDK.AWS.IAM.PolicyStatement();
policyStatement.AddAllResources();
policyStatement.AddActions(new string[] { "s3:*" });
taskDefinition.AddToTaskRolePolicy(policyStatement);
return(taskDefinition);
}
private void ConfigureTaskDefinition(IRecipeProps <Configuration> props)
{
var settings = props.Settings;
AppTaskDefinition = new FargateTaskDefinition(this, nameof(AppTaskDefinition), InvokeCustomizeCDKPropsEvent(nameof(AppTaskDefinition), this, new FargateTaskDefinitionProps
{
TaskRole = AppIAMTaskRole,
Cpu = settings.TaskCpu,
MemoryLimitMiB = settings.TaskMemory
}));
AppLogging = new AwsLogDriver(InvokeCustomizeCDKPropsEvent(nameof(AppLogging), this, new AwsLogDriverProps
{
StreamPrefix = props.StackName
}));
if (string.IsNullOrEmpty(props.ECRRepositoryName))
{
throw new InvalidOrMissingConfigurationException("The provided ECR Repository Name is null or empty.");
}
var ecrRepository = Repository.FromRepositoryName(this, "ECRRepository", props.ECRRepositoryName);
AppContainerDefinition = new ContainerDefinitionOptions
{
Image = ContainerImage.FromEcrRepository(ecrRepository, props.ECRImageTag),
Logging = AppLogging
};
AppTaskDefinition.AddContainer(nameof(AppContainerDefinition), InvokeCustomizeCDKPropsEvent(nameof(AppContainerDefinition), this, AppContainerDefinition));
}
public FargateStack(Construct scope, string id, FargateStackProps props = null) : base(scope, id, props)
{
var cluster = new Cluster(this, "WhatDayOfWeekCluster", new ClusterProps
{
Vpc = props.Vpc
});
var logging = new AwsLogDriver(new AwsLogDriverProps()
{
StreamPrefix = "WhatDayOfWeek",
LogRetention = Amazon.CDK.AWS.Logs.RetentionDays.ONE_DAY
});
//container
/*
* var repo = Repository.FromRepositoryName(this, "myrepo","MyRepositoryName");
*
* var containerOptions = new ContainerDefinitionOptions
* {
* Image = ContainerImage.FromEcrRepository(repo)
* };
*/
// to build the container image from the app in the local folder, replace lines 29-35 with
//var rootDirectory = Directory.GetCurrentDirectory();
//var path = Path.GetFullPath(Path.Combine(rootDirectory, @"App/WhatDayOfWeek"));
var containerOptions = new ContainerDefinitionOptions
{
Image = ContainerImage.FromAsset(@"App/WhatDayOfWeek"),
Logging = logging
};
var portMapping = new PortMapping()
{
ContainerPort = 80,
HostPort = 80
};
var taskDef = new FargateTaskDefinition(this, "WhatDayOfWeekTaskDefinition");
taskDef.AddContainer("WhatDayOfWeekContainer", containerOptions).AddPortMappings(portMapping);
var serviceProps = new ApplicationLoadBalancedFargateServiceProps()
{
ServiceName = "WhatDayOfWeekService",
MemoryLimitMiB = 512,
Cpu = 256,
TaskDefinition = taskDef,
Cluster = cluster
};
ApplicationLoadBalancedFargateService service = new ApplicationLoadBalancedFargateService(this, "WhatDayOfWeekService", serviceProps);
}
public ContainersStack(Construct parent, string id, IStackProps props) : base(parent, id, props)
{
var vpc = Vpc.FromLookup(this, id = "DefaultVpc", new VpcLookupOptions
{
IsDefault = true
});
if (vpc == null)
{
throw new System.NullReferenceException($"Unable to determine default VPC in region {this.Region}");
}
var cluster = new Cluster(this, "Cluster", new ClusterProps
{
Vpc = vpc
});
var taskDef = new FargateTaskDefinition(this, "FargateTaskDefinition");
var currentDir = Directory.GetCurrentDirectory();
var path = Path.GetFullPath(Path.Combine(currentDir, @"dotnetapp/"));
var containerOptions = new ContainerDefinitionOptions
{
Image = ContainerImage.FromAsset("dotnetapp")
};
var portMapping = new PortMapping()
{
ContainerPort = 80,
HostPort = 80
};
taskDef.AddContainer("Container", containerOptions).AddPortMappings(portMapping);
var serviceProps = new ApplicationLoadBalancedFargateServiceProps()
{
MemoryLimitMiB = 512,
Cpu = 256,
TaskDefinition = taskDef
};
ApplicationLoadBalancedFargateService service
= new ApplicationLoadBalancedFargateService(this, "DotnetFargateApp", serviceProps);
}
internal FargateStack(Construct scope, string id, IStackProps props = null) : base(scope, id, props)
{
// Create VPC
var vpc = new Vpc(this, "SampleVpc", new VpcProps
{
MaxAzs = 2
});
// Create ECS cluster
var cluster = new Cluster(this, "SampleCluster", new ClusterProps
{
Vpc = vpc
});
var taskDef = new FargateTaskDefinition(this, "FargateTaskDefinition");
// Build container image from local assets
var containerOptions = new ContainerDefinitionOptions
{
Image = ContainerImage.FromAsset("webapp")
};
var portMapping = new PortMapping()
{
ContainerPort = 80,
HostPort = 80
};
taskDef
.AddContainer("Container", containerOptions)
.AddPortMappings(portMapping);
// Create Fargate Service behind Application Load Balancer
new ApplicationLoadBalancedFargateService(this, "DotnetFargateSampleApp", new ApplicationLoadBalancedFargateServiceProps()
{
Cluster = cluster,
MemoryLimitMiB = 512,
Cpu = 256,
TaskDefinition = taskDef
});
}
public ContainersStack(Construct parent, string id, IStackProps props) : base(parent, id, props)
{
// The code that defines your stack goes here
var vpc = new Vpc(this, "VPC");
var cluster = new Cluster(this, "Cluster", new ClusterProps
{
Vpc = vpc
});
var taskDef = new FargateTaskDefinition(this, "FargateTaskDefinition");
var rootDirectory = Directory.GetCurrentDirectory();
var path = Path.GetFullPath(Path.Combine(rootDirectory, @"dotnetapp/"));
var containerOptions = new ContainerDefinitionOptions
{
Image = ContainerImage.FromAsset("dotnetapp")
};
var portMapping = new PortMapping()
{
ContainerPort = 80,
HostPort = 80
};
taskDef.AddContainer("Container", containerOptions).AddPortMappings(portMapping);
var serviceProps = new ApplicationLoadBalancedFargateServiceProps()
{
MemoryLimitMiB = 512,
Cpu = 256,
TaskDefinition = taskDef
};
ApplicationLoadBalancedFargateService service = new ApplicationLoadBalancedFargateService(this, "DotnetFargateApp", serviceProps);
}
internal Example3Stack(Construct scope, string id, IStackProps props = null) : base(scope, id, props)
{
var vpcStack = new VpcStack(this, "someTestVpc");
var cluster = new Cluster(this, "WhatDayOfWeekCluster", new ClusterProps
{
Vpc = vpcStack.Vpc
});
var taskDef = new FargateTaskDefinition(this, "WhatDayOfWeekTaskDefinition");
var rootDirectory = Directory.GetCurrentDirectory();
var path = Path.GetFullPath(Path.Combine(rootDirectory, @"App/WhatDayOfWeek"));
var containerOptions = new ContainerDefinitionOptions
{
Image = ContainerImage.FromAsset("App/WhatDayOfWeek")
};
var portMapping = new PortMapping()
{
ContainerPort = 80,
HostPort = 80
};
taskDef.AddContainer("WhatDayOfWeekContainer", containerOptions).AddPortMappings(portMapping);
var serviceProps = new ApplicationLoadBalancedFargateServiceProps()
{
MemoryLimitMiB = 512,
Cpu = 256,
TaskDefinition = taskDef
};
ApplicationLoadBalancedFargateService service = new ApplicationLoadBalancedFargateService(this, "WhatDayOfWeekApp", serviceProps);
}
private void ConfigureECSClusterAndService(IRecipeProps <Configuration> recipeConfiguration)
{
if (AppVpc == null)
{
throw new InvalidOperationException($"{nameof(AppVpc)} has not been set. The {nameof(ConfigureVpc)} method should be called before {nameof(ConfigureECSClusterAndService)}");
}
var settings = recipeConfiguration.Settings;
if (settings.ECSCluster.CreateNew)
{
EcsCluster = new Cluster(this, nameof(EcsCluster), InvokeCustomizeCDKPropsEvent(nameof(EcsCluster), this, new ClusterProps
{
Vpc = AppVpc,
ClusterName = settings.ECSCluster.NewClusterName
}));
}
else
{
EcsCluster = Cluster.FromClusterAttributes(this, nameof(EcsCluster), InvokeCustomizeCDKPropsEvent(nameof(EcsCluster), this, new ClusterAttributes
{
ClusterArn = settings.ECSCluster.ClusterArn,
ClusterName = ECSFargateUtilities.GetClusterNameFromArn(settings.ECSCluster.ClusterArn),
SecurityGroups = new ISecurityGroup[0],
Vpc = AppVpc
}));
}
AppTaskDefinition = new FargateTaskDefinition(this, nameof(AppTaskDefinition), InvokeCustomizeCDKPropsEvent(nameof(AppTaskDefinition), this, new FargateTaskDefinitionProps
