From 7f1e1a65f9b82c27b612b1d100242589ae87f00a Mon Sep 17 00:00:00 2001
From: e0d <edward@indeterminate.org>
Date: Mon, 29 Apr 2013 08:51:23 -0400
Subject: [PATCH] initial version of complete reference architecture template
---
cloudformation_templates/edx-reference-architecture.json | 3184 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 3184 insertions(+)
create mode 100644 cloudformation_templates/edx-reference-architecture.json
diff --git a/cloudformation_templates/edx-reference-architecture.json b/cloudformation_templates/edx-reference-architecture.json
new file mode 100644
index 0000000..fdbc287
--- /dev/null
+++ b/cloudformation_templates/edx-reference-architecture.json
@@ -0,0 +1,3184 @@
+{
+ "AWSTemplateFormatVersion":"2010-09-09",
+ "Description":"A sample template to bring up a minimal, but complete version of the edX stack. **WARNING** This template creates one or more Amazon EC2 instances. You will be billed for the AWS resources used if you create a stack from this template.",
+ "Parameters":{
+ "EnvironmentTag":{
+ "Type":"String",
+ "Description":"A tag value applied to the hosts in the VPC indicating which environment to use during the configuration phase, e.g., development, stage, production"
+ },
+ "KeyName":{
+ "Type":"String",
+ "Description":"Name of an existing EC2 KeyPair to enable SSH access to the web server"
+ },
+ "InstanceType":{
+ "Description":"WebServer EC2 instance type",
+ "Type":"String",
+ "Default":"m1.small",
+ "AllowedValues":[
+ "t1.micro",
+ "m1.small",
+ "m1.medium",
+ "m1.large",
+ "m1.xlarge",
+ "m2.xlarge",
+ "m2.2xlarge",
+ "m2.4xlarge",
+ "m3.xlarge",
+ "m3.2xlarge",
+ "c1.medium",
+ "c1.xlarge",
+ "cc1.4xlarge",
+ "cc2.8xlarge",
+ "cg1.4xlarge"
+ ],
+ "ConstraintDescription":"must be a valid EC2 instance type."
+ },
+ "SSHLocation":{
+ "Description":"The IP address range that can be used to SSH to the EC2 instances",
+ "Type":"String",
+ "MinLength":"9",
+ "MaxLength":"18",
+ "Default":"0.0.0.0/0",
+ "AllowedPattern":"(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})",
+ "ConstraintDescription":"must be a valid IP CIDR range of the form x.x.x.x/x."
+ },
+ "WebServerPort":{
+ "Description":"The TCP port for the Web Server",
+ "Type":"Number",
+ "Default":"8888"
+ },
+ "BastionInstanceType":{
+ "Description":"Bastion Host EC2 instance type",
+ "Type":"String",
+ "Default":"m1.small",
+ "AllowedValues":[
+ "t1.micro",
+ "m1.small",
+ "m1.medium",
+ "m1.large",
+ "m1.xlarge",
+ "m2.xlarge",
+ "m2.2xlarge",
+ "m2.4xlarge",
+ "m3.xlarge",
+ "m3.2xlarge",
+ "c1.medium",
+ "c1.xlarge",
+ "cc1.4xlarge",
+ "cc2.8xlarge",
+ "cg1.4xlarge"
+ ],
+ "ConstraintDescription":"must be a valid EC2 instance type."
+ },
+ "NATInstanceType":{
+ "Description":"NET Device EC2 instance type",
+ "Type":"String",
+ "Default":"m1.small",
+ "AllowedValues":[
+ "t1.micro",
+ "m1.small",
+ "m1.medium",
+ "m1.large",
+ "m1.xlarge",
+ "m2.xlarge",
+ "m2.2xlarge",
+ "m2.4xlarge",
+ "m3.xlarge",
+ "m3.2xlarge",
+ "c1.medium",
+ "c1.xlarge",
+ "cc1.4xlarge",
+ "cc2.8xlarge",
+ "cg1.4xlarge"
+ ],
+ "ConstraintDescription":"must be a valid EC2 instance type."
+ },
+ "EdxappDesiredCapacity":{
+ "Description":"The Auto-scaling group desired capacity for the edxapp hosts",
+ "Type":"Number",
+ "Default":"2"
+ },
+ "XqueueDesiredCapacity":{
+ "Description":"The Auto-scaling group desired capacity for the xqueue hosts",
+ "Type":"Number",
+ "Default":"2"
+ },
+ "XServerDesiredCapacity":{
+ "Description":"The Auto-scaling group desired capacity for the xserver hosts",
+ "Type":"Number",
+ "Default":"2"
+ },
+ "RabbitMQDesiredCapacity":{
+ "Description":"The Auto-scaling group desired capacity for the RabbitMQ hosts",
+ "Type":"Number",
+ "Default":"2"
+ },
+ "CacheNodeType":{
+ "Default":"cache.m1.small",
+ "Description":"The compute and memory capacity of the nodes in the Cache Cluster",
+ "Type":"String",
+ "AllowedValues":[
+ "cache.t1.micro",
+ "cache.m1.small",
+ "cache.m1.large",
+ "cache.m1.xlarge",
+ "cache.m2.xlarge",
+ "cache.m2.2xlarge",
+ "cache.m2.4xlarge",
+ "cache.c1.xlarge"
+ ],
+ "ConstraintDescription":"must select a valid Cache Node type."
+ },
+ "NumberOfCacheNodes":{
+ "Default":"2",
+ "Description":"The number of Cache Nodes the Cache Cluster should have",
+ "Type":"Number",
+ "MinValue":"2",
+ "MaxValue":"10",
+ "ConstraintDescription":"must be between 2 and 10."
+ },
+ "DBName":{
+ "Default":"wwc",
+ "Description":"The database name",
+ "Type":"String",
+ "MinLength":"1",
+ "MaxLength":"64",
+ "AllowedPattern":"[a-zA-Z][a-zA-Z0-9]*",
+ "ConstraintDescription":"must begin with a letter and contain only alphanumeric characters."
+ },
+ "DBUsername":{
+ "Default":"edxapp",
+ "NoEcho":"true",
+ "Description":"The database admin account username",
+ "Type":"String",
+ "MinLength":"1",
+ "MaxLength":"16",
+ "AllowedPattern":"[a-zA-Z][a-zA-Z0-9]*",
+ "ConstraintDescription":"must begin with a letter and contain only alphanumeric characters."
+ },
+ "DBPassword":{
+ "Default":"changeme",
+ "NoEcho":"true",
+ "Description":"The database admin account password",
+ "Type":"String",
+ "MinLength":"8",
+ "MaxLength":"41",
+ "ConstraintDescription":"must contain only alphanumeric characters."
+ },
+ "DBClass":{
+ "Default":"db.m1.small",
+ "Description":"Database instance class",
+ "Type":"String",
+ "AllowedValues":[
+ "db.m1.micro",
+ "db.m1.small",
+ "db.m1.large",
+ "db.m1.xlarge",
+ "db.m2.xlarge",
+ "db.m2.2xlarge",
+ "db.m2.4xlarge"
+ ],
+ "ConstraintDescription":"must select a valid database instance type."
+ },
+ "DBAllocatedStorage":{
+ "Default":"5",
+ "Description":"The size of the database (Gb)",
+ "Type":"Number",
+ "MinValue":"5",
+ "MaxValue":"3072",
+ "ConstraintDescription":"must be between 5 and 3072Gb."
+ }
+ },
+ "Mappings":{
+ "AWSInstanceType2Arch":{
+ "t1.micro":{
+ "Arch":"64"
+ },
+ "m1.small":{
+ "Arch":"64"
+ },
+ "m1.medium":{
+ "Arch":"64"
+ },
+ "m1.large":{
+ "Arch":"64"
+ },
+ "m1.xlarge":{
+ "Arch":"64"
+ },
+ "m2.xlarge":{
+ "Arch":"64"
+ },
+ "m2.2xlarge":{
+ "Arch":"64"
+ },
+ "m2.4xlarge":{
+ "Arch":"64"
+ },
+ "m3.xlarge":{
+ "Arch":"64"
+ },
+ "m3.2xlarge":{
+ "Arch":"64"
+ },
+ "c1.medium":{
+ "Arch":"64"
+ },
+ "c1.xlarge":{
+ "Arch":"64"
+ }
+ },
+ "AWSRegionArch2AMI":{
+ "us-east-1":{
+ "32":"ami-def89fb7",
+ "64":"ami-d0f89fb9"
+ },
+ "us-west-1":{
+ "32":"ami-fc002cb9",
+ "64":"ami-ce7b6fba"
+ },
+ "us-west-2":{
+ "32":"ami-0ef96e3e",
+ "64":"ami-70f96e40"
+ },
+ "eu-west-1":{
+ "32":"ami-c27b6fb6",
+ "64":"ami-ce7b6fba"
+ },
+ "sa-east-1":{
+ "32":"ami-a1da00bc",
+ "64":"ami-a3da00be"
+ },
+ "ap-southeast-1":{
+ "32":"ami-66084734",
+ "64":"ami-64084736"
+ },
+ "ap-southeast-2":{
+ "32":"ami-06ea7a3c",
+ "64":"ami-04ea7a3e"
+ },
+ "ap-northeast-1":{
+ "32":"ami-fc6ceefd",
+ "64":"ami-fe6ceeff"
+ }
+ },
+ "AWSNATAMI":{
+ "us-east-1":{
+ "AMI":"ami-c6699baf"
+ },
