From 22bcd87a993f5403d15e1de5dc0f61f57eacdd09 Mon Sep 17 00:00:00 2001 From: Daniel Dias Date: Sun, 25 Aug 2019 04:47:43 +0200 Subject: [PATCH 1/3] Updated the CF templates with the lattest instance types. --- .../aws-refarch-wordpress-03-bastion.yaml | 275 ++-- .../aws-refarch-wordpress-03-efsalarms.yaml | 249 +++- ...ws-refarch-wordpress-03-efsfilesystem.yaml | 255 +++- .../aws-refarch-wordpress-03-elasticache.yaml | 31 +- templates/aws-refarch-wordpress-03-rds.yaml | 34 +- templates/aws-refarch-wordpress-04-web.yaml | 331 +++-- .../aws-refarch-wordpress-master-newvpc.yaml | 1170 +++++++++++------ 7 files changed, 1620 insertions(+), 725 deletions(-) diff --git a/templates/aws-refarch-wordpress-03-bastion.yaml b/templates/aws-refarch-wordpress-03-bastion.yaml index 1d8183d..d9964b2 100644 --- a/templates/aws-refarch-wordpress-03-bastion.yaml +++ b/templates/aws-refarch-wordpress-03-bastion.yaml @@ -40,97 +40,198 @@ Parameters: Type: AWS::EC2::SecurityGroup::Id BastionInstanceType: AllowedValues: - - t2.nano - - t2.micro - - t2.small - - t2.medium - - t2.large - - t2.xlarge - - t2.2xlarge - - m3.medium - - m3.large - - m3.xlarge - - m3.2xlarge - - m4.large - - m4.xlarge - - m4.2xlarge - - m4.4xlarge - - m4.10xlarge - - m4.16xlarge - - m5.large - - m5.xlarge - - m5.2xlarge - - m5.4xlarge - - m5.12xlarge - - m5.24xlarge - - c3.large - - c3.xlarge - - c3.2xlarge - - c3.4xlarge - - c3.8xlarge - - c4.large - - c4.xlarge - - c4.2xlarge - - c4.4xlarge - - c4.8xlarge - - c5.large - - c5.xlarge - - c5.2xlarge - - c5.4xlarge - - c5.9xlarge + - a1.2xlarge + - a1.4xlarge + - a1.large + - a1.medium + - a1.xlarge + - c4.2xlarge + - c4.4xlarge + - c4.8xlarge + - c4.large + - c4.xlarge + - c5.12xlarge - c5.18xlarge - - r3.large - - r3.xlarge - - r3.2xlarge - - r3.4xlarge - - r3.8xlarge - - r4.large - - r4.xlarge - - r4.2xlarge - - r4.4xlarge - - r4.8xlarge - - r4.16xlarge - - x1.16xlarge - - x1.32xlarge - - x1e.xlarge - - x1e.2xlarge - - x1e.4xlarge - - x1e.8xlarge - - x1e.16xlarge - - x1e.32xlarge - - d2.xlarge - - d2.2xlarge - - d2.4xlarge - - d2.8xlarge - - h1.2xlarge - - h1.4xlarge - - h1.8xlarge - - h1.16xlarge - - i2.xlarge - - i2.2xlarge - - i2.4xlarge - - i2.8xlarge - - i3.large - - i3.xlarge - - i3.2xlarge - - i3.4xlarge - - i3.8xlarge + - c5.24xlarge + - c5.2xlarge + - c5.4xlarge + - c5.9xlarge + - c5.large + - c5.metal + - c5.xlarge + - c5d.18xlarge + - c5d.2xlarge + - c5d.4xlarge + - c5d.9xlarge + - c5d.large + - c5d.xlarge + - c5n.18xlarge + - c5n.2xlarge + - c5n.4xlarge + - c5n.9xlarge + - c5n.large + - c5n.xlarge + - cc1.4xlarge + - cc2.8xlarge + - cg1.4xlarge + - d2.2xlarge + - d2.4xlarge + - d2.8xlarge + - d2.xlarge + - f1.16xlarge + - f1.2xlarge + - f1.4xlarge + - g3.16xlarge + - g3.4xlarge + - g3.8xlarge + - g3s.xlarge + - h1.16xlarge + - h1.2xlarge + - h1.4xlarge + - h1.8xlarge + - hi1.4xlarge - i3.16xlarge - - f1.2xlarge - - f1.16xlarge - - g2.2xlarge - - g2.8xlarge - - g3.4xlarge - - g3.8xlarge - - g3.16xlarge - - p2.xlarge - - p2.8xlarge - - p2.16xlarge - - p3.2xlarge - - p3.8xlarge + - i3.2xlarge + - i3.4xlarge + - i3.8xlarge + - i3.large + - i3.metal + - i3.xlarge + - i3en.12xlarge + - i3en.24xlarge + - i3en.2xlarge + - i3en.3xlarge + - i3en.6xlarge + - i3en.large + - i3en.xlarge + - m4.10xlarge + - m4.16xlarge + - m4.2xlarge + - m4.4xlarge + - m4.large + - m4.xlarge + - m5.12xlarge + - m5.16xlarge + - m5.24xlarge + - m5.2xlarge + - m5.4xlarge + - m5.8xlarge + - m5.large + - m5.metal + - m5.xlarge + - m5a.12xlarge + - m5a.16xlarge + - m5a.24xlarge + - m5a.2xlarge + - m5a.4xlarge + - m5a.8xlarge + - m5a.large + - m5a.xlarge + - m5ad.12xlarge + - m5ad.16xlarge + - m5ad.24xlarge + - m5ad.2xlarge + - m5ad.4xlarge + - m5ad.8xlarge + - m5ad.large + - m5ad.xlarge + - m5d.12xlarge + - m5d.16xlarge + - m5d.24xlarge + - m5d.2xlarge + - m5d.4xlarge + - m5d.8xlarge + - m5d.large + - m5d.metal + - m5d.xlarge + - p2.16xlarge + - p2.8xlarge + - p2.xlarge - p3.16xlarge + - p3.2xlarge + - p3.8xlarge + - p3dn.24xlarge + - r4.16xlarge + - r4.2xlarge + - r4.4xlarge + - r4.8xlarge + - r4.large + - r4.xlarge + - r5.12xlarge + - r5.16xlarge + - r5.24xlarge + - r5.2xlarge + - r5.4xlarge + - r5.8xlarge + - r5.large + - r5.metal + - r5.xlarge + - r5a.12xlarge + - r5a.16xlarge + - r5a.24xlarge + - r5a.2xlarge + - r5a.4xlarge + - r5a.8xlarge + - r5a.large + - r5a.xlarge + - r5ad.12xlarge + - r5ad.16xlarge + - r5ad.24xlarge + - r5ad.2xlarge + - r5ad.4xlarge + - r5ad.8xlarge + - r5ad.large + - r5ad.xlarge + - r5d.12xlarge + - r5d.16xlarge + - r5d.24xlarge + - r5d.2xlarge + - r5d.4xlarge + - r5d.8xlarge + - r5d.large + - r5d.metal + - r5d.xlarge + - t2.2xlarge + - t2.large + - t2.medium + - t2.micro + - t2.nano + - t2.small + - t2.xlarge + - t3.2xlarge + - t3.large + - t3.medium + - t3.micro + - t3.nano + - t3.small + - t3.xlarge + - t3a.2xlarge + - t3a.large + - t3a.medium + - t3a.micro + - t3a.nano + - t3a.small + - t3a.xlarge + - u-12tb1.metal + - u-6tb1.metal + - u-9tb1.metal + - x1.16xlarge + - x1.32xlarge + - x1e.16xlarge + - x1e.2xlarge + - x1e.32xlarge + - x1e.4xlarge + - x1e.8xlarge + - x1e.xlarge + - z1d.12xlarge + - z1d.2xlarge + - z1d.3xlarge + - z1d.6xlarge + - z1d.large + - z1d.metal + - z1d.xlarge ConstraintDescription: Must be a valid Amazon EC2 instance type. - Default: t2.nano + Default: t3a.nano Description: Bastion EC2 instance type. Type: String EC2KeyName: diff --git a/templates/aws-refarch-wordpress-03-efsalarms.yaml b/templates/aws-refarch-wordpress-03-efsalarms.yaml index 88fe7f4..d5dc390 100644 --- a/templates/aws-refarch-wordpress-03-efsalarms.yaml +++ b/templates/aws-refarch-wordpress-03-efsalarms.yaml @@ -19,7 +19,7 @@ Metadata: Parameters: - ElasticFileSystem - WarningThreshold - - CriticalThreshold + - CriticalThreshold - EmailAddress - InstanceType - EC2KeyName @@ -56,7 +56,7 @@ Parameters: Type: String SecurityGroup: Description: Select the Amazon EFS security group. - Type: AWS::EC2::SecurityGroup::Id + Type: AWS::EC2::SecurityGroup::Id ElasticFileSystem: Description: The Amazon EFS file system id. Type: String @@ -65,69 +65,196 @@ Parameters: Type: String InstanceType: AllowedValues: - - t2.nano - - t2.micro - - t2.small - - t2.medium - - t2.large - - t2.xlarge - - t2.2xlarge - - m3.medium - - m3.large - - m3.xlarge - - m3.2xlarge - - m4.large - - m4.xlarge - - m4.2xlarge - - m4.4xlarge - - m4.10xlarge - - m4.16xlarge - - c3.large - - c3.xlarge - - c3.2xlarge - - c3.4xlarge - - c3.8xlarge - - c4.large - - c4.xlarge + - a1.2xlarge + - a1.4xlarge + - a1.large + - a1.medium + - a1.xlarge - c4.2xlarge - c4.4xlarge - c4.8xlarge - - c5.large - - c5.xlarge + - c4.large + - c4.xlarge + - c5.12xlarge + - c5.18xlarge + - c5.24xlarge - c5.2xlarge - c5.4xlarge - - c5.8xlarge - - r3.large - - r3.xlarge - - r3.2xlarge - - r3.4xlarge - - r3.8xlarge - - r4.large - - r4.xlarge - - r4.2xlarge - - r4.4xlarge - - r4.8xlarge - - r4.16xlarge - - i3.large - - i3.xlarge - - i3.2xlarge - - i3.4xlarge - - i3.8xlarge - - i3.16xlarge - - d2.xlarge + - c5.9xlarge + - c5.large + - c5.metal + - c5.xlarge + - c5d.18xlarge + - c5d.2xlarge + - c5d.4xlarge + - c5d.9xlarge + - c5d.large + - c5d.xlarge + - c5n.18xlarge + - c5n.2xlarge + - c5n.4xlarge + - c5n.9xlarge + - c5n.large + - c5n.xlarge + - cc1.4xlarge + - cc2.8xlarge + - cg1.4xlarge - d2.2xlarge - d2.4xlarge - d2.8xlarge - - p2.xlarge - - p2.8xlarage - - p2.16xlarge + - d2.xlarge + - f1.16xlarge + - f1.2xlarge + - f1.4xlarge + - g3.16xlarge - g3.4xlarge - g3.8xlarge - - g3.16xlarge - - f1.2xlarge - - f1.16xlarge + - g3s.xlarge + - h1.16xlarge + - h1.2xlarge + - h1.4xlarge + - h1.8xlarge + - hi1.4xlarge + - i3.16xlarge + - i3.2xlarge + - i3.4xlarge + - i3.8xlarge + - i3.large + - i3.metal + - i3.xlarge + - i3en.12xlarge + - i3en.24xlarge + - i3en.2xlarge + - i3en.3xlarge + - i3en.6xlarge + - i3en.large + - i3en.xlarge + - m4.10xlarge + - m4.16xlarge + - m4.2xlarge + - m4.4xlarge + - m4.large + - m4.xlarge + - m5.12xlarge + - m5.16xlarge + - m5.24xlarge + - m5.2xlarge + - m5.4xlarge + - m5.8xlarge + - m5.large + - m5.metal + - m5.xlarge + - m5a.12xlarge + - m5a.16xlarge + - m5a.24xlarge + - m5a.2xlarge + - m5a.4xlarge + - m5a.8xlarge + - m5a.large + - m5a.xlarge + - m5ad.12xlarge + - m5ad.16xlarge + - m5ad.24xlarge + - m5ad.2xlarge + - m5ad.4xlarge + - m5ad.8xlarge + - m5ad.large + - m5ad.xlarge + - m5d.12xlarge + - m5d.16xlarge + - m5d.24xlarge + - m5d.2xlarge + - m5d.4xlarge + - m5d.8xlarge + - m5d.large + - m5d.metal + - m5d.xlarge + - p2.16xlarge + - p2.8xlarge + - p2.xlarge + - p3.16xlarge + - p3.2xlarge + - p3.8xlarge + - p3dn.24xlarge + - r4.16xlarge + - r4.2xlarge + - r4.4xlarge + - r4.8xlarge + - r4.large + - r4.xlarge + - r5.12xlarge + - r5.16xlarge + - r5.24xlarge + - r5.2xlarge + - r5.4xlarge + - r5.8xlarge + - r5.large + - r5.metal + - r5.xlarge + - r5a.12xlarge + - r5a.16xlarge + - r5a.24xlarge + - r5a.2xlarge + - r5a.4xlarge + - r5a.8xlarge + - r5a.large + - r5a.xlarge + - r5ad.12xlarge + - r5ad.16xlarge + - r5ad.24xlarge + - r5ad.2xlarge + - r5ad.4xlarge + - r5ad.8xlarge + - r5ad.large + - r5ad.xlarge + - r5d.12xlarge + - r5d.16xlarge + - r5d.24xlarge + - r5d.2xlarge + - r5d.4xlarge + - r5d.8xlarge + - r5d.large + - r5d.metal + - r5d.xlarge + - t2.2xlarge + - t2.large + - t2.medium + - t2.micro + - t2.nano + - t2.small + - t2.xlarge + - t3.2xlarge + - t3.large + - t3.medium + - t3.micro + - t3.nano + - t3.small + - t3.xlarge + - t3a.2xlarge + - t3a.large + - t3a.medium + - t3a.micro + - t3a.nano + - t3a.small + - t3a.xlarge + - u-12tb1.metal + - u-6tb1.metal + - u-9tb1.metal - x1.16xlarge - x1.32xlarge + - x1e.16xlarge + - x1e.2xlarge + - x1e.32xlarge + - x1e.4xlarge + - x1e.8xlarge + - x1e.xlarge + - z1d.12xlarge + - z1d.2xlarge + - z1d.3xlarge + - z1d.6xlarge + - z1d.large + - z1d.metal + - z1d.xlarge ConstraintDescription: Must be a valid Amazon EC2 instance type. Default: t2.nano Description: The Amazon EC2 instance type that dynamically adjusts thresholds based on permitted throughput changes. @@ -144,7 +271,7 @@ Parameters: - 6 Default: 3 Description: Number of subnets. This must match your selections in the list of Subnets below. - Type: String + Type: String Subnet: Description: Select existing subnets. Type: List @@ -156,7 +283,7 @@ Parameters: Type: String Conditions: - + NumberOfSubnets1: !Equals [ 1, !Ref NumberOfSubnets ] NumberOfSubnets2: @@ -382,7 +509,7 @@ Resources: set_cloudwatch_alarms: - set-cloudwatch-alarms set-cloudwatch-alarms: - files: + files: /tmp/set-cloudwatch-alarms.sh: content: !Join [ @@ -438,7 +565,7 @@ Resources: "\n", "# calculate new burst credit balance critical threshold\n", "burst_credit_balance_threshold_critical=$(( ${burst_credit_balance:0:-2} - ( ( ( ${burst_credit_balance:0:-2} / ( ${permitted_throughput:0:-2} * 