{
TaskRole = AppIAMTaskRole,
Cpu = settings.TaskCpu,
MemoryLimitMiB = settings.TaskMemory
}));
AppLogging = new AwsLogDriver(InvokeCustomizeCDKPropsEvent(nameof(AppLogging), this, new AwsLogDriverProps
{
StreamPrefix = recipeConfiguration.StackName
}));
if (string.IsNullOrEmpty(recipeConfiguration.ECRRepositoryName))
{
throw new InvalidOrMissingConfigurationException("The provided ECR Repository Name is null or empty.");
}
EcrRepository = Repository.FromRepositoryName(this, nameof(EcrRepository), recipeConfiguration.ECRRepositoryName);
AppContainerDefinition = AppTaskDefinition.AddContainer(nameof(AppContainerDefinition), InvokeCustomizeCDKPropsEvent(nameof(AppContainerDefinition), this, new ContainerDefinitionOptions
{
Image = ContainerImage.FromEcrRepository(EcrRepository, recipeConfiguration.ECRImageTag),
Logging = AppLogging
}));
AppContainerDefinition.AddPortMappings(new PortMapping
{
ContainerPort = 80,
Protocol = Amazon.CDK.AWS.ECS.Protocol.TCP
});
WebAccessSecurityGroup = new SecurityGroup(this, nameof(WebAccessSecurityGroup), InvokeCustomizeCDKPropsEvent(nameof(WebAccessSecurityGroup), this, new SecurityGroupProps
{
Vpc = AppVpc,
SecurityGroupName = $"{recipeConfiguration.StackName}-ECSService"
}));
EcsServiceSecurityGroups = new List <ISecurityGroup>();
EcsServiceSecurityGroups.Add(WebAccessSecurityGroup);
if (!string.IsNullOrEmpty(settings.AdditionalECSServiceSecurityGroups))
{
var count = 1;
foreach (var securityGroupId in settings.AdditionalECSServiceSecurityGroups.Split(','))
{
EcsServiceSecurityGroups.Add(SecurityGroup.FromSecurityGroupId(this, $"AdditionalGroup-{count++}", securityGroupId.Trim(), new SecurityGroupImportOptions
{
Mutable = false
}));
}
}
AppFargateService = new FargateService(this, nameof(AppFargateService), InvokeCustomizeCDKPropsEvent(nameof(AppFargateService), this, new FargateServiceProps
{
Cluster = EcsCluster,
TaskDefinition = AppTaskDefinition,
DesiredCount = settings.DesiredCount,
ServiceName = settings.ECSServiceName,
AssignPublicIp = settings.Vpc.IsDefault,
SecurityGroups = EcsServiceSecurityGroups.ToArray()
}));
}
internal StepFunctionDemoStack(Construct scope, string id, IStackProps props = null) : base(scope, id, props)
{
Bucket stepFunctionDemoBucket = new Bucket(this, "StepFunctionDemoBucket", new BucketProps
{
Encryption = BucketEncryption.S3_MANAGED,
RemovalPolicy = RemovalPolicy.RETAIN
});
Table stepFunctionDemoTable = new Table(this, "StepFunctionDemoTable", new TableProps {
BillingMode = BillingMode.PROVISIONED,
PartitionKey = new Amazon.CDK.AWS.DynamoDB.Attribute
{
Name = "Id",
Type = AttributeType.STRING
},
RemovalPolicy = RemovalPolicy.DESTROY
});
//Step Function invoking Lambda function
Function invokeOddEvenStepFunction = new Function(this, "InvokeOddEvenStepFunction", new FunctionProps
{
Runtime = Runtime.DOTNET_CORE_3_1,
Code = Code.FromAsset("src/Demo.Services.Lambda/bin/Release/netcoreapp3.1/Demo.Services.Lambda.zip"),
Handler = "Demo.Services.Lambda::Demo.Services.Lambda.Functions::InvokeOddEvenStepFunction",
Timeout = Duration.Minutes(5),
MemorySize = 512,
Description = "Lambda Function that invokes the Demo Step Function",
});
//Function to calculate Odd or Even
Function oddOrEvenFunction = new Function(this, "OddOrEvenFunction", new FunctionProps
{
Runtime = Runtime.DOTNET_CORE_3_1,
Code = Code.FromAsset("src/Demo.Services.Lambda/bin/Release/netcoreapp3.1/Demo.Services.Lambda.zip"),
Handler = "Demo.Services.Lambda::Demo.Services.Lambda.Functions::OddOrEvenFunction",
Timeout = Duration.Minutes(5),
MemorySize = 512,
Description = "Lambda Function that calculates odd or even",
});
//Demo Lambda to perform Process 1
Function process1Function = new Function(this, "Process1Function", new FunctionProps
{
Runtime = Runtime.DOTNET_CORE_3_1,
Code = Code.FromAsset("src/Demo.Services.Lambda/bin/Release/netcoreapp3.1/Demo.Services.Lambda.zip"),
Handler = "Demo.Services.Lambda::Demo.Services.Lambda.Functions::Process1Function",
Timeout = Duration.Minutes(5),
MemorySize = 512,
Description = "Demo Lambda Function that runs process1",
});
Function processAFunction = new Function(this, "ProcessAFunction", new FunctionProps
{
Runtime = Runtime.DOTNET_CORE_3_1,
Code = Code.FromAsset("src/Demo.Services.Lambda/bin/Release/netcoreapp3.1/Demo.Services.Lambda.zip"),
Handler = "Demo.Services.Lambda::Demo.Services.Lambda.Functions::Process1Function",
Timeout = Duration.Minutes(5),
MemorySize = 512,
Description = "Demo Lambda Function that runs process1",
});
//Demo Lambda to perform Process 2
Function process2Function = new Function(this, "Process2Function", new FunctionProps
{
Runtime = Runtime.DOTNET_CORE_3_1,
Code = Code.FromAsset("src/Demo.Services.Lambda/bin/Release/netcoreapp3.1/Demo.Services.Lambda.zip"),
Handler = "Demo.Services.Lambda::Demo.Services.Lambda.Functions::Process2Function",
Timeout = Duration.Minutes(5),
MemorySize = 512,
Description = "Demo Lambda Function that runs process2",
});
//Demo Lambda to perform Process 1
Function process11Function = new Function(this, "Process11Function", new FunctionProps
{
Runtime = Runtime.DOTNET_CORE_3_1,
Code = Code.FromAsset("src/Demo.Services.Lambda/bin/Release/netcoreapp3.1/Demo.Services.Lambda.zip"),
Handler = "Demo.Services.Lambda::Demo.Services.Lambda.Functions::Process11Function",
Timeout = Duration.Minutes(5),
MemorySize = 512,
Description = "Demo Lambda Function that runs job process1",
});
//Demo Lambda to perform Process 2
Function process12Function = new Function(this, "Process12Function", new FunctionProps
{
Runtime = Runtime.DOTNET_CORE_3_1,
Code = Code.FromAsset("src/Demo.Services.Lambda/bin/Release/netcoreapp3.1/Demo.Services.Lambda.zip"),
Handler = "Demo.Services.Lambda::Demo.Services.Lambda.Functions::Process12Function",
Timeout = Duration.Minutes(5),
MemorySize = 512,
Description = "Demo Lambda Function that runs job process2",
});
Function taskTokenExecutorFunction = new Function(this, "TaskTokenExecutorFunction", new FunctionProps
{
Runtime = Runtime.DOTNET_CORE_3_1,
Code = Code.FromAsset("src/Demo.Services.Lambda/bin/Release/netcoreapp3.1/Demo.Services.Lambda.zip"),
Handler = "Demo.Services.Lambda::Demo.Services.Lambda.Functions::TaskTokenExecutor",
Timeout = Duration.Minutes(5),
MemorySize = 512,
Description = "Demo Lambda Function that executes Task Token Step",
Environment = new Dictionary <string, string>()
{
["STEP_FUNCTION_DEMO_BUCKET"] = stepFunctionDemoBucket.BucketName
}
});
stepFunctionDemoBucket.GrantReadWrite(taskTokenExecutorFunction);
var oddEvenFunction = new Task(this, "OddEvenFunction", new TaskProps
{
Task = new InvokeFunction(oddOrEvenFunction.LatestVersion)
});
var process1 = new Task(this, "Process1", new TaskProps
{
Task = new InvokeFunction(process1Function.LatestVersion)
});
var processA = new Task(this, "ProcessA", new TaskProps
{
Task = new InvokeFunction(processAFunction.LatestVersion)
});
var process2 = new Task(this, "Process2", new TaskProps
{
Task = new InvokeFunction(process2Function.LatestVersion)
});
var process11 = new Task(this, "Process11", new TaskProps
{
Task = new InvokeFunction(process11Function.LatestVersion),
ResultPath = "$.Resolved"
});
var process12 = new Task(this, "Process12", new TaskProps
{
Task = new InvokeFunction(process12Function.LatestVersion)
});
var taskTokenExecutor = new Task(this, "TaskTokenExecutor", new TaskProps
{
Task = new RunLambdaTask(taskTokenExecutorFunction.LatestVersion, new RunLambdaTaskProps()
{
IntegrationPattern = ServiceIntegrationPattern.WAIT_FOR_TASK_TOKEN,
Payload = TaskInput.FromContextAt("$$.Task.Token")
}),
Parameters = new Dictionary <string, object>
{
["Payload"] = new Dictionary <string, object>
{
["TaskToken.$"] = "$$.Task.Token",
["State.$"] = "$"
}
}
});
//Choice to go to Process 1 or Process 2 based on input number is odd or even.