+ "us-west-2":{
+ "AMI":"ami-52ff7262"
+ },
+ "us-west-1":{
+ "AMI":"ami-3bcc9e7e"
+ },
+ "eu-west-1":{
+ "AMI":"ami-0b5b6c7f"
+ },
+ "ap-southeast-1":{
+ "AMI":"ami-02eb9350"
+ },
+ "ap-southeast-2":{
+ "AMI":"ami-ab990e91"
+ },
+ "ap-northeast-1":{
+ "AMI":"ami-14d86d15"
+ },
+ "sa-east-1":{
+ "AMI":"ami-0439e619"
+ }
+ },
+ "SubnetConfig":{
+ "VPC":{
+ "CIDR":"10.0.0.0/16"
+ },
+ "Public01":{
+ "CIDR":"10.0.0.0/24"
+ },
+ "Public02":{
+ "CIDR":"10.0.1.0/24"
+ },
+ "Edxapp01":{
+ "CIDR":"10.0.10.0/24"
+ },
+ "Edxapp02":{
+ "CIDR":"10.0.11.0/24"
+ },
+ "XServerJail01":{
+ "CIDR":"10.0.20.0/24"
+ },
+ "XServerJail02":{
+ "CIDR":"10.0.21.0/24"
+ },
+ "Xqueue01":{
+ "CIDR":"10.0.30.0/24"
+ },
+ "Xqueue02":{
+ "CIDR":"10.0.31.0/24"
+ },
+ "Rabbit01":{
+ "CIDR":"10.0.40.0/24"
+ },
+ "Rabbit02":{
+ "CIDR":"10.0.41.0/24"
+ },
+ "Data01":{
+ "CIDR":"10.0.50.0/24"
+ },
+ "Data02":{
+ "CIDR":"10.0.51.0/24"
+ },
+ "Cache01":{
+ "CIDR":"10.0.60.0/24"
+ },
+ "Cache02":{
+ "CIDR":"10.0.61.0/24"
+ }
+ }
+ },
+ "Resources":{
+ "EdxVPC":{
+ "Type":"AWS::EC2::VPC",
+ "Properties":{
+ "CidrBlock":"10.0.0.0/16",
+ "InstanceTenancy":"default"
+ }
+ },
+ "PublicSubnet01":{
+ "Type":"AWS::EC2::Subnet",
+ "Properties":{
+ "VpcId":{
+ "Ref":"EdxVPC"
+ },
+ "CidrBlock":{
+ "Fn::FindInMap":[
+ "SubnetConfig",
+ "Public01",
+ "CIDR"
+ ]
+ },
+ "AvailabilityZone":"us-east-1b"
+ }
+ },
+ "PublicSubnet02":{
+ "Type":"AWS::EC2::Subnet",
+ "Properties":{
+ "VpcId":{
+ "Ref":"EdxVPC"
+ },
+ "CidrBlock":{
+ "Fn::FindInMap":[
+ "SubnetConfig",
+ "Public02",
+ "CIDR"
+ ]
+ },
+ "AvailabilityZone":"us-east-1c"
+ }
+ },
+ "EdxappSubnet01":{
+ "Type":"AWS::EC2::Subnet",
+ "Properties":{
+ "VpcId":{
+ "Ref":"EdxVPC"
+ },
+ "CidrBlock":{
+ "Fn::FindInMap":[
+ "SubnetConfig",
+ "Edxapp01",
+ "CIDR"
+ ]
+ },
+ "AvailabilityZone":"us-east-1b",
+ "Tags":[
+ {
+ "Key":"Application",
+ "Value":"edxapp"
+ },
+ {
+ "Key":"Network",
+ "Value":"Private"
+ }
+ ]
+ }
+ },
+ "EdxappSubnet02":{
+ "Type":"AWS::EC2::Subnet",
+ "Properties":{
+ "VpcId":{
+ "Ref":"EdxVPC"
+ },
+ "CidrBlock":{
+ "Fn::FindInMap":[
+ "SubnetConfig",
+ "Edxapp02",
+ "CIDR"
+ ]
+ },
+ "AvailabilityZone":"us-east-1c",
+ "Tags":[
+ {
+ "Key":"Application",
+ "Value":"edxapp"
+ },
+ {
+ "Key":"Network",
+ "Value":"Private"
+ }
+ ]
+ }
+ },
+ "XqueueSubnet01":{
+ "Type":"AWS::EC2::Subnet",
+ "Properties":{
+ "VpcId":{
+ "Ref":"EdxVPC"
+ },
+ "CidrBlock":{
+ "Fn::FindInMap":[
+ "SubnetConfig",
+ "Xqueue01",
+ "CIDR"
+ ]
+ },
+ "AvailabilityZone":"us-east-1b",
+ "Tags":[
+ {
+ "Key":"Application",
+ "Value":"xqueue"
+ },
+ {
+ "Key":"Network",
+ "Value":"Private"
+ }
+ ]
+ }
+ },
+ "XqueueSubnet02":{
+ "Type":"AWS::EC2::Subnet",
+ "Properties":{
+ "VpcId":{
+ "Ref":"EdxVPC"
+ },
+ "CidrBlock":{
+ "Fn::FindInMap":[
+ "SubnetConfig",
+ "Xqueue02",
+ "CIDR"
+ ]
+ },
+ "AvailabilityZone":"us-east-1c",
+ "Tags":[
+ {
+ "Key":"Application",
+ "Value":"xqueue"
+ },
+ {
+ "Key":"Network",
+ "Value":"Private"
+ }
+ ]
+ }
+ },
+ "RabbitSubnet01":{
+ "Type":"AWS::EC2::Subnet",
+ "Properties":{
+ "VpcId":{
+ "Ref":"EdxVPC"
+ },
+ "CidrBlock":{
+ "Fn::FindInMap":[
+ "SubnetConfig",
+ "Rabbit01",
+ "CIDR"
+ ]
+ },
+ "AvailabilityZone":"us-east-1b",
+ "Tags":[
+ {
+ "Key":"Application",
+ "Value":"RabbitMQ"
+ },
+ {
+ "Key":"Network",
+ "Value":"Private"
+ }
+ ]
+ }
+ },
+ "RabbitSubnet02":{
+ "Type":"AWS::EC2::Subnet",
+ "Properties":{
+ "VpcId":{
+ "Ref":"EdxVPC"
+ },
+ "CidrBlock":{
+ "Fn::FindInMap":[
+ "SubnetConfig",
+ "Rabbit02",
+ "CIDR"
+ ]
+ },
+ "AvailabilityZone":"us-east-1c",
+ "Tags":[
+ {
+ "Key":"Application",
+ "Value":"RabbitMQ"
+ },
+ {
+ "Key":"Network",
+ "Value":"Private"
+ }
+ ]
+ }
+ },
+ "XServerSubnet01":{
+ "Type":"AWS::EC2::Subnet",
+ "Properties":{
+ "VpcId":{
+ "Ref":"EdxVPC"
+ },
+ "CidrBlock":{
+ "Fn::FindInMap":[
+ "SubnetConfig",
+ "XServerJail01",
+ "CIDR"
+ ]
+ },
+ "AvailabilityZone":"us-east-1b",
+ "Tags":[
+ {
+ "Key":"Application",
+ "Value":"xserver"
+ },
+ {
+ "Key":"Network",
+ "Value":"Private"
+ }
+ ]
+ }
+ },
+ "XServerSubnet02":{
+ "Type":"AWS::EC2::Subnet",
+ "Properties":{
+ "VpcId":{
+ "Ref":"EdxVPC"
+ },
+ "CidrBlock":{
+ "Fn::FindInMap":[
+ "SubnetConfig",
+ "XServerJail02",
+ "CIDR"
+ ]
+ },
+ "AvailabilityZone":"us-east-1c",
+ "Tags":[
+ {
+ "Key":"Application",
+ "Value":"xserver"
+ },
+ {
+ "Key":"Network",
+ "Value":"Private"
+ }
+ ]
+ }
+ },
+ "Data01":{
+ "Type":"AWS::EC2::Subnet",
+ "Properties":{
+ "VpcId":{
+ "Ref":"EdxVPC"
+ },
+ "CidrBlock":{
+ "Fn::FindInMap":[
+ "SubnetConfig",
+ "Data01",
+ "CIDR"
+ ]
+ },
+ "AvailabilityZone":"us-east-1b",
+ "Tags":[
+ {
+ "Key":"Application",
+ "Value":"RDS"
+ },
+ {
+ "Key":"Network",
+ "Value":"Data"
+ }
+ ]
+ }
+ },
+ "Data02":{
+ "Type":"AWS::EC2::Subnet",
+ "Properties":{
+ "VpcId":{
+ "Ref":"EdxVPC"
+ },
+ "CidrBlock":{
+ "Fn::FindInMap":[
+ "SubnetConfig",
+ "Data02",
+ "CIDR"
+ ]
+ },
+ "AvailabilityZone":"us-east-1c",
+ "Tags":[
+ {
+ "Key":"Application",
+ "Value":"RDS"
+ },
+ {
+ "Key":"Network",
+ "Value":"Data"
+ }
+ ]
+ }
+ },
+ "Cache01":{
+ "Type":"AWS::EC2::Subnet",
+ "Properties":{
+ "VpcId":{
+ "Ref":"EdxVPC"
+ },
+ "CidrBlock":{
+ "Fn::FindInMap":[
+ "SubnetConfig",
+ "Cache01",
+ "CIDR"
+ ]
+ },
+ "AvailabilityZone":"us-east-1b",
+ "Tags":[
+ {
+ "Key":"Application",
+ "Value":"Elasticache"
+ },
+ {
+ "Key":"Network",
+ "Value":"Cache"
+ }
+ ]
+ }
+ },
+ "Cache02":{
+ "Type":"AWS::EC2::Subnet",
+ "Properties":{
+ "VpcId":{
+ "Ref":"EdxVPC"
+ },
+ "CidrBlock":{
+ "Fn::FindInMap":[
+ "SubnetConfig",
+ "Cache02",
+ "CIDR"
+ ]
+ },
+ "AvailabilityZone":"us-east-1c",
+ "Tags":[
+ {
+ "Key":"Application",
+ "Value":"Elasticache"
+ },
+ {
+ "Key":"Network",
+ "Value":"Cache"
+ }
+ ]
+ }
+ },
+ "InternetGateway":{
+ "Type":"AWS::EC2::InternetGateway",
+ "Properties":{
+ "Tags":[
+ {
+ "Key":"Application",
+ "Value":{
+ "Ref":"AWS::StackId"
+ }
+ },
+ {
+ "Key":"Network",
+ "Value":"Public"
+ }
+ ]
+ }
+ },
+ "GatewayToInternet":{
+ "Type":"AWS::EC2::VPCGatewayAttachment",
+ "Properties":{
+ "VpcId":{
+ "Ref":"EdxVPC"
+ },
+ "InternetGatewayId":{
+ "Ref":"InternetGateway"
+ }
+ }
+ },
+ "PublicRouteTable":{
+ "Type":"AWS::EC2::RouteTable",
+ "Properties":{
+ "VpcId":{
+ "Ref":"EdxVPC"
+ },
+ "Tags":[
+ {
+ "Key":"Application",
+ "Value":{
+ "Ref":"AWS::StackId"
+ }
+ },
+ {
+ "Key":"Network",
+ "Value":"Public"
+ }
+ ]
+ }
+ },
+ "PublicRoute":{
+ "Type":"AWS::EC2::Route",
+ "Properties":{
+ "RouteTableId":{
+ "Ref":"PublicRouteTable"
+ },
+ "DestinationCidrBlock":"0.0.0.0/0",
+ "GatewayId":{
+ "Ref":"InternetGateway"
+ }
+ }
+ },
+ "PublicSubnetRouteTableAssociation01":{
+ "Type":"AWS::EC2::SubnetRouteTableAssociation",
+ "Properties":{
+ "SubnetId":{
+ "Ref":"PublicSubnet01"
+ },
+ "RouteTableId":{
+ "Ref":"PublicRouteTable"
+ }
+ }
+ },
+ "PublicSubnetRouteTableAssociation02":{
+ "Type":"AWS::EC2::SubnetRouteTableAssociation",