60 ) ) - $CRITICAL_THRESHOLD_MINUTES ) * ( ${permitted_throughput:0:-2} * 60 ) ) ))\n", - "\n", + "\n", "# update warning alarm with new burst credit balance warning threshold\n", "aws cloudwatch put-metric-alarm --alarm-name ''${FILE_SYSTEM_ID}' burst credit balance - Warning - '", !Ref 'AWS::StackName', " --alarm-description ''${FILE_SYSTEM_ID}' burst credit balance - Warning - '", !Ref 'AWS::StackName', " --actions-enabled --alarm-actions ${SNS_ARN} --metric-name BurstCreditBalance --namespace AWS/EFS --statistic Sum --dimensions Name=FileSystemId,Value=${FILE_SYSTEM_ID} --period 60 --evaluation-periods 5 --threshold ${burst_credit_balance_threshold_warning} --comparison-operator LessThanThreshold --treat-missing-data missing --region ${region}\n", "result=$?\n", @@ -477,12 +604,12 @@ Resources: " else\n", " aws sns publish --topic-arn ${SNS_ARN} --region ${region} --message 'Amazon EFS burst credit balance CloudWatch alarm error. Check CloudWatch alarms for file system '${FILE_SYSTEM_ID}'.'\n", "fi\n", - "\n" + "\n" ] ] mode: 000777 owner: root - group: root + group: root Properties: BlockDeviceMappings: - DeviceName: /dev/xvda @@ -510,9 +637,9 @@ Resources: - ntpstat - /opt/aws/bin/cfn-init --configsets set_cloudwatch_alarms --verbose --stack ${AWS::StackName} --resource LaunchConfiguration --region ${AWS::Region} - /tmp/set-cloudwatch-alarms.sh ${ElasticFileSystem} ${WarningThreshold} ${CriticalThreshold} ${SNSTopic} - SNSTopic: + SNSTopic: Type: AWS::SNS::Topic - Properties: + Properties: DisplayName: !Join [ '', [ !Ref ElasticFileSystem, '-alarm-notification' ] ] Subscription: - Endpoint: !Ref EmailAddress diff --git a/templates/aws-refarch-wordpress-03-efsfilesystem.yaml b/templates/aws-refarch-wordpress-03-efsfilesystem.yaml index 5c576c6..d2fbc06 100644 --- a/templates/aws-refarch-wordpress-03-efsfilesystem.yaml +++ b/templates/aws-refarch-wordpress-03-efsfilesystem.yaml @@ -61,77 +61,204 @@ Parameters: Growth: ConstraintDescription: Must be an integer. Default: 0 - Description: Amount of dummy data (GiB) to add to the file system (max 6144 GiB). Amazon EFS storage charges apply. + Description: Amount of dummy data (GiB) to add to the file system (max 6144 GiB). Amazon EFS storage charges apply. MaxValue: 6144 MinValue: 0 Type: Number InstanceType: AllowedValues: - - t2.nano - - t2.micro - - t2.small - - t2.medium - - t2.large - - t2.xlarge - - t2.2xlarge - - m3.medium - - m3.large - - m3.xlarge - - m3.2xlarge - - m4.large - - m4.xlarge - - m4.2xlarge - - m4.4xlarge - - m4.10xlarge - - m4.16xlarge - - c3.large - - c3.xlarge - - c3.2xlarge - - c3.4xlarge - - c3.8xlarge - - c4.large - - c4.xlarge + - a1.2xlarge + - a1.4xlarge + - a1.large + - a1.medium + - a1.xlarge - c4.2xlarge - c4.4xlarge - c4.8xlarge - - c5.large - - c5.xlarge + - c4.large + - c4.xlarge + - c5.12xlarge + - c5.18xlarge + - c5.24xlarge - c5.2xlarge - c5.4xlarge - - c5.8xlarge - - r3.large - - r3.xlarge - - r3.2xlarge - - r3.4xlarge - - r3.8xlarge - - r4.large - - r4.xlarge - - r4.2xlarge - - r4.4xlarge - - r4.8xlarge - - r4.16xlarge - - i3.large - - i3.xlarge - - i3.2xlarge - - i3.4xlarge - - i3.8xlarge - - i3.16xlarge - - d2.xlarge + - c5.9xlarge + - c5.large + - c5.metal + - c5.xlarge + - c5d.18xlarge + - c5d.2xlarge + - c5d.4xlarge + - c5d.9xlarge + - c5d.large + - c5d.xlarge + - c5n.18xlarge + - c5n.2xlarge + - c5n.4xlarge + - c5n.9xlarge + - c5n.large + - c5n.xlarge + - cc1.4xlarge + - cc2.8xlarge + - cg1.4xlarge - d2.2xlarge - d2.4xlarge - d2.8xlarge - - p2.xlarge - - p2.8xlarage - - p2.16xlarge + - d2.xlarge + - f1.16xlarge + - f1.2xlarge + - f1.4xlarge + - g3.16xlarge - g3.4xlarge - g3.8xlarge - - g3.16xlarge - - f1.2xlarge - - f1.16xlarge + - g3s.xlarge + - h1.16xlarge + - h1.2xlarge + - h1.4xlarge + - h1.8xlarge + - hi1.4xlarge + - i3.16xlarge + - i3.2xlarge + - i3.4xlarge + - i3.8xlarge + - i3.large + - i3.metal + - i3.xlarge + - i3en.12xlarge + - i3en.24xlarge + - i3en.2xlarge + - i3en.3xlarge + - i3en.6xlarge + - i3en.large + - i3en.xlarge + - m4.10xlarge + - m4.16xlarge + - m4.2xlarge + - m4.4xlarge + - m4.large + - m4.xlarge + - m5.12xlarge + - m5.16xlarge + - m5.24xlarge + - m5.2xlarge + - m5.4xlarge + - m5.8xlarge + - m5.large + - m5.metal + - m5.xlarge + - m5a.12xlarge + - m5a.16xlarge + - m5a.24xlarge + - m5a.2xlarge + - m5a.4xlarge + - m5a.8xlarge + - m5a.large + - m5a.xlarge + - m5ad.12xlarge + - m5ad.16xlarge + - m5ad.24xlarge + - m5ad.2xlarge + - m5ad.4xlarge + - m5ad.8xlarge + - m5ad.large + - m5ad.xlarge + - m5d.12xlarge + - m5d.16xlarge + - m5d.24xlarge + - m5d.2xlarge + - m5d.4xlarge + - m5d.8xlarge + - m5d.large + - m5d.metal + - m5d.xlarge + - p2.16xlarge + - p2.8xlarge + - p2.xlarge + - p3.16xlarge + - p3.2xlarge + - p3.8xlarge + - p3dn.24xlarge + - r4.16xlarge + - r4.2xlarge + - r4.4xlarge + - r4.8xlarge + - r4.large + - r4.xlarge + - r5.12xlarge + - r5.16xlarge + - r5.24xlarge + - r5.2xlarge + - r5.4xlarge + - r5.8xlarge + - r5.large + - r5.metal + - r5.xlarge + - r5a.12xlarge + - r5a.16xlarge + - r5a.24xlarge + - r5a.2xlarge + - r5a.4xlarge + - r5a.8xlarge + - r5a.large + - r5a.xlarge + - r5ad.12xlarge + - r5ad.16xlarge + - r5ad.24xlarge + - r5ad.2xlarge + - r5ad.4xlarge + - r5ad.8xlarge + - r5ad.large + - r5ad.xlarge + - r5d.12xlarge + - r5d.16xlarge + - r5d.24xlarge + - r5d.2xlarge + - r5d.4xlarge + - r5d.8xlarge + - r5d.large + - r5d.metal + - r5d.xlarge + - t2.2xlarge + - t2.large + - t2.medium + - t2.micro + - t2.nano + - t2.small + - t2.xlarge + - t3.2xlarge + - t3.large + - t3.medium + - t3.micro + - t3.nano + - t3.small + - t3.xlarge + - t3a.2xlarge + - t3a.large + - t3a.medium + - t3a.micro + - t3a.nano + - t3a.small + - t3a.xlarge + - u-12tb1.metal + - u-6tb1.metal + - u-9tb1.metal - x1.16xlarge - x1.32xlarge + - x1e.16xlarge + - x1e.2xlarge + - x1e.32xlarge + - x1e.4xlarge + - x1e.8xlarge + - x1e.xlarge + - z1d.12xlarge + - z1d.2xlarge + - z1d.3xlarge + - z1d.6xlarge + - z1d.large + - z1d.metal + - z1d.xlarge ConstraintDescription: Must be a valid Amazon EC2 instance type. - Default: r4.large + Default: r5.large Description: The Amazon EC2 instance type that adds data to the file system. Type: String EC2KeyName: @@ -146,7 +273,7 @@ Parameters: - 6 Default: 3 Description: Number of subnets. This must match your selections in the list of Subnets below. - Type: String + Type: String PerformanceMode: AllowedValues: - generalPurpose @@ -162,13 +289,13 @@ Parameters: Type: String SecurityGroup: Description: Select the Amazon EFS security group. - Type: AWS::EC2::SecurityGroup::Id + Type: AWS::EC2::SecurityGroup::Id Subnet: Description: Select existing subnets. Type: List Conditions: - + NumberOfSubnets1: !Equals [ 1, !Ref NumberOfSubnets ] NumberOfSubnets2: @@ -206,7 +333,7 @@ Conditions: Subnet4: !Or - !Condition NumberOfSubnets5 - !Condition NumberOfSubnets6 - Subnet5: !Condition NumberOfSubnets6 + Subnet5: !Condition NumberOfSubnets6 UseAWS-ManagedCMK: !Equals ['', !Ref Cmk] @@ -392,7 +519,7 @@ Resources: efs_add_storage: - efs-add-storage efs-add-storage: - files: + files: /tmp/efs-add-storage.sh: content: !Sub | #!