/cfn-lab

Primary LanguagePHP

Purpose

System Architecture

To familiar with Infrastructure as code, using AWS Cloudformation template to design a sample web application architecture.

Go through this lab, you will realize Cloudformation (a.k.a -> cfn) how to arrange resources, coordinate the resources component interaction, and associate them within few commands.

The Simple Web Application designed with:

  • VPC
  • Security Group
  • Application Load Balancer
  • RDS-Mysql
  • EC2 On-demand/Spot instances
  • Simple System Manager - Parameter Store

Key Concepts

Cloudfomration components design just like playing lego. If you want to construct a robustness basis architecture, then you do need to consider about draft it as blueprint. Incrementally add on and iteratively deploy, validate it.

Pre-requistie

  1. Take or Create an IAM User for Cloudformation instruction, ensure the IAM user was associated with enough policies to do.
  2. Download or create Keypair named : labuserkey for the default cloudformation template resource instruction usage.
  3. Create an IAM Role for EC2 instance usage, which should be associated with EC2 SSM Parameter Store policies at least.
  4. A good text editor tool, such as VS core, Sublime text, Atom, ... etc.
  5. PHP or other language programming skiils, should not to be expert. Just need to modify arguments as you need.

Go Labs

Prepare development environment

Recommend to use Visual Studio Code or Atom IDE to design CFN, leverage useful plugin would help you to design it effectively.

To adopt JSON or YAML in Cloudformation ?

Generally speaking, depends on your team. There are some criterias to help you make decision.

  • Do you need comments in template ?
  • Do you need to train or facilitate guys to get familiar with cfn?

In case of which 1 you need, recommend to use YAML.

Of course, you can also transfer the different format in 1 second, check this -> Tool for converting AWS CloudFormation templates between JSON and YAML formats

AWS-Shell

AWS-shell

While developing cloudformation template, need a powerful tool to help you describe resources, validate templates, check existing vpc resources.

The integrated aws-shell library would boots up productively.

awslabs/aws-shell

Visual Studio Code

Visual Studio Code official Web Site

VS Code plugin for Cloudformation - JSON

VS Code plugin for Cloudformation

VS Code plugin for Cloudfromation - YAML

Atom

Atom Official Web Site

Atom atom-cform-yaml package

ATOM plugin for Cloudformation YAML

Atom atom-cform package

ATOM plugin for Cloudformation JSON

OneClick Go

In order to quickly lanuch CLoudformation Stack, choose 1 of 5 regions which listed here as the below. if you prefer to create stack at other regions, then you just need to click the region selection at aws management console top right cornor.

click the button to launch the demo stack in Tokyo

cloudformation-launch-stack

click the button to launch the demo stack in us-east-1

cloudformation-launch-stack

click the button to launch the demo stack in us-east-2

cloudformation-launch-stack

click the button to launch the demo stack in us-west-1

cloudformation-launch-stack

click the button to launch the demo stack in us-west-2

cloudformation-launch-stack

About StackName

StackName validate name length is 32 chars, by using nested Stackset, recommend to have good naming convention to prevent hit the max-length limit.

Try to use the naming convention :

{YourName}-{Number}

ex:

Kim-1

Whole Stack creation would take 20 minutes or more, depends on regional resources arrangement status.

After creation completed, check the cloudformation Output and click the LoadBalancerURL link at master stack Output or loadbalancer stack Outputs to see the result.

Application LoadBalancer URL

If you visit the LoadBalancer URL and get 503 Service Temporarily Unavailable !!!

HTTP 503 error

or you face the AMI Test Page

AMI Test Page

It's because the created EC2 instances are still running userdata initializing process, and Application Load Balancer Health Check has started to check staus. While initialized then it would be okay.

The result - Application Load Balancer disptach ingress traffics by round-robin, you would see different instances to serve the traffic.

Public Subnet 1 - 10.180.8.*

Public Subnet 1 - 10.180.8.X

Public Subnet 2 - 10.180.16.*

Public Subnet 2 - 10.180.16.X

Hands-on practice

  1. Clone lab project

git clone https://github.com/humank/20171116-cfn-lab.git

  1. Create S3 Bucket to store Cloudformation Template for later usage.

Recommend to practice this lab at nearest Region to get better user experience.

  1. Generate or keep the IAM User Accesskey csv file, will leverage the Accesskey and AccessSecurityKey to SSH into EC2 instance for check status.

  2. Modify the file : 20171116-cfn-lab/infrastructure/master.yml, replace all the contained stack yml file path to your s3 bucket which just created.

  3. Modify the file : 20171116-cfn-lab/web/index.php, replace the line

curl -o index.php https://s3-ap-northeast-1.amazonaws.com/cfn-stackset-lab/index.php >> /tmp/userdata.log 2>&1

change it to crul to your s3 bucket path.

Don't forget make your index.php file public.