+ "Properties":{
+ "SubnetId":{
+ "Ref":"PublicSubnet02"
+ },
+ "RouteTableId":{
+ "Ref":"PublicRouteTable"
+ }
+ }
+ },
+ "PublicNetworkAcl":{
+ "Type":"AWS::EC2::NetworkAcl",
+ "Properties":{
+ "VpcId":{
+ "Ref":"EdxVPC"
+ },
+ "Tags":[
+ {
+ "Key":"Application",
+ "Value":{
+ "Ref":"AWS::StackId"
+ }
+ },
+ {
+ "Key":"Network",
+ "Value":"Public"
+ }
+ ]
+ }
+ },
+ "InboundHTTPPublicNetworkAclEntry":{
+ "Type":"AWS::EC2::NetworkAclEntry",
+ "Properties":{
+ "NetworkAclId":{
+ "Ref":"PublicNetworkAcl"
+ },
+ "RuleNumber":"100",
+ "Protocol":"6",
+ "RuleAction":"allow",
+ "Egress":"false",
+ "CidrBlock":"0.0.0.0/0",
+ "PortRange":{
+ "From":"80",
+ "To":"80"
+ }
+ }
+ },
+ "InboundHTTPSPublicNetworkAclEntry":{
+ "Type":"AWS::EC2::NetworkAclEntry",
+ "Properties":{
+ "NetworkAclId":{
+ "Ref":"PublicNetworkAcl"
+ },
+ "RuleNumber":"101",
+ "Protocol":"6",
+ "RuleAction":"allow",
+ "Egress":"false",
+ "CidrBlock":"0.0.0.0/0",
+ "PortRange":{
+ "From":"443",
+ "To":"443"
+ }
+ }
+ },
+ "InboundSSHPublicNetworkAclEntry":{
+ "Type":"AWS::EC2::NetworkAclEntry",
+ "Properties":{
+ "NetworkAclId":{
+ "Ref":"PublicNetworkAcl"
+ },
+ "RuleNumber":"102",
+ "Protocol":"6",
+ "RuleAction":"allow",
+ "Egress":"false",
+ "CidrBlock":{
+ "Ref":"SSHLocation"
+ },
+ "PortRange":{
+ "From":"22",
+ "To":"22"
+ }
+ }
+ },
+ "InboundEmphemeralPublicNetworkAclEntry":{
+ "Type":"AWS::EC2::NetworkAclEntry",
+ "Properties":{
+ "NetworkAclId":{
+ "Ref":"PublicNetworkAcl"
+ },
+ "RuleNumber":"103",
+ "Protocol":"6",
+ "RuleAction":"allow",
+ "Egress":"false",
+ "CidrBlock":"0.0.0.0/0",
+ "PortRange":{
+ "From":"1024",
+ "To":"65535"
+ }
+ }
+ },
+ "OutboundPublicNetworkAclEntry":{
+ "Type":"AWS::EC2::NetworkAclEntry",
+ "Properties":{
+ "NetworkAclId":{
+ "Ref":"PublicNetworkAcl"
+ },
+ "RuleNumber":"100",
+ "Protocol":"6",
+ "RuleAction":"allow",
+ "Egress":"true",
+ "CidrBlock":"0.0.0.0/0",
+ "PortRange":{
+ "From":"0",
+ "To":"65535"
+ }
+ }
+ },
+ "PublicSubnetNetworkAclAssociation01":{
+ "Type":"AWS::EC2::SubnetNetworkAclAssociation",
+ "Properties":{
+ "SubnetId":{
+ "Ref":"PublicSubnet01"
+ },
+ "NetworkAclId":{
+ "Ref":"PublicNetworkAcl"
+ }
+ }
+ },
+ "PublicSubnetNetworkAclAssociation02":{
+ "Type":"AWS::EC2::SubnetNetworkAclAssociation",
+ "Properties":{
+ "SubnetId":{
+ "Ref":"PublicSubnet02"
+ },
+ "NetworkAclId":{
+ "Ref":"PublicNetworkAcl"
+ }
+ }
+ },
+ "PrivateRouteTable":{
+ "Type":"AWS::EC2::RouteTable",
+ "Properties":{
+ "VpcId":{
+ "Ref":"EdxVPC"
+ },
+ "Tags":[
+ {
+ "Key":"Application",
+ "Value":{
+ "Ref":"AWS::StackId"
+ }
+ },
+ {
+ "Key":"Network",
+ "Value":"Private"
+ }
+ ]
+ }
+ },
+ "PrivateRoute":{
+ "Type":"AWS::EC2::Route",
+ "Properties":{
+ "RouteTableId":{
+ "Ref":"PrivateRouteTable"
+ },
+ "DestinationCidrBlock":"0.0.0.0/0",
+ "InstanceId":{
+ "Ref":"NATDevice"
+ }
+ }
+ },
+ "PrivateSubnetRouteTableAssociationEdxapp01":{
+ "Type":"AWS::EC2::SubnetRouteTableAssociation",
+ "Properties":{
+ "SubnetId":{
+ "Ref":"EdxappSubnet01"
+ },
+ "RouteTableId":{
+ "Ref":"PrivateRouteTable"
+ }
+ }
+ },
+ "PrivateSubnetRouteTableAssociationEdxapp02":{
+ "Type":"AWS::EC2::SubnetRouteTableAssociation",
+ "Properties":{
+ "SubnetId":{
+ "Ref":"EdxappSubnet02"
+ },
+ "RouteTableId":{
+ "Ref":"PrivateRouteTable"
+ }
+ }
+ },
+ "PrivateSubnetRouteTableAssociationXqueue01":{
+ "Type":"AWS::EC2::SubnetRouteTableAssociation",
+ "Properties":{
+ "SubnetId":{
+ "Ref":"XqueueSubnet01"
+ },
+ "RouteTableId":{
+ "Ref":"PrivateRouteTable"
+ }
+ }
+ },
+ "PrivateSubnetRouteTableAssociationXqueue02":{
+ "Type":"AWS::EC2::SubnetRouteTableAssociation",
+ "Properties":{
+ "SubnetId":{
+ "Ref":"XqueueSubnet02"
+ },
+ "RouteTableId":{
+ "Ref":"PrivateRouteTable"
+ }
+ }
+ },
+ "PrivateSubnetRouteTableAssociationRabbit01":{
+ "Type":"AWS::EC2::SubnetRouteTableAssociation",
+ "Properties":{
+ "SubnetId":{
+ "Ref":"RabbitSubnet01"
+ },
+ "RouteTableId":{
+ "Ref":"PrivateRouteTable"
+ }
+ }
+ },
+ "PrivateSubnetRouteTableAssociationRabbit02":{
+ "Type":"AWS::EC2::SubnetRouteTableAssociation",
+ "Properties":{
+ "SubnetId":{
+ "Ref":"RabbitSubnet02"
+ },
+ "RouteTableId":{
+ "Ref":"PrivateRouteTable"
+ }
+ }
+ },
+ "PrivateSubnetRouteTableAssociationXServer01":{
+ "Type":"AWS::EC2::SubnetRouteTableAssociation",
+ "Properties":{
+ "SubnetId":{
+ "Ref":"XServerSubnet01"
+ },
+ "RouteTableId":{
+ "Ref":"PrivateRouteTable"
+ }
+ }
+ },
+ "PrivateSubnetRouteTableAssociationXServer02":{
+ "Type":"AWS::EC2::SubnetRouteTableAssociation",
+ "Properties":{
+ "SubnetId":{
+ "Ref":"XServerSubnet02"
+ },
+ "RouteTableId":{
+ "Ref":"PrivateRouteTable"
+ }
+ }
+ },
+ "PrivateSubnetRouteTableAssociationData01":{
+ "Type":"AWS::EC2::SubnetRouteTableAssociation",
+ "Properties":{
+ "SubnetId":{
+ "Ref":"Data01"
+ },
+ "RouteTableId":{
+ "Ref":"PrivateRouteTable"
+ }
+ }
+ },
+ "PrivateSubnetRouteTableAssociationData02":{
+ "Type":"AWS::EC2::SubnetRouteTableAssociation",
+ "Properties":{
+ "SubnetId":{
+ "Ref":"Data02"
+ },
+ "RouteTableId":{
+ "Ref":"PrivateRouteTable"
+ }
+ }
+ },
+ "PrivateSubnetRouteTableAssociationCache01":{
+ "Type":"AWS::EC2::SubnetRouteTableAssociation",
+ "Properties":{
+ "SubnetId":{
+ "Ref":"Cache01"
+ },
+ "RouteTableId":{
+ "Ref":"PrivateRouteTable"
+ }
+ }
+ },
+ "PrivateSubnetRouteTableAssociationCache02":{
+ "Type":"AWS::EC2::SubnetRouteTableAssociation",
+ "Properties":{
+ "SubnetId":{
+ "Ref":"Cache02"
+ },
+ "RouteTableId":{
+ "Ref":"PrivateRouteTable"
+ }
+ }
+ },
+ "PrivateNetworkAcl":{
+ "Type":"AWS::EC2::NetworkAcl",
+ "Properties":{
+ "VpcId":{
+ "Ref":"EdxVPC"
+ },
+ "Tags":[
+ {
+ "Key":"Application",
+ "Value":{
+ "Ref":"AWS::StackId"
+ }
+ },
+ {
+ "Key":"Network",
+ "Value":"Private"
+ }
+ ]
+ }
+ },
+ "InboundPrivateNetworkAclEntry":{
+ "Type":"AWS::EC2::NetworkAclEntry",
+ "Properties":{
+ "NetworkAclId":{
+ "Ref":"PrivateNetworkAcl"
+ },
+ "RuleNumber":"100",
+ "Protocol":"6",
+ "RuleAction":"allow",
+ "Egress":"false",
+ "CidrBlock":"0.0.0.0/0",
+ "PortRange":{
+ "From":"0",
+ "To":"65535"
+ }
+ }
+ },
+ "OutBoundPrivateNetworkAclEntry":{
+ "Type":"AWS::EC2::NetworkAclEntry",
+ "Properties":{
+ "NetworkAclId":{
+ "Ref":"PrivateNetworkAcl"
+ },
+ "RuleNumber":"100",
+ "Protocol":"6",
+ "RuleAction":"allow",
+ "Egress":"true",
+ "CidrBlock":"0.0.0.0/0",
+ "PortRange":{
+ "From":"0",
+ "To":"65535"
+ }
+ }
+ },
+ "PrivateSubnetNetworkAclAssociationEdxapp01":{
+ "Type":"AWS::EC2::SubnetNetworkAclAssociation",
+ "Properties":{
+ "SubnetId":{
+ "Ref":"EdxappSubnet01"
+ },
+ "NetworkAclId":{
+ "Ref":"PrivateNetworkAcl"
+ }
+ }
+ },
+ "PrivateSubnetNetworkAclAssociationEdxapp02":{
+ "Type":"AWS::EC2::SubnetNetworkAclAssociation",
+ "Properties":{
+ "SubnetId":{
+ "Ref":"EdxappSubnet02"
+ },
+ "NetworkAclId":{
+ "Ref":"PrivateNetworkAcl"
+ }
+ }
+ },
+ "PrivateSubnetNetworkAclAssociationXqueue01":{
+ "Type":"AWS::EC2::SubnetNetworkAclAssociation",
