public MyStack() { var ubuntu = Output.Create(Aws.GetAmi.InvokeAsync(new Aws.GetAmiArgs { Filters = { new Aws.Inputs.GetAmiFilterArgs { Name = "name", Values = { "ubuntu/images/hvm-ssd/ubuntu-trusty-14.04-amd64-server-*", }, }, new Aws.Inputs.GetAmiFilterArgs { Name = "virtualization-type", Values = { "hvm", }, }, }, MostRecent = true, Owners = { "099720109477", }, })); var asConf = new Aws.Ec2.LaunchConfiguration("asConf", new Aws.Ec2.LaunchConfigurationArgs { ImageId = ubuntu.Apply(ubuntu => ubuntu.Id), InstanceType = "t2.micro", }); }
private static void ConfigureEcsCluster() { cluster = new Ecs.Cluster($"{baseName}-cluster", null, new CustomResourceOptions()); // Create a SecurityGroup that permits HTTP ingress and unrestricted egress. var webSg = new Ec2.SecurityGroup($"{baseName}-web-sg", new Ec2.SecurityGroupArgs { VpcId = vpcId, Egress = { new Ec2.Inputs.SecurityGroupEgressArgs { Protocol = "-1", FromPort = 0, ToPort = 0, CidrBlocks ={ "0.0.0.0/0" }, }, }, Ingress = { new Ec2.Inputs.SecurityGroupIngressArgs { Protocol = "tcp", FromPort = 80, ToPort = 80, CidrBlocks ={ "0.0.0.0/0" }, }, }, }); // Create an IAM role that can be used by our service's task. var taskExecRole = new Iam.Role($"{baseName}-task-exec-role", new Iam.RoleArgs { AssumeRolePolicy = File.ReadAllText("perm.json"), }); var taskExecAttach = new Iam.RolePolicyAttachment($"{baseName}-task-exec-policy", new Iam.RolePolicyAttachmentArgs { Role = taskExecRole.Name, PolicyArn = "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy", }); // Create a load balancer to listen for HTTP traffic on port 80. var webLb = new Elb.LoadBalancer($"{baseName}-web-lb", new Elb.LoadBalancerArgs { Subnets = new InputList <string>() { subnetId, subnetTwoId }, SecurityGroups = { webSg.Id }, }); var webTg = new Elb.TargetGroup($"{baseName}-web-tg", new Elb.TargetGroupArgs { Port = 80, Protocol = "HTTP", TargetType = "ip", VpcId = vpcId, }); var webListener = new Elb.Listener($"{baseName}-web-listener", new Elb.ListenerArgs { LoadBalancerArn = webLb.Arn, Port = 80, DefaultActions = { new Elb.Inputs.ListenerDefaultActionsArgs { Type = "forward", TargetGroupArn = webTg.Arn, }, }, }); var launchConfig = new Ec2.LaunchConfiguration($"{baseName}-launchconfig", new Ec2.LaunchConfigurationArgs() { ImageId = "ami-a1491ad2", InstanceType = "t2.nano", AssociatePublicIpAddress = true, SecurityGroups = webSg.Id, }); var scalingGroup = new Group($"{baseName}-autoscaling", new GroupArgs() { AvailabilityZones = new InputList <string>() { "eu-west-1a", "eu-west-1b" }, VpcZoneIdentifiers = new InputList <string>() { subnetId, subnetTwoId }, DesiredCapacity = 1, LaunchConfiguration = launchConfig.Id, MaxSize = 1, MinSize = 0, }); // Spin up a load balanced service running our container image. var appTask = new Ecs.TaskDefinition($"{baseName}-app-task", new Ecs.TaskDefinitionArgs { Family = "fargate-task-definition", Cpu = "256", Memory = "512", NetworkMode = "awsvpc", RequiresCompatibilities = { "FARGATE", "EC2" }, ExecutionRoleArn = taskExecRole.Arn, ContainerDefinitions = @"[{ ""name"": ""my-app"", ""image"": ""nginx"", ""portMappings"": [{ ""containerPort"": 80, ""hostPort"": 80, ""protocol"": ""tcp"" }] }]", }); var ec2Svc = new Ecs.Service($"{baseName}-ec2-svc", new Ecs.ServiceArgs() { Cluster = cluster.Arn, DesiredCount = 1, LaunchType = "EC2", TaskDefinition = appTask.Arn, NetworkConfiguration = new Ecs.Inputs.ServiceNetworkConfigurationArgs { Subnets = new InputList <string>() { subnetId, subnetTwoId }, SecurityGroups = { webSg.Id }, }, LoadBalancers = { new Ecs.Inputs.ServiceLoadBalancersArgs { TargetGroupArn = webTg.Arn, ContainerName = "my-app", ContainerPort = 80, }, }, }, new CustomResourceOptions { DependsOn = { webListener } }); }