var isEven = new Choice(this, "Is the number Even?");
var isResolvedOrOverriden = new Choice(this, "Is Resolved Or Overriden?");
//var chain1 = Chain.Start(oddEvenFunction)
// .Next(isEven
// .When(
// Condition.StringEquals("$.Result", "Even"),
// Chain.Start(process1)
// .Next(process11)
// .Next(isResolvedOrOverriden
// .When(
// Condition.Or(
// new[]
// {
// Condition.BooleanEquals("$.Resolved", true),
// Condition.BooleanEquals("$.Override", true)
// }), process12)
// .Otherwise(process2)))
// .When(Condition.StringEquals("$.Result", "Odd"), process2));
var chain1 = Chain.Start(oddEvenFunction)
.Next(isEven
.When(
Condition.StringEquals("$.Result", "Even"),
Chain.Start(process1)
.Next(taskTokenExecutor)
.Next(isResolvedOrOverriden
.When(
Condition.Or(
new[]
{
Condition.BooleanEquals("$.Resolved", true),
Condition.BooleanEquals("$.Override", true)
}), process12)
.Otherwise(process2)))
.When(Condition.StringEquals("$.Result", "Odd"), process2));
//State Machine
var stateMachine = new StateMachine(this, "JobDemoStateMachine", new StateMachineProps
{
StateMachineName = "JobDemoStateMachine",
Timeout = Duration.Minutes(5),
Definition = chain1
});
stateMachine.Role?.AddManagedPolicy(ManagedPolicy.FromManagedPolicyArn(this, "DynamoDBFullAccessForStepFunction", "arn:aws:iam::aws:policy/AmazonDynamoDBFullAccess"));
stateMachine.Role?.AddManagedPolicy(ManagedPolicy.FromManagedPolicyArn(this, "LambdaFullAccessForStepFunction", "arn:aws:iam::aws:policy/AWSLambdaFullAccess"));
var demofargateTask1 = new FargateTaskDefinition(this,
"demoECSTask1Definition", new FargateTaskDefinitionProps
{
MemoryLimitMiB = 4096,
Cpu = 2048
});
var demofargateTask2 = new FargateTaskDefinition(this,
"demoECSTask2Definition", new FargateTaskDefinitionProps
{
MemoryLimitMiB = 4096,
Cpu = 2048
});
stepFunctionDemoBucket.GrantReadWrite(demofargateTask2.TaskRole);
IVpc publicVpc = Vpc.FromLookup(this, "PublicVPC", new VpcLookupOptions
{
Tags = new Dictionary <string, string>
{
["Paces:VpcType"] = "Public"
}
});
var cluster = Cluster.FromClusterAttributes(this, "PublicCluster", new ClusterAttributes
{
ClusterName = "OHC-PACES",
Vpc = publicVpc,
SecurityGroups = new[]
{ SecurityGroup.FromSecurityGroupId(this, "SecurityGroup", "sg-0a1bab8166d8fb715") }
});
var container1 = demofargateTask1.AddContainer("app", new ContainerDefinitionOptions
{
Image = ContainerImage.FromAsset(".", new AssetImageProps
{
File = "Dockerfile"
}),
Logging = LogDriver.AwsLogs(new AwsLogDriverProps
{
LogGroup = new LogGroup(this, "demoECSTask1LogGroup", new LogGroupProps
{
LogGroupName = "/ecs/demoECSTask1-" + RandomString.Generate(10, StackId),
}),
StreamPrefix = "logs"
}),
});
var container2 = demofargateTask2.AddContainer("app", new ContainerDefinitionOptions
{
Image = ContainerImage.FromAsset(".", new AssetImageProps
{
File = "Dockerfile.1"
}),
Environment = new Dictionary <string, string>
{
["STEP_FUNCTION_DEMO_BUCKET"] = stepFunctionDemoBucket.BucketName
},
Logging = LogDriver.AwsLogs(new AwsLogDriverProps
{
LogGroup = new LogGroup(this, "demoECSTask2LogGroup", new LogGroupProps
{
LogGroupName = $"/ecs/demoECSTask2-{RandomString.Generate(10, StackId)}",
}),
StreamPrefix = "logs"
})
});
Rule rule = new Rule(this, "DemoJobRule", new RuleProps
{
Schedule = Schedule.Cron(new CronOptions
{
Day = "*",
Hour = "*",
Minute = "1",
Month = "*",
Year = "*"
}),
Description = "Runs demo job fargate task",
Targets = new IRuleTarget[]
{
new EcsTask(
new EcsTaskProps
{
Cluster = cluster,
TaskDefinition = demofargateTask2,
SubnetSelection = new SubnetSelection
{
OnePerAz = true
}
})
}
});
//var ecsTask1 = new Task(this, "ecsTask1", new TaskProps
//{
// InputPath = "$",
// Task = new CustomTask(new RunEcsFargateTaskProps
// {
// Cluster = Cluster.FromClusterAttributes(this, "PublicCluster", new ClusterAttributes
// {
// ClusterName = "OHC-PACES",
// Vpc = publicVpc,
// SecurityGroups = new[] { SecurityGroup.FromSecurityGroupId(this, "SecurityGroup", "sg-0a1bab8166d8fb715") }
// }),
// TaskDefinition = fargateTask1,
// ContainerOverrides = new[]
// {
// new ContainerOverride
// {
// ContainerDefinition = container,
// Command = new []{"$.Data"}
// },
// }
// })
//});
var ecsTask1 = new Task(this, "EcsTask1", new TaskProps
{
InputPath = "$",
Task = new RunEcsFargateTask(new RunEcsFargateTaskProps
{
Cluster = cluster,
TaskDefinition = demofargateTask1,
//ContainerOverrides = new[]
//{
// new ContainerOverride
// {
// ContainerDefinition = container,
//
// },
//}
}),
Parameters = new Dictionary <string, object>
{
["Overrides"] = new Dictionary <string, object>
{
["ContainerOverrides"] = new Dictionary <string, string>[]
{
new Dictionary <string, string> {
["Name"] = "app",
["Command.$"] = "$.ECSPayload"
}
}
}
}
});
var chain2 = Chain.Start(processA).Next(ecsTask1);
var stateMachineWithTask = new StateMachine(this, "JobDemoStateMachine-1", new StateMachineProps
{
StateMachineName = "JobDemoStateMachine-1",
Timeout = Duration.Minutes(15),
Definition = chain2,
Role = Role.FromRoleArn(this, "StateMachineWithTaskRole",
"arn:aws:iam::342600918501:role/service-role/PacesEdi274DefaultStateMachineRole")
});
//All Policies
// 1. Invoke function policies
invokeOddEvenStepFunction.Role?.AddManagedPolicy(ManagedPolicy.FromManagedPolicyArn(this, "InvokeLambdaPolicy", "arn:aws:iam::aws:policy/AWSLambdaFullAccess"));
var policyStatement = new PolicyStatement