+ "Properties":{
+ "SubnetId":{
+ "Ref":"XqueueSubnet01"
+ },
+ "NetworkAclId":{
+ "Ref":"PrivateNetworkAcl"
+ }
+ }
+ },
+ "PrivateSubnetNetworkAclAssociationXqueue02":{
+ "Type":"AWS::EC2::SubnetNetworkAclAssociation",
+ "Properties":{
+ "SubnetId":{
+ "Ref":"XqueueSubnet02"
+ },
+ "NetworkAclId":{
+ "Ref":"PrivateNetworkAcl"
+ }
+ }
+ },
+ "PrivateSubnetNetworkAclAssociationRabbit01":{
+ "Type":"AWS::EC2::SubnetNetworkAclAssociation",
+ "Properties":{
+ "SubnetId":{
+ "Ref":"RabbitSubnet01"
+ },
+ "NetworkAclId":{
+ "Ref":"PrivateNetworkAcl"
+ }
+ }
+ },
+ "PrivateSubnetNetworkAclAssociationRabbit02":{
+ "Type":"AWS::EC2::SubnetNetworkAclAssociation",
+ "Properties":{
+ "SubnetId":{
+ "Ref":"RabbitSubnet02"
+ },
+ "NetworkAclId":{
+ "Ref":"PrivateNetworkAcl"
+ }
+ }
+ },
+ "PrivateSubnetNetworkAclAssociationXServer01":{
+ "Type":"AWS::EC2::SubnetNetworkAclAssociation",
+ "Properties":{
+ "SubnetId":{
+ "Ref":"XServerSubnet01"
+ },
+ "NetworkAclId":{
+ "Ref":"PrivateNetworkAcl"
+ }
+ }
+ },
+ "PrivateSubnetNetworkAclAssociationXServer02":{
+ "Type":"AWS::EC2::SubnetNetworkAclAssociation",
+ "Properties":{
+ "SubnetId":{
+ "Ref":"XServerSubnet02"
+ },
+ "NetworkAclId":{
+ "Ref":"PrivateNetworkAcl"
+ }
+ }
+ },
+ "PrivateSubnetNetworkAclAssociationData01":{
+ "Type":"AWS::EC2::SubnetNetworkAclAssociation",
+ "Properties":{
+ "SubnetId":{
+ "Ref":"Data01"
+ },
+ "NetworkAclId":{
+ "Ref":"PrivateNetworkAcl"
+ }
+ }
+ },
+ "PrivateSubnetNetworkAclAssociationData02":{
+ "Type":"AWS::EC2::SubnetNetworkAclAssociation",
+ "Properties":{
+ "SubnetId":{
+ "Ref":"Data02"
+ },
+ "NetworkAclId":{
+ "Ref":"PrivateNetworkAcl"
+ }
+ }
+ },
+ "PrivateSubnetNetworkAclAssociationCache01":{
+ "Type":"AWS::EC2::SubnetNetworkAclAssociation",
+ "Properties":{
+ "SubnetId":{
+ "Ref":"Cache01"
+ },
+ "NetworkAclId":{
+ "Ref":"PrivateNetworkAcl"
+ }
+ }
+ },
+ "PrivateSubnetNetworkAclAssociationCache02":{
+ "Type":"AWS::EC2::SubnetNetworkAclAssociation",
+ "Properties":{
+ "SubnetId":{
+ "Ref":"Cache02"
+ },
+ "NetworkAclId":{
+ "Ref":"PrivateNetworkAcl"
+ }
+ }
+ },
+ "NATIPAddress":{
+ "Type":"AWS::EC2::EIP",
+ "Properties":{
+ "Domain":"vpc",
+ "InstanceId":{
+ "Ref":"NATDevice"
+ }
+ }
+ },
+ "NATDevice":{
+ "Type":"AWS::EC2::Instance",
+ "Properties":{
+ "InstanceType":{
+ "Ref":"NATInstanceType"
+ },
+ "KeyName":{
+ "Ref":"KeyName"
+ },
+ "SubnetId":{
+ "Ref":"PublicSubnet01"
+ },
+ "SourceDestCheck":"false",
+ "ImageId":{
+ "Fn::FindInMap":[
+ "AWSNATAMI",
+ {
+ "Ref":"AWS::Region"
+ },
+ "AMI"
+ ]
+ },
+ "SecurityGroupIds":[
+ {
+ "Ref":"NATSecurityGroup"
+ }
+ ]
+ }
+ },
+ "NATSecurityGroup":{
+ "Type":"AWS::EC2::SecurityGroup",
+ "Properties":{
+ "GroupDescription":"Enable internal access to the NAT device",
+ "VpcId":{
+ "Ref":"EdxVPC"
+ },
+ "SecurityGroupIngress":[
+ {
+ "IpProtocol":"tcp",
+ "FromPort":"80",
+ "ToPort":"80",
+ "CidrIp":"0.0.0.0/0"
+ },
+ {
+ "IpProtocol":"tcp",
+ "FromPort":"443",
+ "ToPort":"443",
+ "CidrIp":"0.0.0.0/0"
+ },
+ {
+ "IpProtocol":"tcp",
+ "FromPort":"22",
+ "ToPort":"22",
+ "CidrIp":{
+ "Ref":"SSHLocation"
+ }
+ }
+ ],
+ "SecurityGroupEgress":[
+ {
+ "IpProtocol":"tcp",
+ "FromPort":"80",
+ "ToPort":"80",
+ "CidrIp":"0.0.0.0/0"
+ },
+ {
+ "IpProtocol":"tcp",
+ "FromPort":"443",
+ "ToPort":"443",
+ "CidrIp":"0.0.0.0/0"
+ }
+ ]
+ }
+ },
+ "BastionIPAddress":{
+ "Type":"AWS::EC2::EIP",
+ "Properties":{
+ "Domain":"vpc",
+ "InstanceId":{
+ "Ref":"BastionHost"
+ }
+ }
+ },
+ "BastionHost":{
+ "Type":"AWS::EC2::Instance",
+ "Properties":{
+ "InstanceType":{
+ "Ref":"BastionInstanceType"
+ },
+ "KeyName":{
+ "Ref":"KeyName"
+ },
+ "SubnetId":{
+ "Ref":"PublicSubnet01"
+ },
+ "ImageId":{
+ "Fn::FindInMap":[
+ "AWSRegionArch2AMI",
+ {
+ "Ref":"AWS::Region"
+ },
+ {
+ "Fn::FindInMap":[
+ "AWSInstanceType2Arch",
+ {
+ "Ref":"BastionInstanceType"
+ },
+ "Arch"
+ ]
+ }
+ ]
+ },
+ "SecurityGroupIds":[
+ {
+ "Ref":"BastionSecurityGroup"
+ }
+ ]
+ }
+ },
+ "BastionSecurityGroup":{
+ "Type":"AWS::EC2::SecurityGroup",
+ "Properties":{
+ "GroupDescription":"Enable access to the Bastion host",
+ "VpcId":{
+ "Ref":"EdxVPC"
+ },
+ "SecurityGroupIngress":[
+ {
+ "IpProtocol":"tcp",
+ "FromPort":"22",
+ "ToPort":"22",
+ "CidrIp":{
+ "Ref":"SSHLocation"
+ }
+ }
+ ],
+ "SecurityGroupEgress":[
+ {
+ "IpProtocol":"tcp",
+ "FromPort":"22",
+ "ToPort":"22",
+ "CidrIp":{
+ "Fn::FindInMap":[
+ "SubnetConfig",
+ "Edxapp01",
+ "CIDR"
+ ]
+ }
+ },
+ {
+ "IpProtocol":"tcp",
+ "FromPort":"22",
+ "ToPort":"22",
+ "CidrIp":{
+ "Fn::FindInMap":[
+ "SubnetConfig",
+ "Edxapp02",
+ "CIDR"
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "EdxServerUser":{
+ "Type":"AWS::IAM::User",
+ "Properties":{
+ "Path":"/",
+ "Policies":[
+ {
+ "PolicyName":"root",
+ "PolicyDocument":{
+ "Statement":[
+ {
+ "Effect":"Allow",
+ "Action":[
+ "cloudformation:DescribeStackResource",
+ "s3:Put"
+ ],
+ "Resource":"*"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "HostKeys":{
+ "Type":"AWS::IAM::AccessKey",
+ "Properties":{
+ "UserName":{
+ "Ref":"EdxServerUser"
+ }
+ }
+ },
+ "AdminSecurityGroup":{
+ "Type":"AWS::EC2::SecurityGroup",
+ "Properties":{
+ "GroupDescription":"Admin Security Group",
+ "VpcId":{
+ "Ref":"EdxVPC"
+ },
+ "SecurityGroupIngress":[
+ {
+ "IpProtocol":"tcp",
+ "FromPort":"22",
+ "ToPort":"22",
+ "CidrIp":{
+ "Ref":"SSHLocation"
+ }
+ }
+ ]
+ }
+ },
+ "EdxappServer":{
+ "Type":"AWS::AutoScaling::LaunchConfiguration",
+ "Metadata":{
+ "AWS::CloudFormation::Init":{
+ "config":{
+ "files":{
+ "/home/ubuntu/.s3cfg":{
+ "content":{
+ "Fn::Join":[
+ "",
+ [
+ "[default]\n",
+ "access_key = ",
+ {
+ "Ref":"HostKeys"
+ },
+ "\n",
+ "secret_key = ",
+ {
+ "Fn::GetAtt":[
+ "HostKeys",
+ "SecretAccessKey"
+ ]
+ },
+ "\n",
+ "use_https = True\n"
+ ]
+ ]
+ },
+ "mode":"000644",
+ "owner":"ubuntu",
+ "group":"ubuntu"
+ }
+ }
+ }
+ }
+ },
+ "Properties":{
+ "SecurityGroups":[
+ {
+ "Ref":"EdxappServerSecurityGroup"
+ }
+ ],
+ "ImageId":{
+ "Fn::FindInMap":[
+ "AWSRegionArch2AMI",
+ {
+ "Ref":"AWS::Region"
+ },
+ {
+ "Fn::FindInMap":[
+ "AWSInstanceType2Arch",
+ {
+ "Ref":"InstanceType"
+ },
+ "Arch"
+ ]
+ }
+ ]
+ },
+ "UserData":{
+ "Fn::Base64":{
+ "Fn::Join":[
+ "",
+ [
+ "#!/bin/bash\n",
+ "exec >> /home/ubuntu/cflog.log\n",
+ "exec 2>> /home/ubuntu/cflog.log\n",
+ "function error_exit\n",
+ "{\n",
+ " cfn-signal -e 1 -r \"$1\" '",
+ {
+ "Ref":"EdxServerWaitHandle"
+ },
+ "'\n",
+ " exit 1\n",
+ "}\n",
+ "apt-get -y update\n",
+ "apt-get -y install python-setuptools\n",
+ "echo \"Python Tools installed\" - `date` >> /home/ubuntu/cflog.txt\n",
+ "easy_install https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-latest.tar.gz\n",
+ "echo \"Cloudformation Boostrap installed \" - `date` >> /home/ubuntu/cflog.txt\n",
+ "cfn-init --region ",
+ {
+ "Ref":"AWS::Region"
+ },
+ " -s ",
+ {
+ "Ref":"AWS::StackName"
+ },
+ " -r EdxappServer ",
