Provides infrastructure layer compute capabilities, including both bare metal and virtual servers with various optimizations includins compute, memory, IO, and disk. Also supports accelerations options such as GPUs, FPGAs, Inferentia and Trainium.
Provides image recognition capability for images (in batch or real-time) and video that provides a analysis of the content such as real-world objects, faces, celebrities, and path mapping.
Provides a publish/subscribe notification service with multiple subscription types including Amazon Simple Queue Service (SQS), Amazon Kinesis Data Firehose, AWS Lambda, generic HTTPS endpoints, SMS and email.
A serverless, fully-managed, message queue service that supports producing, store, and consuming messages and enables loose coupling between applications.
Provides private networking capability spanning multiple availability zones and supporting subnets, routing, network access control groups, security groups and gateways.
Provides tracing of service invocations in distributed applications for observability, allowing users to diagnose issues or optimize their service interactions.
AWS CloudFormation is a orchestration tool which deploys infrastructure. It supports nested CloudFormation templates. Nested CloudFormation templates provide a way to reuse large components of infrastructure, such as VPCs, Subnets, Auto Scaling Groups and EC2 Instances. CloudFormation Config Sets provide an alternative reuse mechanism, within an EC2 instance.
User Data
Passing a user data script can customize EC2 instances at launch time. The cloud-init process reads and executes the script, which must be less than 16,384 bytes long.
AWS CloudFormation adds the cfn-init process. cfn-init greatly simplifies the customization process and is not subject to the 16,384 byte restriction of the userData script.
CloudFormation Config Sets
A simple cfn-init configuration contains a single configuration section, called “config”. If cfn-init is called without the –c parameter, “default” is invoked by default.
This simple template starts a CentOS AMI in the US-East-1 (N. VA) region. It installs the CloudFormation tools using a user data script, and then runs cfn-init without the –c option (line 43). The CloudFormation configuration then uses the “default” configSet (lines 46-48) and installs MariaDB from the CentOS repository:
AWSTemplateFormatVersion: "2010-09-09"Description:
Flexible Server ConfigurationParameters:
dbRootPassword:
Type: StringDescription: Database root password.secGrpId:
Type: StringDescription: Security Group Id.subNetId:
Type: StringDescription: Subnet Id.Resources:
FlexServer:
Type: "AWS::EC2::Instance"Properties:
AvailabilityZone: us-east-1aIamInstanceProfile: BackupImageId: ami-6d1c2007# CentOS 7 - https://aws.amazon.com/marketplace/pp/B00O7WM7QW/&ref_=_mkt_ste_menuInstanceType: t2.microKeyName: amazonianSecurityGroupIds: # for VPCs - !Sub ${secGrpId}SubnetId: !Sub ${subNetId}UserData:
"Fn::Base64":
!Sub |#!/bin/bash -xeyum -y update# Setup cfn-bootstrapcd /optcurl https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-latest.tar.gz > aws-cfn-bootstrap-latest.tar.gztar zxvf aws-cfn-bootstrap-latest.tar.gzcd aws-cfn-bootstrap-1.4python setup.py buildpython setup.py install# Run cfn-init/bin/cfn-init -v --stack ${AWS::StackName} --resource FlexServer --region ${AWS::Region}Metadata:
AWS::CloudFormation::Init:
configSets:
default: # The "default" configSet is used when cfn-init is called without -c option - "mariadb"mariadb: # This is the MariaDB that comes with CentOS Base Repopackages:
yum:
mariadb-server: []
files:
/tmp/mariadb_config_stdin.txt:
content: !Sub |Y${dbRootPassword}${dbRootPassword}YYYYmode: "000600"owner: "root"group: "root"commands:
0100_start_mariadb:
command: "/bin/systemctl start mariadb.service"0200_run_secure_script:
command: "/bin/mysql_secure_installation < /tmp/mariadb_config_stdin.txt"0300_cleanup:
command: "rm -vf /tmp/mariadb_config_stdin.txt"services:
sysvinit:
mariadb:
enabled: trueensureRunning: true
Another example of a simple template also starts a CentOS AMI in the US-East-1 (N. VA) region. It also installs the CloudFormation tools using a user data script, and then also runs cfn-init without the –c option. The CloudFormation configuration then installs the Apache Web Server from the CentOS repository and then PHP:
AWSTemplateFormatVersion: "2010-09-09"Description:
Flexible Server ConfigurationParameters:
dbRootPassword:
Type: StringDescription: Database root password.secGrpId:
Type: StringDescription: Security Group Id.subNetId:
Type: StringDescription: Subnet Id.Resources:
FlexServer:
Type: "AWS::EC2::Instance"Properties:
AvailabilityZone: us-east-1aIamInstanceProfile: BackupImageId: ami-6d1c2007# CentOS 7 - https://aws.amazon.com/marketplace/pp/B00O7WM7QW/&ref_=_mkt_ste_menuInstanceType: t2.microKeyName: amazonianSecurityGroupIds: # for VPCs - !Sub ${secGrpId}SubnetId: !Sub ${subNetId}UserData:
"Fn::Base64":
!Sub |#!/bin/bash -xeyum -y update# Setup cfn-bootstrapcd /optcurl https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-latest.tar.gz > aws-cfn-bootstrap-latest.tar.gztar zxvf aws-cfn-bootstrap-latest.tar.gzcd aws-cfn-bootstrap-1.4python setup.py buildpython setup.py install# Run cfn-init/bin/cfn-init -v --stack ${AWS::StackName} --resource FlexServer --region ${AWS::Region}Metadata:
AWS::CloudFormation::Init:
configSets:
default: # The "default" configSet is used when cfn-init is called without -c option - "Apache" - "PHP"# Install Apache Web Server (httpd)Apache:
packages:
yum:
httpd: []
services:
sysvinit:
httpd:
enabled: trueensureRunning: truePHP:
packages:
yum:
php: []
php-mysql: []
Rather than having two different CloudFormation scripts, with “default” sections, we can include “db”, “httpd” and “all” Config Sets, and use the “-c” parameter to select between them. The following CloudFormation template adds a parameter, mode, which switches between the ConfigSets:
AWSTemplateFormatVersion: "2010-09-09"Description:
Flexible Server ConfigurationParameters:
dbRootPassword:
Type: StringDescription: Database root password.secGrpId:
Type: StringDescription: Security Group Id.subNetId:
Type: StringDescription: Subnet Id.mode:
Type: StringDescription: Mode of Install (all, db, httpd)Resources:
FlexServer:
Type: "AWS::EC2::Instance"Properties:
AvailabilityZone: us-east-1aIamInstanceProfile: BackupImageId: ami-6d1c2007# CentOS 7 - https://aws.amazon.com/marketplace/pp/B00O7WM7QW/&ref_=_mkt_ste_menuInstanceType: t2.microKeyName: amazonianSecurityGroupIds: # for VPCs - !Sub ${secGrpId}SubnetId: !Sub ${subNetId}UserData:
"Fn::Base64":
!Sub |#!/bin/bash -xeyum -y update# Setup cfn-bootstrapcd /optcurl https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-latest.tar.gz > aws-cfn-bootstrap-latest.tar.gztar zxvf aws-cfn-bootstrap-latest.tar.gzcd aws-cfn-bootstrap-1.4python setup.py buildpython setup.py install# Run cfn-init/bin/cfn-init -v -c ${mode} --stack ${AWS::StackName} --resource FlexServer --region ${AWS::Region}Metadata:
AWS::CloudFormation::Init:
configSets:
httpd: # The "default" configSet is used when cfn-init is called without -c option - "Apache" - "PHP"db:
- "mariadb"all:
- "mariadb" - "Apache" - "PHP"# Install Apache Web Server (httpd)Apache:
packages:
yum:
httpd: []
services:
sysvinit:
httpd:
enabled: trueensureRunning: truePHP:
packages:
yum:
php: []
php-mysql: []
mariadb: # This is the MariaDB that comes with CentOS Base Repopackages:
yum:
mariadb-server: []
files:
/tmp/mariadb_config_stdin.txt:
content: !Sub |Y${dbRootPassword}${dbRootPassword}YYYYmode: "000600"owner: "root"group: "root"commands:
0100_start_mariadb:
command: "/bin/systemctl start mariadb.service"0200_run_secure_script:
command: "/bin/mysql_secure_installation < /tmp/mariadb_config_stdin.txt"0300_cleanup:
command: "rm -vf /tmp/mariadb_config_stdin.txt"services:
sysvinit:
mariadb:
enabled: trueensureRunning: true
When the AWS CLI CloudFormation call includes –parameters ParameterKey=mode,ParameterValue=httpd,UsePreviousValue=true, that forces cfn-init to use -c httpd. When that happens, the logs show:
When the AWS CLI CloudFormation call includes –parameters ParameterKey=mode,ParameterValue=db,UsePreviousValue=true, that forces cfn-init to use -c db. When that happens, the logs show:
1
2
3
2017-03-14 21:23:23,153 [INFO] Running configSets: db
2017-03-14 21:23:23,153 [INFO] Running configSet db
2017-03-14 21:23:23,154 [INFO] Running config mariadb
When the AWS CLI CloudFormation call includes –parameters ParameterKey=mode,ParameterValue=all,UsePreviousValue=true, that forces cfn-init to use -c db. When that happens, the logs show:
Using this technique, you can maintain just a single CloudFormation template, and use it to create many different combinations of EC2 instances. It is also easier to cut and paste various Config Sets than to extend UserData blocks.
All data and information provided on this site is for informational
purposes only. cloudninja.cloud makes no representations as to accuracy,
completeness, currentness, suitability, or validity of any information
on this site and will not be liable for any errors, omissions, or
delays in this information or any losses, injuries, or damages
arising from its display or use. All information is provided on an
as-is basis.
This is a personal weblog. The opinions expressed here represent my
own and not those of my employer. My opinions may change over time.