{
Sid = "CanInvokeStepFunctions",
Effect = Effect.ALLOW
};
policyStatement.AddActions(new[] { "states:StartExecution" });
invokeOddEvenStepFunction.AddToRolePolicy(policyStatement);
policyStatement.AddResources(stateMachine.StateMachineArn);
invokeOddEvenStepFunction.AddEnvironment(Functions.StateMachineArnKey, stateMachine.StateMachineArn);
process12Function.AddEnvironment(Functions.StepFunctionDemoBucketKey, stepFunctionDemoBucket.BucketName);
stepFunctionDemoBucket.GrantReadWrite(process12Function);
var policyStatementDemofargateTask2 = new PolicyStatement
{
Sid = "CanNotifyStepFunction",
Effect = Effect.ALLOW
};
policyStatementDemofargateTask2.AddActions(new[] { "states:SendTask*" });
demofargateTask2.AddToExecutionRolePolicy(policyStatementDemofargateTask2);
demofargateTask2.AddToTaskRolePolicy(policyStatementDemofargateTask2);
policyStatementDemofargateTask2.AddAllResources();
}
internal AppStack(Construct scope, RecipeConfiguration <Configuration> recipeConfiguration, IStackProps props = null)
: base(scope, recipeConfiguration.StackName, props)
{
var settings = recipeConfiguration.Settings;
IVpc vpc;
if (settings.Vpc.IsDefault)
{
vpc = Vpc.FromLookup(this, "Vpc", new VpcLookupOptions
{
IsDefault = true
});
}
else if (settings.Vpc.CreateNew)
{
vpc = new Vpc(this, "Vpc", new VpcProps
{
MaxAzs = 2
});
}
else
{
vpc = Vpc.FromLookup(this, "Vpc", new VpcLookupOptions
{
VpcId = settings.Vpc.VpcId
});
}
ICluster cluster;
if (settings.ECSCluster.CreateNew)
{
cluster = new Cluster(this, "Cluster", new ClusterProps
{
Vpc = vpc,
ClusterName = settings.ECSCluster.NewClusterName
});
}
else
{
cluster = Cluster.FromClusterAttributes(this, "Cluster", new ClusterAttributes
{
ClusterArn = settings.ECSCluster.ClusterArn,
ClusterName = ECSFargateUtilities.GetClusterNameFromArn(settings.ECSCluster.ClusterArn),
SecurityGroups = new ISecurityGroup[0],
Vpc = vpc
});
}
IRole taskRole;
if (settings.ApplicationIAMRole.CreateNew)
{
taskRole = new Role(this, "TaskRole", new RoleProps
{
AssumedBy = new ServicePrincipal("ecs-tasks.amazonaws.com")
});
}
else
{
taskRole = Role.FromRoleArn(this, "TaskRole", settings.ApplicationIAMRole.RoleArn, new FromRoleArnOptions {
Mutable = false
});
}
var taskDefinition = new FargateTaskDefinition(this, "TaskDefinition", new FargateTaskDefinitionProps
{
TaskRole = taskRole,
Cpu = settings.TaskCpu,
MemoryLimitMiB = settings.TaskMemory
});
var logging = new AwsLogDriver(new AwsLogDriverProps
{
StreamPrefix = recipeConfiguration.StackName
});
var ecrRepository = Repository.FromRepositoryName(this, "ECRRepository", recipeConfiguration.ECRRepositoryName);
taskDefinition.AddContainer("Container", new ContainerDefinitionOptions
{
Image = ContainerImage.FromEcrRepository(ecrRepository, recipeConfiguration.ECRImageTag),
Logging = logging
});
SubnetSelection subnetSelection = null;
if (settings.Vpc.IsDefault)
{
subnetSelection = new SubnetSelection
{
SubnetType = SubnetType.PUBLIC
};
}
new ScheduledFargateTask(this, "FargateService", new ScheduledFargateTaskProps
{
Cluster = cluster,
Schedule = Schedule.Expression(settings.Schedule),
Vpc = vpc,
ScheduledFargateTaskDefinitionOptions = new ScheduledFargateTaskDefinitionOptions
{
TaskDefinition = taskDefinition
},
SubnetSelection = subnetSelection
});
}
internal CdkStack(Construct scope, string id, IStackProps props = null) : base(scope, id, props)
{
// The code that defines your stack goes here
var vpc = new Vpc(this, "api-vpc", new VpcProps
{
MaxAzs = 3 // Default is all AZs in region
});
//https://garbe.io/blog/2019/09/20/hey-cdk-how-to-use-existing-resources/
// const vpc = Vpc.fromLookup(this, 'MyExistingVPC', { isDefault: true });
// new cdk.CfnOutput(this, "MyVpc", {value: vpc.vpcId });
var cluster = new Cluster(this, "api-ecs-cluster", new ClusterProps
{
Vpc = vpc
});
var task = new FargateTaskDefinition(this, "api-fargate-task", new FargateTaskDefinitionProps()
{
Cpu = 256,
MemoryLimitMiB = 512
});
var logGroup = new LogGroup(this, "loggroup-containers", new LogGroupProps()
{
Retention = RetentionDays.ONE_MONTH
});
var nginxContainer = new ContainerDefinition(this, "container-nginx", new ContainerDefinitionProps()
{
TaskDefinition = task,
Image = ContainerImage.FromAsset("../Api/Nginx", new AssetImageProps()
{
File = "Nginx.Dockerfile"
}),
PortMappings = new[]
{
new PortMapping()
{
HostPort = 80, ContainerPort = 80, Protocol = Protocol.TCP
}
},
Essential = true,
Environment = new Dictionary <string, string>()
{
{ "API_HOST", "127.0.0.1" }
},
Logging = new AwsLogDriver(new AwsLogDriverProps()
{
LogGroup = logGroup,
StreamPrefix = "nginx"
})
});
var apiContainer = new ContainerDefinition(this, "container-api", new ContainerDefinitionProps()
{
TaskDefinition = task,
Image = ContainerImage.FromAsset("../Api/Api", new AssetImageProps()
{
File = "Api.Dockerfile"
}),
PortMappings = new[]
{
new PortMapping()
{
HostPort = 5000, ContainerPort = 5000, Protocol = Protocol.TCP
}
},
Essential = true,
Logging = new AwsLogDriver(new AwsLogDriverProps()
{
LogGroup = logGroup,
StreamPrefix = "api"
})
});
// Create a load-balanced Fargate service and make it public
new ApplicationLoadBalancedFargateService(this, "api-fargate-loadbalancer",
new ApplicationLoadBalancedFargateServiceProps
{
Cluster = cluster, // Required
// DesiredCount = 6, // Default is 1
// TaskDefinition or TaskImageOptions must be specified, but not both.