+ " --access-key ",
+ {
+ "Ref":"HostKeys"
+ },
+ " --secret-key ",
+ {
+ "Fn::GetAtt":[
+ "HostKeys",
+ "SecretAccessKey"
+ ]
+ },
+ " || error_exit 'Failed to run cfn-init'\n",
+ "echo \"cfn-init run \" - `date` >> /home/ubuntu/cflog.txt\n",
+ "# If all went well, signal success\n",
+ "cfn-signal -e $? -r 'Edx Server configuration' '",
+ {
+ "Ref":"EdxServerWaitHandle"
+ },
+ "'\n"
+ ]
+ ]
+ }
+ },
+ "KeyName":{
+ "Ref":"KeyName"
+ },
+ "InstanceType":{
+ "Ref":"InstanceType"
+ },
+ "BlockDeviceMappings":[
+ {
+ "DeviceName":"/dev/xvdb",
+ "Ebs":{
+ "VolumeSize":"50"
+ }
+ },
+ {
+ "DeviceName":"/dev/xvdc",
+ "Ebs":{
+ "VolumeSize":"50"
+ }
+ }
+ ]
+ }
+ },
+ "EdxappServerASGroup":{
+ "Type":"AWS::AutoScaling::AutoScalingGroup",
+ "Properties":{
+ "AvailabilityZones":[
+ {
+ "Fn::GetAtt":[
+ "EdxappSubnet01",
+ "AvailabilityZone"
+ ]
+ },
+ {
+ "Fn::GetAtt":[
+ "EdxappSubnet02",
+ "AvailabilityZone"
+ ]
+ }
+ ],
+ "VPCZoneIdentifier":[
+ {
+ "Ref":"EdxappSubnet01"
+ },
+ {
+ "Ref":"EdxappSubnet02"
+ }
+ ],
+ "Tags":[
+ {
+ "Key":"group",
+ "Value":"edxapp",
+ "PropagateAtLaunch":true
+ },
+ {
+ "Key":"environment",
+ "Value":{
+ "Ref":"EnvironmentTag"
+ },
+ "PropagateAtLaunch":true
+ }
+ ],
+ "LaunchConfigurationName":{
+ "Ref":"EdxappServer"
+ },
+ "MinSize":"2",
+ "MaxSize":"2",
+ "DesiredCapacity":{
+ "Ref":"EdxappDesiredCapacity"
+ },
+ "LoadBalancerNames":[
+ {
+ "Ref":"EdxappELB"
+ }
+ ]
+ }
+ },
+ "EdxappServerScaleUpPolicy":{
+ "Type":"AWS::AutoScaling::ScalingPolicy",
+ "Properties":{
+ "AdjustmentType":"ChangeInCapacity",
+ "AutoScalingGroupName":{
+ "Ref":"EdxappServerASGroup"
+ },
+ "Cooldown":"60",
+ "ScalingAdjustment":"1"
+ }
+ },
+ "EdxappServerScaleDownPolicy":{
+ "Type":"AWS::AutoScaling::ScalingPolicy",
+ "Properties":{
+ "AdjustmentType":"ChangeInCapacity",
+ "AutoScalingGroupName":{
+ "Ref":"EdxappServerASGroup"
+ },
+ "Cooldown":"60",
+ "ScalingAdjustment":"-1"
+ }
+ },
+ "EdxappCPUAlarmHigh":{
+ "Type":"AWS::CloudWatch::Alarm",
+ "Properties":{
+ "AlarmDescription":"Scale-up if CPU > 90% for 10 minutes",
+ "MetricName":"CPUUtilization",
+ "Namespace":"AWS/EC2",
+ "Statistic":"Average",
+ "Period":"300",
+ "EvaluationPeriods":"2",
+ "Threshold":"90",
+ "AlarmActions":[
+ {
+ "Ref":"EdxappServerScaleUpPolicy"
+ }
+ ],
+ "Dimensions":[
+ {
+ "Name":"AutoScalingGroupName",
+ "Value":{
+ "Ref":"EdxappServerASGroup"
+ }
+ }
+ ],
+ "ComparisonOperator":"GreaterThanThreshold"
+ }
+ },
+ "EdxappCPUAlarmLow":{
+ "Type":"AWS::CloudWatch::Alarm",
+ "Properties":{
+ "AlarmDescription":"Scale-down if CPU < 70% for 10 minutes",
+ "MetricName":"CPUUtilization",
+ "Namespace":"AWS/EC2",
+ "Statistic":"Average",
+ "Period":"300",
+ "EvaluationPeriods":"2",
+ "Threshold":"70",
+ "AlarmActions":[
+ {
+ "Ref":"EdxappServerScaleDownPolicy"
+ }
+ ],
+ "Dimensions":[
+ {
+ "Name":"AutoScalingGroupName",
+ "Value":{
+ "Ref":"EdxappServerASGroup"
+ }
+ }
+ ],
+ "ComparisonOperator":"LessThanThreshold"
+ }
+ },
+ "EdxappELB":{
+ "Type":"AWS::ElasticLoadBalancing::LoadBalancer",
+ "Properties":{
+ "SecurityGroups":[
+ {
+ "Ref":"EdxappELBSecurityGroup"
+ }
+ ],
+ "Listeners":[
+ {
+ "LoadBalancerPort":"80",
+ "InstancePort":{
+ "Ref":"WebServerPort"
+ },
+ "Protocol":"HTTP"
+ }
+ ],
+ "HealthCheck":{
+ "Target":"TCP:22",
+ "HealthyThreshold":"3",
+ "UnhealthyThreshold":"5",
+ "Interval":"30",
+ "Timeout":"5"
+ },
+ "Subnets":[
+ {
+ "Ref":"PublicSubnet01"
+ }
+ ]
+ }
+ },
+ "EdxappELBSecurityGroup":{
+ "Type":"AWS::EC2::SecurityGroup",
+ "Properties":{
+ "GroupDescription":"Enable HTTP access on port 80",
+ "VpcId":{
+ "Ref":"EdxVPC"
+ },
+ "SecurityGroupIngress":[
+ {
+ "IpProtocol":"tcp",
+ "FromPort":"80",
+ "ToPort":"80",
+ "CidrIp":"0.0.0.0/0"
+ },
+ {
+ "IpProtocol":"tcp",
+ "FromPort":"443",
+ "ToPort":"443",
+ "CidrIp":"0.0.0.0/0"
+ }
+ ],
+ "SecurityGroupEgress":[
+ {
+ "IpProtocol":"tcp",
+ "FromPort":"80",
+ "ToPort":"80",
+ "CidrIp":"0.0.0.0/0"
+ },
+ {
+ "IpProtocol":"tcp",
+ "FromPort":"443",
+ "ToPort":"443",
+ "CidrIp":"0.0.0.0/0"
+ }
+ ]
+ }
+ },
+ "EdxappServerSecurityGroup":{
+ "Type":"AWS::EC2::SecurityGroup",
+ "Properties":{
+ "GroupDescription":"Open up SSH access plus Edx Server required ports",
+ "VpcId":{
+ "Ref":"EdxVPC"
+ },
+ "SecurityGroupIngress":[
+ {
+ "IpProtocol":"tcp",
+ "FromPort":"22",
+ "ToPort":"22",
+ "CidrIp":{
+ "Ref":"SSHLocation"
+ }
+ },
+ {
+ "IpProtocol":"tcp",
+ "FromPort":"80",
+ "ToPort":"80",
+ "CidrIp":"0.0.0.0/0"
+ },
+ {
+ "IpProtocol":"tcp",
+ "FromPort":"443",
+ "ToPort":"443",
+ "CidrIp":"0.0.0.0/0"
+ }
+ ]
+ }
+ },
+ "EdxServerWaitHandle":{
+ "Type":"AWS::CloudFormation::WaitConditionHandle"
+ },
+ "EdxServerWaitCondition":{
+ "Type":"AWS::CloudFormation::WaitCondition",
+ "DependsOn":"EdxappServer",
+ "Properties":{
+ "Handle":{
+ "Ref":"EdxServerWaitHandle"
+ },
+ "Timeout":"1200"
+ }
+ },
+ "XqueueServer":{
+ "Type":"AWS::AutoScaling::LaunchConfiguration",
+ "Metadata":{
+ "AWS::CloudFormation::Init":{
+ "config":{
+ "files":{
+ "/home/ubuntu/.s3cfg":{
+ "content":{
+ "Fn::Join":[
+ "",
+ [
+ "[default]\n",
+ "access_key = ",
+ {
+ "Ref":"HostKeys"
+ },
+ "\n",
+ "secret_key = ",
+ {
+ "Fn::GetAtt":[
+ "HostKeys",
+ "SecretAccessKey"
+ ]
+ },
+ "\n",
+ "use_https = True\n"
+ ]
+ ]
+ },
+ "mode":"000644",
+ "owner":"ubuntu",
+ "group":"ubuntu"
+ }
+ }
+ }
+ }
+ },
+ "Properties":{
+ "SecurityGroups":[
+ {
+ "Ref":"XqueueServerSecurityGroup"
+ }
+ ],
+ "ImageId":{
+ "Fn::FindInMap":[
+ "AWSRegionArch2AMI",
+ {
+ "Ref":"AWS::Region"
+ },
+ {
+ "Fn::FindInMap":[
+ "AWSInstanceType2Arch",
+ {
+ "Ref":"InstanceType"
+ },
+ "Arch"
+ ]
+ }
+ ]
+ },
+ "UserData":{
+ "Fn::Base64":{
+ "Fn::Join":[
+ "",
+ [
+ "#!/bin/bash\n",
+ "exec >> /home/ubuntu/cflog.log\n",
+ "exec 2>> /home/ubuntu/cflog.log\n",
+ "function error_exit\n",
+ "{\n",
+ " cfn-signal -e 1 -r \"$1\" '",
+ {
+ "Ref":"XqueueServerWaitHandle"
+ },
+ "'\n",
+ " exit 1\n",
+ "}\n",
+ "apt-get -y update\n",
+ "apt-get -y install python-setuptools\n",
+ "echo \"Python Tools installed\" - `date` >> /home/ubuntu/cflog.txt\n",
+ "easy_install https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-latest.tar.gz\n",
+ "echo \"Cloudformation Boostrap installed \" - `date` >> /home/ubuntu/cflog.txt\n",
+ "cfn-init --region ",
+ {
+ "Ref":"AWS::Region"
+ },
+ " -s ",
+ {
+ "Ref":"AWS::StackName"
+ },
+ " -r EdxappServer ",
+ " --access-key ",
+ {
+ "Ref":"HostKeys"
+ },
+ " --secret-key ",
+ {
+ "Fn::GetAtt":[
+ "HostKeys",
+ "SecretAccessKey"
+ ]
+ },
+ " || error_exit 'Failed to run cfn-init'\n",
+ "echo \"cfn-init run \" - `date` >> /home/ubuntu/cflog.txt\n",
+ "# If all went well, signal success\n",
+ "cfn-signal -e $? -r 'Edx Server configuration' '",
+ {
+ "Ref":"XqueueServerWaitHandle"
+ },
+ "'\n"
+ ]
+ ]
+ }
+ },
+ "KeyName":{
+ "Ref":"KeyName"
+ },
+ "InstanceType":{
+ "Ref":"InstanceType"
+ },
+ "BlockDeviceMappings":[
