Making Web Stack tasty using Cloudformation and some other ingredients..

..while watching pictures of food

● Who am I?● Layered stacks● Cooking tools● Lesson learned● Q&A

Outline

Who am I?

May contain traces of JSON and Python

Cooking tools

Cloudformation

● Describe resources in a template● Supports most AWS services● Infrastructure as code

○ Reusable!

Resources:http://goo.gl/IS68OZ and http://goo.gl/11iWau

Why Use It?

● Controllable and predictable● Saves time● Dev, Staging, Prod● Modular

Anatomy of Cloudformation

● Parameters - up to 60 nowadays● Mapping - Regional AMIs, NAT instances● Resources - Bulk of the template● Outputs - Endpoints, IDs for reference

● Params: CIDR, NAT AMI ID, NAT EIP,● Resources:VPC, Subnets, Security groups,

NAT ● Output: VPC ID, Subnet IDs

10_vpc_layer.json

20_db_layer.json

● Params: VPC IDs, Subnet ID for DB, DNS for DB, DB size, DB name, DB admin etc

● Resources: RDS● Output: RDS endpoint

● Params: VPC IDs, Subnet ID for webserver, autoscaling min/max etc.

● Resources: Autoscaling group, ELB, Ec2 instances.

● Output: ELB endpoint

30_web_layer.json

"Resources" : { "MyEc2Instance" : { "Type" : "AWS::EC2::Instance", "Properties" : { "ImageId" : "ami-a921dfde", "KeyName" : "myec2key", "InstanceType" : "m1.small", "SecurityGroups" : [{ "Ref" : "Ec2SecurityGroup" }], } },

....

"Resources" : { "MyEc2Instance" : { "Type" : "AWS::EC2::Instance", "Properties" : { "ImageId" : { "Ref" : "ImageIdParam" }, "KeyName" :{ "Ref" : "KeyNameParm" }, "InstanceType" :{ "Ref" : "InstanceTypeParam" }, "SecurityGroups" : [{ "Ref" : "Ec2SecurityGroup" }], } },

....

Additional snippets: http://goo.gl/Gj0JI0

Troposphere

Python Vs JSON

Installation:sudo pip install troposphere --upgrade

Objects Vs TextImport Vs Copy/Paste

From troposphere to cloudformation

10_vpc.py

20_web.py

30_db.py

10_vpc.json

20_web.json

30_db.json

print template.to_json()

from troposphere import FindInMap, GetAtt, Join,Parameter, Output, Ref,

Select, Tags, Template

import troposphere.ec2 as ec2

...

ec2_instance = template.add_resource(ec2.Instance(

"MyEc2Instance",

ImageId=FindInMap("RegionMap", Ref("AWS::Region"), "AMI"),

InstanceType=Ref(instancetype_param),

KeyName=Ref(keyname_param),

SecurityGroups =Ref(ec2_sg),

))

Example

Gluing it together..

AWS Command line:unified tool to manage AWS resources, including Cloudformation

Installation:sudo pip install awscli --upgrade

Additional resources:http://goo.gl/PLkbfI

● Create cloudformation:○ python 10_vpc.py > 10_vpc.json;

● Copy to S3:○ aws cp 10_vpc.json s3://bucket/10_vpc.json;

● Instantiate template:○ aws cloudformation create-stack --stack-name 10-VPC --

template-url bucketurl --parameter vpc_params.json --capabilities CAPABILITY_IAM

Gluing it together..

Lesson learned

● Parameterize● Avoid layer dependency● Handle updates with care

○ Resource protection

Questions??

Get in touch

LinkedIn: https://www.linkedin.com/in/nicolasalvo

Twitter: @cloudreach

Website: www.cloudreach.com