TaskDefinition = task,
// MemoryLimitMiB = 2048, // Default is 256
PublicLoadBalancer = true // Default is false
}
);
}
internal AppStack(Construct scope, RecipeConfiguration <Configuration> recipeConfiguration, IStackProps props = null)
: base(scope, recipeConfiguration.StackName, props)
{
var settings = recipeConfiguration.Settings;
IVpc vpc;
if (settings.Vpc.IsDefault)
{
vpc = Vpc.FromLookup(this, "Vpc", new VpcLookupOptions
{
IsDefault = true
});
}
else if (settings.Vpc.CreateNew)
{
vpc = new Vpc(this, "Vpc", new VpcProps
{
MaxAzs = 2
});
}
else
{
vpc = Vpc.FromLookup(this, "Vpc", new VpcLookupOptions
{
VpcId = settings.Vpc.VpcId
});
}
ICluster cluster;
if (settings.ECSCluster.CreateNew)
{
cluster = new Cluster(this, "Cluster", new ClusterProps
{
Vpc = vpc,
ClusterName = settings.ECSCluster.NewClusterName
});
}
else
{
cluster = Cluster.FromClusterAttributes(this, "Cluster", new ClusterAttributes
{
ClusterArn = settings.ECSCluster.ClusterArn,
ClusterName = ECSFargateUtilities.GetClusterNameFromArn(settings.ECSCluster.ClusterArn),
SecurityGroups = new ISecurityGroup[0],
Vpc = vpc
});
}
IRole taskRole;
if (settings.ApplicationIAMRole.CreateNew)
{
taskRole = new Role(this, "TaskRole", new RoleProps
{
AssumedBy = new ServicePrincipal("ecs-tasks.amazonaws.com")
});
}
else
{
taskRole = Role.FromRoleArn(this, "TaskRole", settings.ApplicationIAMRole.RoleArn, new FromRoleArnOptions {
Mutable = false
});
}
var taskDefinition = new FargateTaskDefinition(this, "TaskDefinition", new FargateTaskDefinitionProps
{
TaskRole = taskRole,
Cpu = settings.TaskCpu,
MemoryLimitMiB = settings.TaskMemory
});
var ecrRepository = Repository.FromRepositoryName(this, "ECRRepository", recipeConfiguration.ECRRepositoryName);
var container = taskDefinition.AddContainer("Container", new ContainerDefinitionOptions
{
Image = ContainerImage.FromEcrRepository(ecrRepository, recipeConfiguration.ECRImageTag)
});
container.AddPortMappings(new PortMapping
{
ContainerPort = 80,
Protocol = Protocol.TCP
});
var ecsLoadBalancerAccessSecurityGroup = new SecurityGroup(this, "WebAccessSecurityGroup", new SecurityGroupProps
{
Vpc = vpc,
SecurityGroupName = $"{recipeConfiguration.StackName}-ECSService"
});
var ecsServiceSecurityGroups = new List <ISecurityGroup>();
ecsServiceSecurityGroups.Add(ecsLoadBalancerAccessSecurityGroup);
if (!string.IsNullOrEmpty(settings.AdditionalECSServiceSecurityGroups))
{
var count = 1;
foreach (var securityGroupId in settings.AdditionalECSServiceSecurityGroups.Split(','))
{
ecsServiceSecurityGroups.Add(SecurityGroup.FromSecurityGroupId(this, $"AdditionalGroup-{count++}", securityGroupId.Trim(), new SecurityGroupImportOptions
{
Mutable = false
}));
}
}
new ApplicationLoadBalancedFargateService(this, "FargateService", new ApplicationLoadBalancedFargateServiceProps
{
Cluster = cluster,
TaskDefinition = taskDefinition,
DesiredCount = settings.DesiredCount,
ServiceName = settings.ECSServiceName,
AssignPublicIp = settings.Vpc.IsDefault,
SecurityGroups = ecsServiceSecurityGroups.ToArray()
});
}
public DevStack(Construct parent, string id, IStackProps props) : base(parent, id, props)
{
var cluster = new Cluster(this, "AppCluster", new ClusterProps
{
Vpc = Vpc.FromLookup(this, "DefaultVpc", new VpcLookupOptions()
{
IsDefault = true
}),
});
FargateTaskDefinition taskDef = new FargateTaskDefinition(this, "DevStackTaskDef", new FargateTaskDefinitionProps()
{
});
var mysqlContainer = taskDef.AddContainer("mysql", new ContainerDefinitionProps()
{
Image = ContainerImage.FromAsset(DockerFolderBuilder.GetBuildFolder(), new AssetImageProps()
{
File = Path.Combine("LocalStack", "Dockerfile.mysql")
})
});
mysqlContainer.AddPortMappings(new PortMapping()
{
HostPort = 3306,
ContainerPort = 3306,
Protocol = Amazon.CDK.AWS.ECS.Protocol.TCP
});
var mongoContainer = taskDef.AddContainer("mongodb", new ContainerDefinitionProps()
{
Image = ContainerImage.FromAsset(DockerFolderBuilder.GetBuildFolder(), new AssetImageProps()
{
File = Path.Combine("LocalStack", "Dockerfile.mongo")
})
});
mongoContainer.AddPortMappings(new PortMapping()
{
HostPort = 27017,
ContainerPort = 27017,
Protocol = Amazon.CDK.AWS.ECS.Protocol.TCP
});
var localStackContainer = taskDef.AddContainer("localstack", new ContainerDefinitionProps()
{
Image = ContainerImage.FromAsset(DockerFolderBuilder.GetBuildFolder(), new AssetImageProps()
{
File = Path.Combine("LocalStack", "Dockerfile.localstack")
})
});
localStackContainer.AddPortMappings(new PortMapping()
{
HostPort = 4572,
ContainerPort = 4572,
Protocol = Amazon.CDK.AWS.ECS.Protocol.TCP
});
localStackContainer.AddPortMappings(new PortMapping()
{
HostPort = 4576,
ContainerPort = 4576,
Protocol = Amazon.CDK.AWS.ECS.Protocol.TCP
});
localStackContainer.AddPortMappings(new PortMapping()
{
HostPort = 4584,
ContainerPort = 4584,
Protocol = Amazon.CDK.AWS.ECS.Protocol.TCP
});
var schemabuilder = taskDef.AddContainer("schemaBuilder", new ContainerDefinitionProps()
{
Image = ContainerImage.FromAsset(DockerFolderBuilder.GetBuildFolder(), new AssetImageProps()
{
File = Path.Combine("LocalStack", "Dockerfile")
})
});
schemabuilder.AddContainerDependencies(new ContainerDependency[] {
new ContainerDependency()
{
Container = mysqlContainer,
Condition = ContainerDependencyCondition.START
},
new ContainerDependency()
{
Container = mongoContainer,
Condition = ContainerDependencyCondition.START
},
new ContainerDependency()
{
Container = localStackContainer,
Condition = ContainerDependencyCondition.START
}
});
// Create a load-balanced Fargate service and make it public
new ApplicationLoadBalancedFargateService(this, "DevStackService",
new ApplicationLoadBalancedFargateServiceProps
{
Cluster = cluster, // Required
DesiredCount = 1,
TaskDefinition = taskDef,
MemoryLimitMiB = 2048, // Default is 256
PublicLoadBalancer = true, // Default is false
AssignPublicIp = true
}
);
}
public ApiStack(Construct parent, string id, IApiStackProps props) : base(parent, id, props)
{
var cluster = new Cluster(
this,
"Example",
new ClusterProps
{
Vpc = props.Vpc,
});
var logging = new AwsLogDriver(new AwsLogDriverProps
{
StreamPrefix = "Example",
});
var taskDef = new FargateTaskDefinition(
this,
"Task",
new FargateTaskDefinitionProps
{
MemoryLimitMiB = 512,
Cpu = 256,
});
var repo = Repository.FromRepositoryName(
this,
"EcrRepository",
props.Repository.RepositoryName);
var imageTag = new CfnParameter(
this,
props.ApiImageTag,
new CfnParameterProps
{
Default = "latest",
});
var container = new ContainerDefinition(
this,
"ApiContainer",
new ContainerDefinitionProps
{
TaskDefinition = taskDef,
Image = ContainerImage.FromEcrRepository(repo, imageTag.ValueAsString),
Logging = logging,
});
container.AddPortMappings(new PortMapping
{
ContainerPort = 80,
HostPort = 80,
Protocol = Amazon.CDK.AWS.ECS.Protocol.TCP,
});
var loadBalancer = new ApplicationLoadBalancer(
this,
"LoadBalancer",
new ApplicationLoadBalancerProps
{
Vpc = props.Vpc,
Http2Enabled = false,
IdleTimeout = Duration.Seconds(5),
InternetFacing = true,
IpAddressType = IpAddressType.IPV4,
VpcSubnets = new SubnetSelection
{
Subnets = props.Vpc.PublicSubnets,
},
});
var ecsService = new ApplicationLoadBalancedFargateService(
this,
"Service",
new ApplicationLoadBalancedFargateServiceProps
{
Cluster = cluster,
TaskDefinition = taskDef,
AssignPublicIp = false,
PublicLoadBalancer = true,
LoadBalancer = loadBalancer,
});
PrintLoadBalancerDnsName(ecsService);
}
internal CreditoWebApiStack(Construct scope, string id, CustomStackProps props = null)
: base(scope, id, props)
{
var vpc = props.Vpc;
var creditoWebApiTargetGroup = new ApplicationTargetGroup(this, "CreditoWebApiTargetGroup",
new ApplicationTargetGroupProps
{
Protocol = ApplicationProtocol.HTTP,
Port = 80,
Vpc = vpc,
TargetType = TargetType.IP,
DeregistrationDelay = Duration.Seconds(60),
HealthCheck =
new Amazon.CDK.AWS.ElasticLoadBalancingV2.HealthCheck
{
Enabled = true,
Path = "/api/credito/_monitor/shallow",
Protocol = Amazon.CDK.AWS.ElasticLoadBalancingV2.Protocol.HTTP,
Port = "traffic-port",
UnhealthyThresholdCount = 2,
Interval = Duration.Seconds(60),
HealthyThresholdCount = 5,
Timeout = Duration.Seconds(5),
HealthyHttpCodes = "200"
}
});
var webApiServiceSecurityGroup = SecurityGroup.FromSecurityGroupId(this,