+ {
+ "DeviceName":"/dev/xvdb",
+ "Ebs":{
+ "VolumeSize":"50"
+ }
+ },
+ {
+ "DeviceName":"/dev/xvdc",
+ "Ebs":{
+ "VolumeSize":"50"
+ }
+ }
+ ]
+ }
+ },
+ "XqueueServerASGroup":{
+ "Type":"AWS::AutoScaling::AutoScalingGroup",
+ "Properties":{
+ "AvailabilityZones":[
+ {
+ "Fn::GetAtt":[
+ "XqueueSubnet01",
+ "AvailabilityZone"
+ ]
+ },
+ {
+ "Fn::GetAtt":[
+ "XqueueSubnet02",
+ "AvailabilityZone"
+ ]
+ }
+ ],
+ "VPCZoneIdentifier":[
+ {
+ "Ref":"XqueueSubnet01"
+ },
+ {
+ "Ref":"XqueueSubnet02"
+ }
+ ],
+ "Tags":[
+ {
+ "Key":"group",
+ "Value":"xqueue",
+ "PropagateAtLaunch":true
+ },
+ {
+ "Key":"environment",
+ "Value":{
+ "Ref":"EnvironmentTag"
+ },
+ "PropagateAtLaunch":true
+ }
+ ],
+ "LaunchConfigurationName":{
+ "Ref":"XqueueServer"
+ },
+ "MinSize":"2",
+ "MaxSize":"2",
+ "DesiredCapacity":{
+ "Ref":"XqueueDesiredCapacity"
+ },
+ "LoadBalancerNames":[
+ {
+ "Ref":"XqueueELB"
+ }
+ ]
+ }
+ },
+ "XqueueScaleUpPolicy":{
+ "Type":"AWS::AutoScaling::ScalingPolicy",
+ "Properties":{
+ "AdjustmentType":"ChangeInCapacity",
+ "AutoScalingGroupName":{
+ "Ref":"XqueueServerASGroup"
+ },
+ "Cooldown":"60",
+ "ScalingAdjustment":"1"
+ }
+ },
+ "XqueueScaleDownPolicy":{
+ "Type":"AWS::AutoScaling::ScalingPolicy",
+ "Properties":{
+ "AdjustmentType":"ChangeInCapacity",
+ "AutoScalingGroupName":{
+ "Ref":"XqueueServerASGroup"
+ },
+ "Cooldown":"60",
+ "ScalingAdjustment":"-1"
+ }
+ },
+ "XqueueCPUAlarmHigh":{
+ "Type":"AWS::CloudWatch::Alarm",
+ "Properties":{
+ "AlarmDescription":"Scale-up if CPU > 90% for 10 minutes",
+ "MetricName":"CPUUtilization",
+ "Namespace":"AWS/EC2",
+ "Statistic":"Average",
+ "Period":"300",
+ "EvaluationPeriods":"2",
+ "Threshold":"90",
+ "AlarmActions":[
+ {
+ "Ref":"XqueueScaleUpPolicy"
+ }
+ ],
+ "Dimensions":[
+ {
+ "Name":"AutoScalingGroupName",
+ "Value":{
+ "Ref":"XqueueServerASGroup"
+ }
+ }
+ ],
+ "ComparisonOperator":"GreaterThanThreshold"
+ }
+ },
+ "XqueueCPUAlarmLow":{
+ "Type":"AWS::CloudWatch::Alarm",
+ "Properties":{
+ "AlarmDescription":"Scale-down if CPU < 70% for 10 minutes",
+ "MetricName":"CPUUtilization",
+ "Namespace":"AWS/EC2",
+ "Statistic":"Average",
+ "Period":"300",
+ "EvaluationPeriods":"2",
+ "Threshold":"70",
+ "AlarmActions":[
+ {
+ "Ref":"XqueueScaleDownPolicy"
+ }
+ ],
+ "Dimensions":[
+ {
+ "Name":"AutoScalingGroupName",
+ "Value":{
+ "Ref":"XqueueServerASGroup"
+ }
+ }
+ ],
+ "ComparisonOperator":"LessThanThreshold"
+ }
+ },
+ "XqueueELB":{
+ "Type":"AWS::ElasticLoadBalancing::LoadBalancer",
+ "Properties":{
+ "SecurityGroups":[
+ {
+ "Ref":"XqueueELBSecurityGroup"
+ }
+ ],
+ "Listeners":[
+ {
+ "LoadBalancerPort":"80",
+ "InstancePort":"80",
+ "Protocol":"HTTP"
+ },
+ {
+ "LoadBalancerPort":"443",
+ "InstancePort":"443",
+ "Protocol":"HTTP"
+ }
+ ],
+ "HealthCheck":{
+ "Target":"TCP:22",
+ "HealthyThreshold":"3",
+ "UnhealthyThreshold":"5",
+ "Interval":"30",
+ "Timeout":"5"
+ },
+ "Subnets":[
+ {
+ "Ref":"PublicSubnet01"
+ }
+ ]
+ }
+ },
+ "XqueueELBSecurityGroup":{
+ "Type":"AWS::EC2::SecurityGroup",
+ "Properties":{
+ "GroupDescription":"Enable HTTP access on port 80",
+ "VpcId":{
+ "Ref":"EdxVPC"
+ },
+ "SecurityGroupIngress":[
+ {
+ "IpProtocol":"tcp",
+ "FromPort":"80",
+ "ToPort":"80",
+ "CidrIp":"0.0.0.0/0"
+ },
+ {
+ "IpProtocol":"tcp",
+ "FromPort":"443",
+ "ToPort":"443",
+ "CidrIp":"0.0.0.0/0"
+ }
+ ],
+ "SecurityGroupEgress":[
+ {
+ "IpProtocol":"tcp",
+ "FromPort":"80",
+ "ToPort":"80",
+ "CidrIp":"0.0.0.0/0"
+ },
+ {
+ "IpProtocol":"tcp",
+ "FromPort":"443",
+ "ToPort":"443",
+ "CidrIp":"0.0.0.0/0"
+ }
+ ]
+ }
+ },
+ "XqueueServerSecurityGroup":{
+ "Type":"AWS::EC2::SecurityGroup",
+ "Properties":{
+ "GroupDescription":"Open up SSH access plus Edx Server required ports",
+ "VpcId":{
+ "Ref":"EdxVPC"
+ },
+ "SecurityGroupIngress":[
+ {
+ "IpProtocol":"tcp",
+ "FromPort":"22",
+ "ToPort":"22",
+ "CidrIp":{
+ "Ref":"SSHLocation"
+ }
+ },
+ {
+ "IpProtocol":"tcp",
+ "FromPort":"80",
+ "ToPort":"80",
+ "CidrIp":"0.0.0.0/0"
+ }
+ ]
+ }
+ },
+ "XqueueServerWaitHandle":{
+ "Type":"AWS::CloudFormation::WaitConditionHandle"
+ },
+ "XqueueServerWaitCondition":{
+ "Type":"AWS::CloudFormation::WaitCondition",
+ "DependsOn":"XqueueServer",
+ "Properties":{
+ "Handle":{
+ "Ref":"XqueueServerWaitHandle"
+ },
+ "Timeout":"1200"
+ }
+ },
+ "RabbitMQServer":{
+ "Type":"AWS::AutoScaling::LaunchConfiguration",
+ "Metadata":{
+ "AWS::CloudFormation::Init":{
+ "config":{
+ "files":{
+ "/home/ubuntu/.s3cfg":{
+ "content":{
+ "Fn::Join":[
+ "",
+ [
+ "[default]\n",
+ "access_key = ",
+ {
+ "Ref":"HostKeys"
+ },
+ "\n",
+ "secret_key = ",
+ {
+ "Fn::GetAtt":[
+ "HostKeys",
+ "SecretAccessKey"
+ ]
+ },
+ "\n",
+ "use_https = True\n"
+ ]
+ ]
+ },
+ "mode":"000644",
+ "owner":"ubuntu",
+ "group":"ubuntu"
+ }
+ }
+ }
+ }
+ },
+ "Properties":{
+ "SecurityGroups":[
+ {
+ "Ref":"RabbitMQServerSecurityGroup"
+ }
+ ],
+ "ImageId":{
+ "Fn::FindInMap":[
+ "AWSRegionArch2AMI",
+ {
+ "Ref":"AWS::Region"
+ },
+ {
+ "Fn::FindInMap":[
+ "AWSInstanceType2Arch",
+ {
+ "Ref":"InstanceType"
+ },
+ "Arch"
+ ]
+ }
+ ]
+ },
+ "UserData":{
+ "Fn::Base64":{
+ "Fn::Join":[
+ "",
+ [
+ "#!/bin/bash\n",
+ "exec >> /home/ubuntu/cflog.log\n",
+ "exec 2>> /home/ubuntu/cflog.log\n",
+ "function error_exit\n",
+ "{\n",
+ " cfn-signal -e 1 -r \"$1\" '",
+ {
+ "Ref":"RabbitMQServerWaitHandle"
+ },
+ "'\n",
+ " exit 1\n",
+ "}\n",
+ "apt-get -y update\n",
+ "apt-get -y install python-setuptools\n",
+ "echo \"Python Tools installed\" - `date` >> /home/ubuntu/cflog.txt\n",
+ "easy_install https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-latest.tar.gz\n",
+ "echo \"Cloudformation Boostrap installed \" - `date` >> /home/ubuntu/cflog.txt\n",
+ "cfn-init --region ",
+ {
+ "Ref":"AWS::Region"
+ },
+ " -s ",
+ {
+ "Ref":"AWS::StackName"
+ },
+ " -r RabbitMQServer ",
+ " --access-key ",
+ {
+ "Ref":"HostKeys"
+ },
+ " --secret-key ",
+ {
+ "Fn::GetAtt":[
+ "HostKeys",
+ "SecretAccessKey"
+ ]
+ },
+ " || error_exit 'Failed to run cfn-init'\n",
+ "echo \"cfn-init run \" - `date` >> /home/ubuntu/cflog.txt\n",
+ "# If all went well, signal success\n",
+ "cfn-signal -e $? -r 'Edx Server configuration' '",
+ {
+ "Ref":"RabbitMQServerWaitHandle"
+ },
+ "'\n"
+ ]
+ ]
+ }
+ },
+ "KeyName":{
+ "Ref":"KeyName"
+ },
+ "InstanceType":{
+ "Ref":"InstanceType"
+ },
+ "BlockDeviceMappings":[
+ {
+ "DeviceName":"/dev/xvdb",
+ "Ebs":{
+ "VolumeSize":"50"
+ }
+ },
+ {
+ "DeviceName":"/dev/xvdc",
+ "Ebs":{
+ "VolumeSize":"50"
+ }
+ }
+ ]
+ }
+ },
+ "RabbitMQServerASGroup":{
+ "Type":"AWS::AutoScaling::AutoScalingGroup",
+ "Properties":{
+ "AvailabilityZones":[
+ {
+ "Fn::GetAtt":[
+ "RabbitSubnet01",
+ "AvailabilityZone"
+ ]
+ },
+ {
+ "Fn::GetAtt":[
+ "RabbitSubnet02",
+ "AvailabilityZone"
+ ]
+ }
+ ],
+ "VPCZoneIdentifier":[
+ {
+ "Ref":"RabbitSubnet01"
+ },
+ {
+ "Ref":"RabbitSubnet02"
+ }
+ ],
+ "Tags":[
+ {
+ "Key":"group",
+ "Value":"rabbitmq",
+ "PropagateAtLaunch":true
+ },
+ {
+ "Key":"environment",
+ "Value":{
+ "Ref":"EnvironmentTag"
+ },
+ "PropagateAtLaunch":true
+ }
+ ],
+ "LaunchConfigurationName":{
+ "Ref":"RabbitMQServer"
+ },
+ "MinSize":"2",
+ "MaxSize":"2",
+ "DesiredCapacity":{
+ "Ref":"RabbitMQDesiredCapacity"
+ },
+ "LoadBalancerNames":[
+ {
+ "Ref":"RabbitMQELB"
+ }
+ ]
+ }
+ },
+ "RabbitMQScaleUpPolicy":{
+ "Type":"AWS::AutoScaling::ScalingPolicy",
+ "Properties":{
+ "AdjustmentType":"ChangeInCapacity",
+ "AutoScalingGroupName":{
+ "Ref":"RabbitMQServerASGroup"
+ },
+ "Cooldown":"60",
+ "ScalingAdjustment":"1"
+ }
+ },
+ "RabbitMQScaleDownPolicy":{
+ "Type":"AWS::AutoScaling::ScalingPolicy",
+ "Properties":{
+ "AdjustmentType":"ChangeInCapacity",
+ "AutoScalingGroupName":{
+ "Ref":"RabbitMQServerASGroup"
+ },
+ "Cooldown":"60",
+ "ScalingAdjustment":"-1"
+ }
+ },
+ "RabbitMQCPUAlarmHigh":{
+ "Type":"AWS::CloudWatch::Alarm",
+ "Properties":{
+ "AlarmDescription":"Scale-up if CPU > 90% for 10 minutes",
+ "MetricName":"CPUUtilization",
+ "Namespace":"AWS/EC2",
+ "Statistic":"Average",
+ "Period":"300",
+ "EvaluationPeriods":"2",
+ "Threshold":"90",
+ "AlarmActions":[
+ {
+ "Ref":"RabbitMQScaleUpPolicy"
+ }
+ ],
+ "Dimensions":[
+ {
+ "Name":"AutoScalingGroupName",
+ "Value":{
+ "Ref":"RabbitMQServerASGroup"
+ }
+ }
+ ],
+ "ComparisonOperator":"GreaterThanThreshold"
+ }
+ },
+ "RabbitMQCPUAlarmLow":{
+ "Type":"AWS::CloudWatch::Alarm",
+ "Properties":{
+ "AlarmDescription":"Scale-down if CPU < 70% for 10 minutes",
+ "MetricName":"CPUUtilization",
+ "Namespace":"AWS/EC2",
+ "Statistic":"Average",
+ "Period":"300",
+ "EvaluationPeriods":"2",
+ "Threshold":"70",
+ "AlarmActions":[
+ {
+ "Ref":"RabbitMQScaleDownPolicy"
+ }
+ ],
+ "Dimensions":[
+ {
+ "Name":"AutoScalingGroupName",
+ "Value":{
+ "Ref":"RabbitMQServerASGroup"
+ }
+ }
+ ],
+ "ComparisonOperator":"LessThanThreshold"
+ }
+ },
+ "RabbitMQELB":{
+ "Type":"AWS::ElasticLoadBalancing::LoadBalancer",
+ "Properties":{
+ "Scheme":"internal",
+ "SecurityGroups":[
+ {
+ "Ref":"RabbitMQELBSecurityGroup"
+ }
+ ],
+ "Listeners":[
+ {
+ "LoadBalancerPort":"5672",
+ "InstancePort":"5672",
+ "Protocol":"TCP"
+ },
+ {
+ "LoadBalancerPort":"6163",
+ "InstancePort":"6163",
+ "Protocol":"TCP"
+ }
+ ],
+ "HealthCheck":{
+ "Target":"TCP:22",
+ "HealthyThreshold":"3",
+ "UnhealthyThreshold":"5",
+ "Interval":"30",
+ "Timeout":"5"
+ },
+ "Subnets":[
+ {
+ "Ref":"PublicSubnet01"
+ },
+ {
+ "Ref":"PublicSubnet02"
+ }
+ ]
+ }
+ },
+ "RabbitMQELBSecurityGroup":{
+ "Type":"AWS::EC2::SecurityGroup",
+ "Properties":{
+ "GroupDescription":"Enable TCP access on rabbit ports",
+ "VpcId":{
+ "Ref":"EdxVPC"
+ },
+ "SecurityGroupIngress":[
+ {
+ "IpProtocol":"tcp",
+ "FromPort":"5672",
+ "ToPort":"5672",
+ "CidrIp":"10.0.0.0/16"
+ },
+ {
+ "IpProtocol":"tcp",
+ "FromPort":"6163",
+ "ToPort":"6163",
+ "CidrIp":"10.0.0.0/16"
+ }
+ ],
+ "SecurityGroupEgress":[
+ {
+ "IpProtocol":"tcp",
+ "FromPort":"5672",
+ "ToPort":"5672",
+ "CidrIp":"10.0.0.0/16"
+ },
+ {
+ "IpProtocol":"tcp",
+ "FromPort":"6163",
+ "ToPort":"6163",
+ "CidrIp":"10.0.0.0/16"
+ }
+ ]
+ }
+ },
+ "RabbitMQServerSecurityGroup":{
+ "Type":"AWS::EC2::SecurityGroup",
+ "Properties":{
+ "GroupDescription":"Open up SSH access plus Edx Server required ports",
+ "VpcId":{
+ "Ref":"EdxVPC"
+ },
+ "SecurityGroupIngress":[
+ {
+ "IpProtocol":"tcp",
+ "FromPort":"22",
+ "ToPort":"22",
+ "CidrIp":"10.0.0.0/16"
+ },
+ {
+ "IpProtocol":"tcp",
+ "FromPort":"5672",
+ "ToPort":"5672",
+ "SourceSecurityGroupID" : {
+ "Ref" : "RabbitMQELBSecurityGroup"
+ }
+ },
+ {
+ "IpProtocol":"tcp",
+ "FromPort":"6163",
+ "ToPort":"6163",
+ "SourceSecurityGroupId" : {
+ "Ref" : "RabbitMQELBSecurityGroup"
+ }
+ }
+ ]
+ }
+ },
+ "RabbitMQServerWaitHandle":{
+ "Type":"AWS::CloudFormation::WaitConditionHandle"
+ },
+ "RabbitMQServerWaitCondition":{
+ "Type":"AWS::CloudFormation::WaitCondition",
+ "DependsOn":"RabbitMQServer",
+ "Properties":{
+ "Handle":{
+ "Ref":"RabbitMQServerWaitHandle"
+ },
+ "Timeout":"1200"
+ }
+ },
+ "XServer":{
+ "Type":"AWS::AutoScaling::LaunchConfiguration",
+ "Metadata":{
+ "AWS::CloudFormation::Init":{
+ "config":{
+ "files":{
+ "/home/ubuntu/.s3cfg":{
+ "content":{
+ "Fn::Join":[
+ "",
+ [
+ "[default]\n",
+ "access_key = ",
+ {
+ "Ref":"HostKeys"
+ },
+ "\n",
+ "secret_key = ",
+ {
+ "Fn::GetAtt":[
+ "HostKeys",
+ "SecretAccessKey"
+ ]
+ },
+ "\n",
+ "use_https = True\n"
+ ]
+ ]
+ },
+ "mode":"000644",
+ "owner":"ubuntu",
+ "group":"ubuntu"
+ }
+ }
+ }
+ }
+ },
+ "Properties":{
+ "SecurityGroups":[
+ {
+ "Ref":"XServerSecurityGroup"
+ }
+ ],
+ "ImageId":{
+ "Fn::FindInMap":[
+ "AWSRegionArch2AMI",
+ {
+ "Ref":"AWS::Region"
+ },
+ {
+ "Fn::FindInMap":[
+ "AWSInstanceType2Arch",
+ {
+ "Ref":"InstanceType"
+ },
+ "Arch"
+ ]
+ }
+ ]
+ },
+ "UserData":{
+ "Fn::Base64":{
+ "Fn::Join":[
+ "",
+ [
+ "#!/bin/bash\n",
+ "exec >> /home/ubuntu/cflog.log\n",
+ "exec 2>> /home/ubuntu/cflog.log\n",
+ "function error_exit\n",
+ "{\n",
+ " cfn-signal -e 1 -r \"$1\" '",
+ {
+ "Ref":"XServerWaitHandle"
+ },
+ "'\n",
+ " exit 1\n",
+ "}\n",
+ "apt-get -y update\n",
+ "apt-get -y install python-setuptools\n",
+ "echo \"Python Tools installed\" - `date` >> /home/ubuntu/cflog.txt\n",
+ "easy_install https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-latest.tar.gz\n",
+ "echo \"Cloudformation Boostrap installed \" - `date` >> /home/ubuntu/cflog.txt\n",
+ "cfn-init --region ",
+ {
+ "Ref":"AWS::Region"
+ },
+ " -s ",
+ {
+ "Ref":"AWS::StackName"
+ },
+ " -r XServer ",
+ " --access-key ",
+ {
+ "Ref":"HostKeys"
+ },
+ " --secret-key ",
+ {
+ "Fn::GetAtt":[
+ "HostKeys",
+ "SecretAccessKey"
+ ]
+ },
+ " || error_exit 'Failed to run cfn-init'\n",
+ "echo \"cfn-init run \" - `date` >> /home/ubuntu/cflog.txt\n",
+ "# If all went well, signal success\n",
+ "cfn-signal -e $? -r 'Edx Server configuration' '",
+ {
+ "Ref":"XServerWaitHandle"
+ },
+ "'\n"
+ ]
+ ]
+ }
+ },
+ "KeyName":{
+ "Ref":"KeyName"
+ },
+ "InstanceType":{
+ "Ref":"InstanceType"
+ },
+ "BlockDeviceMappings":[
+ {
+ "DeviceName":"/dev/xvdb",
+ "Ebs":{
+ "VolumeSize":"50"
+ }
+ },
+ {
+ "DeviceName":"/dev/xvdc",
+ "Ebs":{
+ "VolumeSize":"50"
+ }
+ }
+ ]
+ }
+ },
+ "XServerASGroup":{
+ "Type":"AWS::AutoScaling::AutoScalingGroup",
+ "Properties":{
+ "AvailabilityZones":[
+ {
+ "Fn::GetAtt":[
+ "XServerSubnet01",
+ "AvailabilityZone"
+ ]
+ },
+ {
+ "Fn::GetAtt":[
+ "XServerSubnet02",
+ "AvailabilityZone"
+ ]
+ }
+ ],
+ "VPCZoneIdentifier":[
+ {
+ "Ref":"XServerSubnet01"
+ },
+ {
+ "Ref":"XServerSubnet02"
+ }
+ ],
+ "Tags":[
+ {
+ "Key":"group",
+ "Value":"xserver",
+ "PropagateAtLaunch":true
+ },
+ {
+ "Key":"environment",
+ "Value":{
+ "Ref":"EnvironmentTag"
+ },
+ "PropagateAtLaunch":true
+ }
+ ],
+ "LaunchConfigurationName":{
+ "Ref":"XServer"
+ },
+ "MinSize":"2",
+ "MaxSize":"2",
+ "DesiredCapacity":{
+ "Ref":"XServerDesiredCapacity"