"WebApiServiceSecurityGroup",
Fn.ImportValue(Globals.GetDeployEnvironment(this).PutEnvNamePrefixWithDash("WebApiServiceSecurityGroupId")));
var appListener = ApplicationListener.FromApplicationListenerAttributes(this, "AppListener",
new ApplicationListenerAttributes
{
ListenerArn = Fn.ImportValue(Globals.GetDeployEnvironment(this).PutEnvNamePrefixWithDash("AppListenerArn")),
SecurityGroup = webApiServiceSecurityGroup
});
appListener.AddTargetGroups("CreditoWebApiTargetGroup",
new AddApplicationTargetGroupsProps
{
Conditions =
new ListenerCondition[]
{
ListenerCondition.PathPatterns(new string[] { "/api/credito*" })
},
Priority = 100,
TargetGroups = new ApplicationTargetGroup[] { creditoWebApiTargetGroup }
});
var creditoWebApiLogGroup = new LogGroup(this, "CreditoWebApiContainerLogGroup",
new LogGroupProps
{
LogGroupName = $"/ecs/{Globals.GetDeployEnvironment(this).EnvName}/credito/web-api",
Retention = RetentionDays.FIVE_DAYS,
RemovalPolicy = RemovalPolicy.SNAPSHOT
});
var creditoWebApiTaskDefinition = new FargateTaskDefinition(this, "CreditoWebApiTaskDefinition",
new FargateTaskDefinitionProps
{
MemoryLimitMiB = 512,
Cpu = 256
});
var creditoWebApiLogging = new AwsLogDriver(
new AwsLogDriverProps
{
StreamPrefix = "ecs",
LogGroup = creditoWebApiLogGroup
});
var creditoWebApiContainer = creditoWebApiTaskDefinition.AddContainer("CreditoWebApiContainer",
new ContainerDefinitionOptions
{
Image = ContainerImage.FromAsset(
Directory.GetCurrentDirectory(),
new AssetImageProps
{
File = "src/Credito.WebApi/Dockerfile"
}),
Logging = creditoWebApiLogging,
Environment =
new Dictionary <string, string>()
{
["CreditoDatabase__ConnectionString"] =
StringParameter.ValueFromLookup(
this,
$"/{Globals.GetDeployEnvironment(this).EnvName}/credito/web-api/db/connection-string"),
["CreditoDatabase__DatabaseName"] =
StringParameter.ValueFromLookup(
this,
$"/{Globals.GetDeployEnvironment(this).EnvName}/credito/web-api/db/database-name")
}
});
creditoWebApiContainer.AddPortMappings(
new PortMapping
{
ContainerPort = 80,
HostPort = 80,
Protocol = Amazon.CDK.AWS.ECS.Protocol.TCP
});
var cluster = Cluster.FromClusterAttributes(this, "Cluster",
new ClusterAttributes
{
ClusterName = Fn.ImportValue(Globals.GetDeployEnvironment(this).PutEnvNamePrefixWithDash("ClusterName")),
Vpc = vpc,
SecurityGroups = new SecurityGroup[] { }
});
var creditoWebApiService = new FargateService(this, "CreditoWebApiService",
new FargateServiceProps
{
Cluster = cluster,
TaskDefinition = creditoWebApiTaskDefinition,
DesiredCount = 1,
CircuitBreaker = new DeploymentCircuitBreaker {
Rollback = true
},
AssignPublicIp = false,
HealthCheckGracePeriod = Duration.Seconds(60),
SecurityGroups = new ISecurityGroup[] { webApiServiceSecurityGroup },
VpcSubnets = new SubnetSelection {
SubnetType = SubnetType.PRIVATE
}
});
creditoWebApiService.AttachToApplicationTargetGroup(creditoWebApiTargetGroup);
}
internal CdkStack(Construct scope, string id, IStackProps props = null) : base(scope, id, props)
{
var stackProps = ReportStackProps.ParseOrDefault(props);
var dframeWorkerLogGroup = "MagicOnionBenchWorkerLogGroup";
var dframeMasterLogGroup = "MagicOnionBenchMasterLogGroup";
var benchNetwork = stackProps.GetBenchNetwork();
var recreateMagicOnionTrigger = stackProps.GetBenchmarkServerBinariesHash();
// s3
var s3 = new Bucket(this, "Bucket", new BucketProps
{
AutoDeleteObjects = true,
RemovalPolicy = RemovalPolicy.DESTROY,
AccessControl = BucketAccessControl.PRIVATE,
});
var lifecycleRule = new LifecycleRule
{
Enabled = true,
Prefix = "reports/",
Expiration = Duration.Days(stackProps.DaysKeepReports),
AbortIncompleteMultipartUploadAfter = Duration.Days(1),
};
s3.AddLifecycleRule(lifecycleRule);
s3.AddToResourcePolicy(new PolicyStatement(new PolicyStatementProps
{
Sid = "AllowPublicRead",
Effect = Effect.ALLOW,
Principals = new[] { new AnyPrincipal() },
Actions = new[] { "s3:GetObject*" },
Resources = new[] { $"{s3.BucketArn}/html/*" },
}));
s3.AddToResourcePolicy(new PolicyStatement(new PolicyStatementProps
{
Sid = "AllowAwsAccountAccess",
Effect = Effect.ALLOW,
Principals = new[] { new AccountRootPrincipal() },
Actions = new[] { "s3:*" },
Resources = new[] { $"{s3.BucketArn}/*" },
}));
// s3 deploy
var masterDllDeployment = new BucketDeployment(this, "DeployMasterDll", new BucketDeploymentProps
{
DestinationBucket = s3,
Sources = new[] { Source.Asset(Path.Combine(Directory.GetCurrentDirectory(), $"out/linux/server")) },
DestinationKeyPrefix = $"assembly/linux/server"
});
var userdataDeployment = new BucketDeployment(this, "UserData", new BucketDeploymentProps
{
DestinationBucket = s3,
Sources = new[] { Source.Asset(Path.Combine(Directory.GetCurrentDirectory(), "userdata/")) },
DestinationKeyPrefix = "userdata/"
});
// docker deploy
var dockerImage = new DockerImageAsset(this, "dframeWorkerImage", new DockerImageAssetProps
{
Directory = Path.Combine(Directory.GetCurrentDirectory(), "app"),
File = "ConsoleAppEcs/Dockerfile.Ecs",
});
var dframeImage = ContainerImage.FromDockerImageAsset(dockerImage);
// network
var vpc = new Vpc(this, "Vpc", new VpcProps
{
MaxAzs = 2,
NatGateways = 0,
SubnetConfiguration = new[] { new SubnetConfiguration {
Name = "public", SubnetType = SubnetType.PUBLIC
} },
});
var allsubnets = new SubnetSelection {
Subnets = vpc.PublicSubnets
};
var singleSubnets = new SubnetSelection {
Subnets = new[] { vpc.PublicSubnets.First() }
};
var sg = new SecurityGroup(this, "MasterSg", new SecurityGroupProps
{
AllowAllOutbound = true,
Vpc = vpc,
});
foreach (var subnet in vpc.PublicSubnets)
{
sg.AddIngressRule(Peer.Ipv4(vpc.VpcCidrBlock), Port.AllTcp(), "VPC", true);
}
// service discovery
var serviceDiscoveryDomain = "local";
var serverMapName = "server";
var dframeMapName = "dframe-master";
var ns = new PrivateDnsNamespace(this, "Namespace", new PrivateDnsNamespaceProps
{
Vpc = vpc,
Name = serviceDiscoveryDomain,
});
var serviceDiscoveryServer = ns.CreateService("server", new DnsServiceProps
{
Name = serverMapName,
DnsRecordType = DnsRecordType.A,
RoutingPolicy = RoutingPolicy.MULTIVALUE,
});
// alb
var albDnsName = "benchmark-alb";
var benchToMagicOnionDnsName = benchNetwork.RequireAlb
? $"{benchNetwork.EndpointScheme}://{albDnsName}.{stackProps.AlbDomain.domain}"
: $"{benchNetwork.EndpointScheme}://{serverMapName}.{serviceDiscoveryDomain}";
IApplicationTargetGroup grpcTargetGroup = null;
IApplicationTargetGroup httpsTargetGroup = null;
if (benchNetwork.RequireAlb)
{
// route53
var hostedZone = HostedZone.FromHostedZoneAttributes(this, "HostedZone", new HostedZoneAttributes
{
HostedZoneId = stackProps.AlbDomain.zoneId,
ZoneName = stackProps.AlbDomain.domain,
});
// acm
var certificate = new DnsValidatedCertificate(this, "certificate", new DnsValidatedCertificateProps
{
DomainName = $"{albDnsName}.{hostedZone.ZoneName}",
HostedZone = hostedZone,
});
// alb
var lb = new ApplicationLoadBalancer(this, "LB", new ApplicationLoadBalancerProps
{
Vpc = vpc,
VpcSubnets = allsubnets,
SecurityGroup = new SecurityGroup(this, "AlbSg", new SecurityGroupProps
{
AllowAllOutbound = true,
Vpc = vpc,
}),
InternetFacing = false,
Http2Enabled = true,
});
grpcTargetGroup = AddGrpcTargetGroup(benchNetwork, vpc, certificate, lb);
httpsTargetGroup = AddHttpsTargetGroup(benchNetwork, vpc, certificate, lb);
// Dns Record
_ = new CnameRecord(this, "alb-alias-record", new CnameRecordProps
{
RecordName = $"{albDnsName}.{stackProps.AlbDomain.domain}",
Ttl = Duration.Seconds(60),
Zone = hostedZone,
DomainName = lb.LoadBalancerDnsName,
});
}
// iam
var iamEc2MagicOnionRole = GetIamEc2MagicOnionRole(s3, serviceDiscoveryServer);
var iamEcsTaskExecuteRole = GetIamEcsTaskExecuteRole(new[] { dframeWorkerLogGroup, dframeMasterLogGroup });
var iamDFrameTaskDefRole = GetIamEcsDframeTaskDefRole(s3);
var iamWorkerTaskDefRole = GetIamEcsWorkerTaskDefRole(s3);
// secrets
var ddToken = stackProps.UseEc2DatadogAgentProfiler || stackProps.UseFargateDatadogAgentProfiler
? Amazon.CDK.AWS.SecretsManager.Secret.FromSecretNameV2(this, "dd-token", "magiconion-benchmark-datadog-token")
: null;
// MagicOnion
var asg = new AutoScalingGroup(this, "MagicOnionAsg", new AutoScalingGroupProps
{
// Monitoring is default DETAILED.