+ },
+ "LoadBalancerNames":[
+ {
+ "Ref":"XServerELB"
+ }
+ ]
+ }
+ },
+ "XServerScaleUpPolicy":{
+ "Type":"AWS::AutoScaling::ScalingPolicy",
+ "Properties":{
+ "AdjustmentType":"ChangeInCapacity",
+ "AutoScalingGroupName":{
+ "Ref":"XServerASGroup"
+ },
+ "Cooldown":"60",
+ "ScalingAdjustment":"1"
+ }
+ },
+ "XServerScaleDownPolicy":{
+ "Type":"AWS::AutoScaling::ScalingPolicy",
+ "Properties":{
+ "AdjustmentType":"ChangeInCapacity",
+ "AutoScalingGroupName":{
+ "Ref":"XServerASGroup"
+ },
+ "Cooldown":"60",
+ "ScalingAdjustment":"-1"
+ }
+ },
+ "XServerCPUAlarmHigh":{
+ "Type":"AWS::CloudWatch::Alarm",
+ "Properties":{
+ "AlarmDescription":"Scale-up if CPU > 90% for 10 minutes",
+ "MetricName":"CPUUtilization",
+ "Namespace":"AWS/EC2",
+ "Statistic":"Average",
+ "Period":"300",
+ "EvaluationPeriods":"2",
+ "Threshold":"90",
+ "AlarmActions":[
+ {
+ "Ref":"XServerScaleUpPolicy"
+ }
+ ],
+ "Dimensions":[
+ {
+ "Name":"AutoScalingGroupName",
+ "Value":{
+ "Ref":"XServerASGroup"
+ }
+ }
+ ],
+ "ComparisonOperator":"GreaterThanThreshold"
+ }
+ },
+ "XServerCPUAlarmLow":{
+ "Type":"AWS::CloudWatch::Alarm",
+ "Properties":{
+ "AlarmDescription":"Scale-down if CPU < 70% for 10 minutes",
+ "MetricName":"CPUUtilization",
+ "Namespace":"AWS/EC2",
+ "Statistic":"Average",
+ "Period":"300",
+ "EvaluationPeriods":"2",
+ "Threshold":"70",
+ "AlarmActions":[
+ {
+ "Ref":"XServerScaleDownPolicy"
+ }
+ ],
+ "Dimensions":[
+ {
+ "Name":"AutoScalingGroupName",
+ "Value":{
+ "Ref":"XServerASGroup"
+ }
+ }
+ ],
+ "ComparisonOperator":"LessThanThreshold"
+ }
+ },
+ "XServerELB":{
+ "Type":"AWS::ElasticLoadBalancing::LoadBalancer",
+ "Properties":{
+ "Scheme":"internal",
+ "SecurityGroups":[
+ {
+ "Ref":"XServerELBSecurityGroup"
+ }
+ ],
+ "Listeners":[
+ {
+ "LoadBalancerPort":"5672",
+ "InstancePort":"5672",
+ "Protocol":"TCP"
+ },
+ {
+ "LoadBalancerPort":"6163",
+ "InstancePort":"6163",
+ "Protocol":"TCP"
+ }
+ ],
+ "HealthCheck":{
+ "Target":"TCP:22",
+ "HealthyThreshold":"3",
+ "UnhealthyThreshold":"5",
+ "Interval":"30",
+ "Timeout":"5"
+ },
+ "Subnets":[
+ {
+ "Ref":"PublicSubnet01"
+ },
+ {
+ "Ref":"PublicSubnet02"
+ }
+ ]
+ }
+ },
+ "XServerELBSecurityGroup":{
+ "Type":"AWS::EC2::SecurityGroup",
+ "Properties":{
+ "GroupDescription":"Enable TCP access on xserver ports",
+ "VpcId":{
+ "Ref":"EdxVPC"
+ },
+ "SecurityGroupIngress":[
+ {
+ "IpProtocol":"tcp",
+ "FromPort":"80",
+ "ToPort":"80",
+ "CidrIp":"10.0.0.0/16"
+ }
+ ],
+ "SecurityGroupEgress":[
+ {
+ "IpProtocol":"tcp",
+ "FromPort":"80",
+ "ToPort":"80",
+ "CidrIp":"10.0.0.0/16"
+ }
+ ]
+ }
+ },
+ "XServerSecurityGroup":{
+ "Type":"AWS::EC2::SecurityGroup",
+ "Properties":{
+ "GroupDescription":"Open up SSH access plus XServer required ports",
+ "VpcId":{
+ "Ref":"EdxVPC"
+ },
+ "SecurityGroupIngress":[
+ {
+ "IpProtocol":"tcp",
+ "FromPort":"22",
+ "ToPort":"22",
+ "CidrIp":"10.0.0.0/16"
+ },
+ {
+ "IpProtocol":"tcp",
+ "FromPort":"80",
+ "ToPort":"80",
+ "CidrIp":"10.0.0.0/16"
+ },
+ {
+ "IpProtocol":"tcp",
+ "FromPort":"80",
+ "ToPort":"80",
+ "SourceSecurityGroupId" : {
+ "Ref" : "XServerELBSecurityGroup"
+ }
+ }
+ ]
+ }
+ },
+ "XServerWaitHandle":{
+ "Type":"AWS::CloudFormation::WaitConditionHandle"
+ },
+ "XServerWaitCondition":{
+ "Type":"AWS::CloudFormation::WaitCondition",
+ "DependsOn":"XServer",
+ "Properties":{
+ "Handle":{
+ "Ref":"XServerWaitHandle"
+ },
+ "Timeout":"1200"
+ }
+ },
+ "EdxDataSecurityGroup":{
+ "Type":"AWS::EC2::SecurityGroup",
+ "Properties":{
+ "GroupDescription":"Open up access to the data subnet",
+ "VpcId":{
+ "Ref":"EdxVPC"
+ },
+ "SecurityGroupIngress":[
+ {
+ "IpProtocol":"tcp",
+ "FromPort":"3306",
+ "ToPort":"3306",
+ "CidrIp":"0.0.0.0/0"
+ }
+ ]
+ }
+ },
+ "EdxDBSubnetGroup":{
+ "Type":"AWS::RDS::DBSubnetGroup",
+ "Properties":{
+ "DBSubnetGroupDescription":"Subnets available for the RDS DB Instance",
+ "SubnetIds":[
+ {
+ "Ref":"Data01"
+ },
+ {
+ "Ref":"Data02"
+ }
+ ]
+ }
+ },
+ "DBSecurityGroup":{
+ "Type":"AWS::RDS::DBSecurityGroup",
+ "Properties":{
+ "EC2VpcId":{
+ "Ref":"EdxVPC"
+ },
+ "DBSecurityGroupIngress":[
+ {
+ "EC2SecurityGroupId":{
+ "Ref":"EdxappServerSecurityGroup"
+ }
+ }
+ ],
+ "GroupDescription":"Data access"
+ }
+ },
+ "EdxDB":{
+ "Type":"AWS::RDS::DBInstance",
+ "Properties":{
+ "DBName":{
+ "Ref":"DBName"
+ },
+ "AllocatedStorage":{
+ "Ref":"DBAllocatedStorage"
+ },
+ "DBInstanceClass":{
+ "Ref":"DBClass"
+ },
+ "Engine":"MySQL",
+ "EngineVersion":"5.5",
+ "MasterUsername":{
+ "Ref":"DBUsername"
+ },
+ "MasterUserPassword":{
+ "Ref":"DBPassword"
+ },
+ "DBSubnetGroupName":{
+ "Ref":"EdxDBSubnetGroup"
+ },
+ "DBSecurityGroups":[
+ {
+ "Ref":"DBSecurityGroup"
+ }
+ ],
+ "MultiAZ":"true"
+ }
+ },
+ "CacheSecurityGroup":{
+ "Type":"AWS::EC2::SecurityGroup",
+ "Properties":{
+ "GroupDescription":"Access to the elastic cache cluster",
+ "VpcId":{
+ "Ref":"EdxVPC"
+ },
+ "SecurityGroupIngress":[
+ {
+ "IpProtocol":"tcp",
+ "FromPort":"12345",
+ "ToPort":"12345",
+ "SourceSecurityGroupId":{
+ "Ref":"EdxappELBSecurityGroup"
+ }
+ }
+ ]
+ }
+ }
+ },
+ "Outputs":{
+ "EdxSecurityGroup":{
+ "Description":"EC2 Security Group with access to the Edx server",
+ "Value":{
+ "Ref":"EdxappServerSecurityGroup"
+ }
+ },
+ "DatabaseConfigurationString":{
+ "Description":"JDBC connection string for database",
+ "Value":{
+ "Fn::Join":[
+ "",
+ [
+ "'DATABASES': {\n",
+ " 'default': {\n",
+ " 'ENGINE': 'django.db.backends.mysql',\n",
+ " 'NAME': '",
+ {
+ "Ref":"DBName"
+ },
+ "',\n",
+ " 'USER': '",
+ {
+ "Ref":"DBUsername"
+ },
+ "',\n",
+ " 'PASSWORD': '",
+ {
+ "Ref":"DBPassword"
+ },
+ "',\n",
+ " 'HOST': '",
+ {
+ "Fn::GetAtt":[
+ "EdxDB",
+ "Endpoint.Address"
+ ]
+ },
+ "'\n",
+ " 'PORT': '",
+ {
+ "Fn::GetAtt":[
+ "EdxDB",
+ "Endpoint.Port"
+ ]
+ },
+ "'\n",
+ " }\n",
+ "}\n"
+ ]
+ ]
+ }
+ },
+ "ElasticCacheCreateSubnetGroupCommand":{
+ "Description":"Commands to be run to create the elatic cache. Creation isn't fully supported in CF today.",
+ "Value":{
+ "Fn::Join":[
+ "",
+ [
+ "elasticache-create-cache-subnet-group",
+ " ",
+ {
+ "Ref":"EdxVPC"
+ },
+ "_ElasticCacheSubnetGroup --description 'VPC ElasticCache Subnet Group'",
+ "--subnet-ID-list",
+ " ",
+ {
+ "Ref":"Cache01"
+ },
+ " ",
+ {
+ "Ref":"Cache02"
+ }
+ ]
+ ]
+ }
+ },
+ "ElasticCacheCreateCacheClusterCommand":{
+ "Description":"Foo",
+ "Value":{
+ "Fn::Join":[
+ "",
+ [
+ "elasticache-create-cache-cluster",
+ " ",
+ {
+ "Ref":"EdxVPC"
+ },
+ "_ElacticCacheCluster --num-cache-nodes ",
+ {
+ "Ref":"NumberOfCacheNodes"
+ },
+ " --cache-node-type ",
+ {
+ "Ref":"CacheNodeType"
+ },
+ " --engine memcached --engine-version 1.4.5 --port 12345 --preferred-availability-zone us-east-1b",
+ " --cache-parameter-group-name default.memcached1.4 --auto-minor-version-upgrade true",
+ " --cache-subnet-group-name ElasticCacheSubnetGroup",
+ "bar"
+ ]
+ ]
+ }
+ }
+ }
+}
--
libgit2 0.26.0