SpotPrice = "1.0", // 0.0096 for spot price average for m3.medium
Vpc = vpc,
SecurityGroup = sg,
VpcSubnets = singleSubnets,
InstanceType = stackProps.MagicOnionInstanceType,
DesiredCapacity = 1,
MaxCapacity = 1,
MinCapacity = 0,
AssociatePublicIpAddress = true,
MachineImage = new AmazonLinuxImage(new AmazonLinuxImageProps
{
CpuType = AmazonLinuxCpuType.X86_64,
Generation = AmazonLinuxGeneration.AMAZON_LINUX_2,
Storage = AmazonLinuxStorage.GENERAL_PURPOSE,
Virtualization = AmazonLinuxVirt.HVM,
}),
AllowAllOutbound = true,
GroupMetrics = new[] { GroupMetrics.All() },
Role = iamEc2MagicOnionRole,
UpdatePolicy = UpdatePolicy.ReplacingUpdate(),
Signals = Signals.WaitForCount(1, new SignalsOptions
{
Timeout = Duration.Minutes(10),
}),
});
asg.AddSecretsReadGrant(ddToken, () => stackProps.UseEc2DatadogAgentProfiler);
var userdata = GetUserData(recreateMagicOnionTrigger, s3.BucketName, stackProps.BenchmarkBinaryNames, serviceDiscoveryServer.ServiceId, stackProps.UseEc2CloudWatchAgentProfiler, stackProps.UseEc2DatadogAgentProfiler);
asg.AddUserData(userdata);
asg.UserData.AddSignalOnExitCommand(asg);
asg.Node.AddDependency(masterDllDeployment);
asg.Node.AddDependency(userdataDeployment);
if (stackProps.EnableMagicOnionScaleInCron)
{
asg.ScaleOnSchedule("ScheduleOut", new BasicScheduledActionProps
{
DesiredCapacity = 1,
MaxCapacity = 1,
// AM9:00 (JST+9) on Monday to Wednesday
Schedule = Schedule.Expression("0 0 * 1-3 *"),
});
asg.ScaleOnSchedule("ScheduleIn", new BasicScheduledActionProps
{
DesiredCapacity = 0,
MaxCapacity = 0,
// PM9:00 (JST+9) on Everyday
Schedule = Schedule.Expression("0 12 * 1-7 *"),
});
}
if (benchNetwork.RequireAlb)
{
asg.AttachToApplicationTargetGroup(grpcTargetGroup);
asg.AttachToApplicationTargetGroup(httpsTargetGroup);
}
// ECS
var cluster = new Cluster(this, "WorkerCluster", new ClusterProps
{
Vpc = vpc,
});
cluster.Node.AddDependency(asg); // wait until asg is up
// dframe-worker
var dframeWorkerContainerName = "worker";
var dframeWorkerTaskDef = new FargateTaskDefinition(this, "DFrameWorkerTaskDef", new FargateTaskDefinitionProps
{
ExecutionRole = iamEcsTaskExecuteRole,
TaskRole = iamWorkerTaskDefRole,
Cpu = stackProps.WorkerFargate.CpuSize,
MemoryLimitMiB = stackProps.WorkerFargate.MemorySize,
});
dframeWorkerTaskDef.AddContainer(dframeWorkerContainerName, new ContainerDefinitionOptions
{
Image = dframeImage,
Command = new[] { "--worker-flag" },
Environment = new Dictionary <string, string>
{
{ "DFRAME_MASTER_CONNECT_TO_HOST", $"{dframeMapName}.{serviceDiscoveryDomain}" },
{ "DFRAME_MASTER_CONNECT_TO_PORT", "12345" },
{ "BENCH_SERVER_HOST", benchToMagicOnionDnsName },
{ "BENCH_REPORTID", stackProps.ReportId },
{ "BENCH_S3BUCKET", s3.BucketName },
},
Logging = LogDriver.AwsLogs(new AwsLogDriverProps
{
LogGroup = new LogGroup(this, "WorkerLogGroup", new LogGroupProps
{
LogGroupName = dframeWorkerLogGroup,
RemovalPolicy = RemovalPolicy.DESTROY,
Retention = RetentionDays.TWO_WEEKS,
}),
StreamPrefix = dframeWorkerLogGroup,
}),
});
dframeWorkerTaskDef.AddDatadogContainer($"{dframeWorkerContainerName}-datadog", ddToken, () => stackProps.UseFargateDatadogAgentProfiler);
var dframeWorkerService = new FargateService(this, "DFrameWorkerService", new FargateServiceProps
{
ServiceName = "DFrameWorkerService",
DesiredCount = 0,
Cluster = cluster,
TaskDefinition = dframeWorkerTaskDef,
VpcSubnets = singleSubnets,
SecurityGroups = new[] { sg },
PlatformVersion = FargatePlatformVersion.VERSION1_4,
MinHealthyPercent = 0,
AssignPublicIp = true,
});
// dframe-master
var dframeMasterTaskDef = new FargateTaskDefinition(this, "DFrameMasterTaskDef", new FargateTaskDefinitionProps
{
ExecutionRole = iamEcsTaskExecuteRole,
TaskRole = iamDFrameTaskDefRole,
Cpu = stackProps.MasterFargate.CpuSize,
MemoryLimitMiB = stackProps.MasterFargate.MemorySize,
});
dframeMasterTaskDef.AddContainer("dframe", new ContainerDefinitionOptions
{
Image = dframeImage,
Environment = new Dictionary <string, string>
{
{ "DFRAME_CLUSTER_NAME", cluster.ClusterName },
{ "DFRAME_MASTER_SERVICE_NAME", "DFrameMasterService" },
{ "DFRAME_WORKER_CONTAINER_NAME", dframeWorkerContainerName },
{ "DFRAME_WORKER_SERVICE_NAME", dframeWorkerService.ServiceName },
{ "DFRAME_WORKER_TASK_NAME", Fn.Select(1, Fn.Split("/", dframeWorkerTaskDef.TaskDefinitionArn)) },
{ "DFRAME_WORKER_IMAGE", dockerImage.ImageUri },
{ "BENCH_REPORTID", stackProps.ReportId },
{ "BENCH_S3BUCKET", s3.BucketName },
},
Logging = LogDriver.AwsLogs(new AwsLogDriverProps
{
LogGroup = new LogGroup(this, "MasterLogGroup", new LogGroupProps
{
LogGroupName = dframeMasterLogGroup,
RemovalPolicy = RemovalPolicy.DESTROY,
Retention = RetentionDays.TWO_WEEKS,
}),
StreamPrefix = dframeMasterLogGroup,
}),
});
dframeMasterTaskDef.AddDatadogContainer($"dframe-datadog", ddToken, () => stackProps.UseFargateDatadogAgentProfiler);
var dframeMasterService = new FargateService(this, "DFrameMasterService", new FargateServiceProps
{
ServiceName = "DFrameMasterService",
DesiredCount = 1,
Cluster = cluster,
TaskDefinition = dframeMasterTaskDef,
VpcSubnets = singleSubnets,
SecurityGroups = new[] { sg },
PlatformVersion = FargatePlatformVersion.VERSION1_4,
MinHealthyPercent = 0,
AssignPublicIp = true,
});
dframeMasterService.EnableCloudMap(new CloudMapOptions
{
CloudMapNamespace = ns,
Name = dframeMapName,
DnsRecordType = DnsRecordType.A,
DnsTtl = Duration.Seconds(300),
});
// output
new CfnOutput(this, "ReportUrl", new CfnOutputProps {
Value = $"https://{s3.BucketRegionalDomainName}/html/{stackProps.ReportId}/index.html"
});
new CfnOutput(this, "EndPointStyle", new CfnOutputProps {
Value = stackProps.BenchmarkEndpoint.ToString()
});
new CfnOutput(this, "AsgName", new CfnOutputProps {
Value = asg.AutoScalingGroupName
});
new CfnOutput(this, "EcsClusterName", new CfnOutputProps {
Value = cluster.ClusterName
});
new CfnOutput(this, "DFrameWorkerEcsTaskdefImage", new CfnOutputProps {
Value = dockerImage.ImageUri
});
}
public static Amazon.CDK.AWS.StepFunctions.Tasks.EcsRunTask CreateTask(Construct scope, Table presortTable)
{
var environmentCID = Amazon.CDK.AWS.SSM.StringParameter.ValueFromLookup(scope, Config.PARAMETER_STORE_AWS_ACCOUNTID_CICD);
var repo = new Amazon.CDK.AWS.ECR.Repository(scope, "ECRRepo", new Amazon.CDK.AWS.ECR.RepositoryProps()
{
RemovalPolicy = RemovalPolicy.DESTROY,
RepositoryName = Config.ECR_REPO_NAME
});
repo.AddToResourcePolicy(new Amazon.CDK.AWS.IAM.PolicyStatement(new Amazon.CDK.AWS.IAM.PolicyStatementProps
{
Effect = Amazon.CDK.AWS.IAM.Effect.ALLOW,
Actions = new string[] { "ecr:*" },
Principals = new Amazon.CDK.AWS.IAM.IPrincipal[]
{
new Amazon.CDK.AWS.IAM.ArnPrincipal("arn:aws:iam::" + environmentCID + ":root")
}
}));
var taskDefinition = new FargateTaskDefinition(scope, "DownloadAccuzipFileTaskDefinition", new FargateTaskDefinitionProps()
{
Cpu = 4096,
MemoryLimitMiB = 8192,
});
var containerDefinition = taskDefinition.AddContainer(Config.ECR_REPO_NAME + "1", new ContainerDefinitionProps()
{
Cpu = 4096,
MemoryLimitMiB = 8192,
Image = ContainerImage.FromEcrRepository(repo),
Logging = new AwsLogDriver(new AwsLogDriverProps()
{
StreamPrefix = "dmappresort"
})
});
var policyStatement = new Amazon.CDK.AWS.IAM.PolicyStatement();
policyStatement.AddAllResources();
policyStatement.AddActions(new string[] { "dynamoDb:*", "ses:*", "s3:*" });
taskDefinition.AddToTaskRolePolicy(policyStatement);
var cluster = CreateCluster(scope);
var lstEnviron = new List <TaskEnvironmentVariable>();
//lstEnviron.Add(new TaskEnvironmentVariable
//{
// Name = "accuzipFileS3key",
// Value = JsonPath.StringAt("$.accuzipFileS3key")
//});
//lstEnviron.Add(new TaskEnvironmentVariable
//{
// Name = "beforeReduceFileS3Key",
// Value = JsonPath.StringAt("$.beforeReduceFileS3Key")
//});
//lstEnviron.Add(new TaskEnvironmentVariable
//{
// Name = "bucketName",
// Value = JsonPath.StringAt("$.bucketName")
//});
//lstEnviron.Add(new TaskEnvironmentVariable
//{
// Name = "apiKey",
// Value = JsonPath.StringAt("$.apiKey")
//});
lstEnviron.Add(new TaskEnvironmentVariable
{
Name = "REQUESTID",
Value = JsonPath.StringAt("$.requestId")
});
lstEnviron.Add(new TaskEnvironmentVariable
{
Name = "DYNAMO_TABLE",
Value = presortTable.TableName
});
return(new EcsRunTask(scope, "FileMergeFargate", new EcsRunTaskProps()
{
LaunchTarget = new EcsFargateLaunchTarget(),
AssignPublicIp = true,
IntegrationPattern = IntegrationPattern.RUN_JOB,
Cluster = cluster,
TaskDefinition = taskDefinition,
ContainerOverrides = (new List <ContainerOverride>
{
new ContainerOverride
{
ContainerDefinition = containerDefinition,
Environment = lstEnviron.ToArray()
}
}).ToArray()
}));
}
internal CdkStack(Construct scope, string id, IStackProps props = null)
: base(scope, id, props)
{
var vpc = new Vpc(this, "api-vpc", new VpcProps
{
MaxAzs = 3 // Default is all AZs in region
});
var cluster = new Cluster(this, "api-ecs-cluster", new ClusterProps
{
Vpc = vpc,
});
var task = new FargateTaskDefinition(this, "api-fargate-task", new FargateTaskDefinitionProps()
{
Cpu = 256,
MemoryLimitMiB = 512
});
var logGroup = new LogGroup(this, "loggroup-containers", new LogGroupProps()
{
Retention = RetentionDays.ONE_MONTH
});
var nginxContainer = new ContainerDefinition(this, "container-nginx", new ContainerDefinitionProps()
{
TaskDefinition = task,
Image = ContainerImage.FromAsset("../Web/Nginx", new AssetImageProps()
{
File = "Nginx.Dockerfile"
}),
PortMappings = new[]
{
new PortMapping() { HostPort = 80, ContainerPort = 80, Protocol = Protocol.TCP }
},
Essential = true,
Environment = new Dictionary<string, string>()
{
{ "WEB_HOST", "127.0.0.1" }
},
Logging = new AwsLogDriver(new AwsLogDriverProps()
{
LogGroup = logGroup,
StreamPrefix = "nginx"
})
});
var apiContainer = new ContainerDefinition(this, "container-api", new ContainerDefinitionProps()
{
TaskDefinition = task,
Image = ContainerImage.FromAsset("../Web/Mvc", new AssetImageProps()
{
File = "Mvc.Dockerfile"
}),
PortMappings = new[]
{
new PortMapping() { HostPort = 5000, ContainerPort = 5000, Protocol = Protocol.TCP }
},
Essential = true,
Logging = new AwsLogDriver(new AwsLogDriverProps()
{
LogGroup = logGroup,
StreamPrefix = "web"
})
});
// Create a load-balanced Fargate service and make it public
new ApplicationLoadBalancedFargateService(this, "api-fargate-loadbalancer",
new ApplicationLoadBalancedFargateServiceProps
{
Cluster = cluster, // Required
// DesiredCount = 6, // Default is 1
// TaskDefinition or TaskImageOptions must be specified, but not both.
TaskDefinition = task,
// MemoryLimitMiB = 2048, // Default is 256
PublicLoadBalancer = true // Default is false
}
);
}
internal UsersServiceFargateStack(Construct scope, string id, IUsersServiceFargateStackProps props) : base(scope, id, props)
{
var repository = Repository.FromRepositoryName(this, "UsersRepository", "users-service");
var taskDefinition = new FargateTaskDefinition(this, "UsersServiceTaskDef", new FargateTaskDefinitionProps
{
Cpu = 256,
MemoryLimitMiB = 512
});
var container = taskDefinition.AddContainer("WebApi", new ContainerDefinitionOptions
{
Image = ContainerImage.FromEcrRepository(repository),
Logging = new AwsLogDriver(new AwsLogDriverProps
{
LogRetention = Amazon.CDK.AWS.Logs.RetentionDays.TWO_WEEKS,
StreamPrefix = "UsersService-"
})
});
container.AddPortMappings(new PortMapping
{
ContainerPort = 80
});
var service = new FargateService(this, "UsersService", new FargateServiceProps
{
Cluster = props.Cluster,
TaskDefinition = taskDefinition,
DesiredCount = 2,
VpcSubnets = new SubnetSelection
{
SubnetType = SubnetType.PUBLIC
},
AssignPublicIp = true
});
service.AutoScaleTaskCount(new EnableScalingProps
{
MinCapacity = 2,
MaxCapacity = 4
}).ScaleOnCpuUtilization("CPU", new CpuUtilizationScalingProps
{
TargetUtilizationPercent = 70
});
props.Listener.AddTargets("UsersServiceTarget", new AddApplicationTargetsProps
{
HealthCheck = new HealthCheck
{
HealthyHttpCodes = "200-299",
Path = "/api/users/health",
Protocol = Amazon.CDK.AWS.ElasticLoadBalancingV2.Protocol.HTTP,
HealthyThresholdCount = 2,
UnhealthyThresholdCount = 5,
Timeout = Duration.Seconds(10),
Interval = Duration.Seconds(70),
Port = "80"
},
Protocol = ApplicationProtocol.HTTP,
Port = 80,
Targets = new IApplicationLoadBalancerTarget[] { service },
PathPattern = "/api/users*",
Priority = 2
});
}