/bin/bash -x @@ -462,8 +589,8 @@ Resources: fi done - #Sync data from - + #Sync data from + if [[ ! -z $COPY_SYSTEM_ID ]]; then sudo mkdir -p /$COPY_SYSTEM_ID @@ -518,7 +645,7 @@ Resources: ] EfsSizeMonitorFunction: Type: AWS::Lambda::Function - Properties: + Properties: Code: ZipFile: !Sub | import boto3 @@ -591,16 +718,16 @@ Resources: ManagedPolicyArns: - arn:aws:iam::aws:policy/CloudWatchFullAccess - arn:aws:iam::aws:policy/AmazonElasticFileSystemReadOnlyAccess - EfsLambdaPermission: + EfsLambdaPermission: Type: AWS::Lambda::Permission - Properties: + Properties: FunctionName: !Ref EfsSizeMonitorFunction Action: lambda:InvokeFunction Principal: events.amazonaws.com SourceArn: !GetAtt EfsSizeMonitorEvent.Arn EfsSizeMonitorEvent: Type: AWS::Events::Rule - Properties: + Properties: Description: Scheduled event to update SizeInBytes EFS CloudWatch metric Name: !Join [ '', [ 'efs-', !Ref ElasticFileSystem, '-size-monitor-scheduled-event' ] ] ScheduleExpression: rate(1 minute) diff --git a/templates/aws-refarch-wordpress-03-elasticache.yaml b/templates/aws-refarch-wordpress-03-elasticache.yaml index c2fb82f..a3d9859 100644 --- a/templates/aws-refarch-wordpress-03-elasticache.yaml +++ b/templates/aws-refarch-wordpress-03-elasticache.yaml @@ -37,26 +37,29 @@ Parameters: - cache.t2.micro - cache.t2.small - cache.t2.medium - - cache.m3.medium - - cache.m3.large - - cache.m3.xlarge - - cache.m3.2xlarge - cache.m4.large - cache.m4.xlarge - cache.m4.2xlarge - cache.m4.4xlarge - cache.m4.10xlarge - - cache.r3.large - - cache.r3.xlarge - - cache.r3.2xlarge - - cache.r3.4xlarge - - cache.r3.8xlarge + - cache.m5.large + - cache.m5.xlarge + - cache.m5.2xlarge + - cache.m5.4xlarge + - cache.m5.12xlarge + - cache.m5.24xlarge - cache.r4.large - cache.r4.xlarge - cache.r4.2xlarge - cache.r4.4xlarge - cache.r4.8xlarge - cache.r4.16xlarge + - cache.r5.large + - cache.r5.xlarge + - cache.r5.2xlarge + - cache.r5.4xlarge + - cache.r5.12xlarge + - cache.r5.24xlarge ConstraintDescription: Must be a valid Amazon ElastiCache node type. Default: cache.t2.medium Description: The Amazon ElastiCache cluster node type. @@ -73,7 +76,7 @@ Parameters: - 6 Default: 3 Description: Number of subnets. This must match your selections in the list of subnets below. - Type: String + Type: String Subnet: Description: Select existing subnets. The number selected must match the number of subnets above. Subnets selected must be in separate AZs. Type: List @@ -134,12 +137,12 @@ Resources: - Key: Name Value: !Join [ '', [ 'WordPress / ', !Ref 'AWS::StackName' ] ] VpcSecurityGroupIds: - - !Ref ElastiCacheSecurityGroup - ElastiCacheSubnetGroup: + - !Ref ElastiCacheSecurityGroup + ElastiCacheSubnetGroup: Type: AWS::ElastiCache::SubnetGroup - Properties: + Properties: Description: ElastiCache Subnet Group for WordPress - SubnetIds: + SubnetIds: !If [ NumberOfSubnets1, [ !Select [ 0, !Ref Subnet ] ], diff --git a/templates/aws-refarch-wordpress-03-rds.yaml b/templates/aws-refarch-wordpress-03-rds.yaml index 4ebb585..a8f6b38 100644 --- a/templates/aws-refarch-wordpress-03-rds.yaml +++ b/templates/aws-refarch-wordpress-03-rds.yaml @@ -10,7 +10,7 @@ Metadata: License: Description: 'Copyright 2018 Amazon.com, Inc. and its affiliates. All Rights Reserved. SPDX-License-Identifier: MIT-0' - + AWS::CloudFormation::Interface: ParameterGroups: - Label: @@ -29,9 +29,9 @@ Metadata: DatabaseEncrpytedBoolean: default: Encrypted DB Cluster DatabaseCmk: - default: AWS KMS Customer Master Key (CMK) to encrypt DB + default: AWS KMS Customer Master Key (CMK) to encrypt DB DatabaseInstanceType: - default: DB Instance Class + default: DB Instance Class DatabaseMasterUsername: default: DB Master Username DatabaseMasterPassword: @@ -61,19 +61,32 @@ Parameters: Type: String DatabaseInstanceType: AllowedValues: + - db.t2.micro - db.t2.small - db.t2.medium - - db.r3.large - - db.r3.xlarge - - db.r3.2xlarge - - db.r3.4xlarge - - db.r3.8xlarge + - db.t2.large + - db.t2.xlarge + - db.t2.2xlarge + - db.t3.micro + - db.t3.small + - db.t3.medium + - db.t3.large + - db.t3.xlarge + - db.t3.2xlarge - db.r4.large - db.r4.xlarge - db.r4.2xlarge - db.r4.4xlarge - db.r4.8xlarge - db.r4.16xlarge + - db.r5.large + - db.r5.xlarge + - db.r5.2xlarge + - db.r5.4xlarge + - db.r5.8xlarge + - db.r5.12xlarge + - db.r5.16xlarge + - db.r5.24xlarge ConstraintDescription: Must be a valid RDS instance class. Default: db.t2.medium Description: The Amazon RDS database instance class. @@ -87,7 +100,7 @@ Parameters: Type: String DatabaseMasterPassword: AllowedPattern: ^([a-z0-9A-Z`~!#$%^&*()_+,\\-])*$ - ConstraintDescription: Must be letters (upper or lower), numbers, and these special characters '_'`~!#$%^&*()_+,- + ConstraintDescription: Must be letters (upper or lower), numbers, and these special characters '_'`~!#$%^&*()_+,- Description: The Amazon RDS master password. MaxLength: 41 MinLength: 8 @@ -112,7 +125,7 @@ Parameters: - 6 Default: 3 Description: Number of subnets. This must match your selections in the list of subnets below. - Type: String + Type: String Subnet: Description: Select existing subnets. The number selected must match the number of subnets above. Subnets selected must be in separate AZs. Type: List @@ -252,4 +265,3 @@ Outputs: Value: !Ref DataSubnetGroup DatabaseClusterEndpointAddress: Value: !GetAtt DatabaseCluster.Endpoint.Address - diff --git a/templates/aws-refarch-wordpress-04-web.yaml b/templates/aws-refarch-wordpress-04-web.yaml index 2650f59..60fc750 100644 --- a/templates/aws-refarch-wordpress-04-web.yaml +++ b/templates/aws-refarch-wordpress-04-web.yaml @@ -56,7 +56,7 @@ Metadata: DatabaseClusterEndpointAddress: default: DB Cluster Endpoint Address DatabaseMasterUsername: - default: DB Master Username + default: DB Master Username DatabaseMasterPassword: default: DB Master Password DatabaseName: @@ -144,7 +144,7 @@ Parameters: - 6 Default: 3 Description: Number of subnets. This must match your selections in the list of subnets below. - Type: String + Type: String PHPIniOverride: Description: Full Amazon S3 https path to a php.ini override file (e.g. https://s3.amazonaws.com/aws-refarch/wordpress/latest/bits/20-aws.ini) Type: String @@ -155,7 +155,7 @@ Parameters: - 7.0 Default: 7.0 Description: The version of PHP to install. - Type: String + Type: String PublicAlbTargetGroupArn: Description: The public application load balancer target group arn. Type: String @@ -187,95 +187,196 @@ Parameters: Type: String WebInstanceType: AllowedValues: - - t2.nano - - t2.micro - - t2.small - - t2.medium - - t2.large - - t2.xlarge - - t2.2xlarge - - m3.medium - - m3.large - - m3.xlarge - - m3.2xlarge - - m4.large - - m4.xlarge - - m4.2xlarge - - m4.4xlarge - - m4.10xlarge - - m4.16xlarge - - m5.large - - m5.xlarge - - m5.2xlarge - - m5.4xlarge - - m5.12xlarge - - m5.24xlarge - - c3.large - - c3.xlarge - - c3.2xlarge - - c3.4xlarge - - c3.8xlarge - - c4.large - - c4.xlarge - - c4.2xlarge - - c4.4xlarge - - c4.8xlarge - - c5.large - - c5.xlarge - - c5.2xlarge - - c5.4xlarge - - c5.9xlarge + - a1.2xlarge + - a1.4xlarge + - a1.large + - a1.medium + - a1.xlarge + - c4.2xlarge + - c4.4xlarge + - c4.8xlarge + - c4.large + - c4.xlarge + - c5.12xlarge - c5.18xlarge - - r3.large - - r3.xlarge - - r3.2xlarge - - r3.4xlarge - - r3.8xlarge - - r4.large - - r4.xlarge - - r4.2xlarge - - r4.4xlarge - - r4.8xlarge - - r4.16xlarge - - x1.16xlarge - - x1.32xlarge - - x1e.xlarge - - x1e.2xlarge - - x1e.4xlarge - - x1e.8xlarge - - x1e.16xlarge - - x1e.32xlarge - - d2.xlarge - - d2.2xlarge - - d2.4xlarge - - d2.8xlarge - - h1.2xlarge - - h1.4xlarge - - h1.8xlarge - - h1.16xlarge - - i2.xlarge - - i2.2xlarge - - i2.4xlarge - - i2.8xlarge - - i3.large - - i3.xlarge - - i3.2xlarge - - i3.4xlarge - - i3.8xlarge + - c5.24xlarge + - c5.2xlarge + - c5.4xlarge + - c5.9xlarge + - c5.large + - c5.metal + - c5.xlarge + - c5d.18xlarge + - c5d.2xlarge + - c5d.4xlarge + - c5d.9xlarge + - c5d.large + - c5d.xlarge + - c5n.18xlarge + - c5n.2xlarge + - c5n.4xlarge + - c5n.9xlarge + - c5n.large + - c5n.xlarge + - cc1.4xlarge + - cc2.8xlarge + - cg1.4xlarge + - d2.2xlarge + - d2.4xlarge + - d2.8xlarge + - d2.xlarge + - f1.16xlarge + - f1.2xlarge + - f1.4xlarge + - g3.16xlarge + - g3.4xlarge + - g3.8xlarge + - g3s.xlarge + - h1.16xlarge + - h1.2xlarge + - h1.4xlarge + - h1.8xlarge + - hi1.4xlarge - i3.16xlarge - - f1.2xlarge - - f1.16xlarge - - g2.2xlarge - - g2.8xlarge - - g3.4xlarge - - g3.8xlarge - - g3.16xlarge - - p2.xlarge - - p2.8xlarge - - p2.16xlarge - - p3.2xlarge - - p3.8xlarge + - i3.2xlarge + - i3.4xlarge + - i3.8xlarge + - i3.large + - i3.metal + - i3.xlarge + - i3en.12xlarge + - i3en.24xlarge + - i3en.2xlarge + - i3en.3xlarge + - i3en.6xlarge + - i3en.large + - i3en.xlarge + - m4.10xlarge + - m4.16xlarge + - m4.2xlarge + - m4.4xlarge + - m4.large + - m4.xlarge + - m5.12xlarge + - m5.16xlarge + - m5.24xlarge + - m5.2xlarge + - m5.4xlarge + - m5.8xlarge + - m5.large + - m5.metal + - m5.xlarge + - m5a.12xlarge + - m5a.16xlarge + - m5a.24xlarge + - m5a.2xlarge + - m5a.4xlarge + - m5a.8xlarge + - m5a.large + - m5a.xlarge + - m5ad.12xlarge + - m5ad.16xlarge + - m5ad.24xlarge + - m5ad.2xlarge + - m5ad.4xlarge + - m5ad.8xlarge + - m5ad.large + - m5ad.xlarge + - m5d.12xlarge + - m5d.16xlarge + - m5d.24xlarge + - m5d.2xlarge + - m5d.4xlarge + - m5d.8xlarge + - m5d.large + - m5d.metal + - m5d.xlarge + - p2.16xlarge + - p2.8xlarge + - p2.xlarge - p3.16xlarge + - p3.2xlarge + - p3.8xlarge + - p3dn.24xlarge + - r4.16xlarge + - r4.2xlarge + - r4.4xlarge + - r4.8xlarge + - r4.large + - r4.xlarge + - r5.12xlarge + - r5.16xlarge + - r5.24xlarge + - r5.2xlarge + - r5.4xlarge + - r5.8xlarge + - r5.large + - r5.metal + - r5.xlarge + - r5a.12xlarge + - r5a.16xlarge + - r5a.24xlarge + - r5a.2xlarge + - r5a.4xlarge + - r5a.8xlarge + - r5a.large + - r5a.xlarge + - r5ad.12xlarge + - r5ad.16xlarge + - r5ad.24xlarge + - r5ad.2xlarge + - r5ad.4xlarge + - r5ad.8xlarge + - r5ad.large + - r5ad.xlarge + - r5d.12xlarge + - r5d.16xlarge + - r5d.24xlarge + - r5d.2xlarge + - r5d.4xlarge + - r5d.8xlarge + - r5d.large + - r5d.metal + - r5d.xlarge + - t2.2xlarge + - t2.large + - t2.medium + - t2.micro + - t2.nano + - t2.small + - t2.xlarge + - t3.2xlarge + - t3.large + - t3.medium + - t3.micro + - t3.nano + - t3.small + - t3.xlarge + - t3a.2xlarge + - t3a.large + - t3a.medium + - t3a.micro + - t3a.nano + - t3a.small + - t3a.xlarge + - u-12tb1.metal + - u-6tb1.metal + - u-9tb1.metal + - x1.16xlarge + - x1.32xlarge + - x1e.16xlarge + - x1e.2xlarge + - x1e.32xlarge + - x1e.4xlarge + - x1e.8xlarge + - x1e.xlarge + - z1d.12xlarge + - z1d.2xlarge + - z1d.3xlarge + - z1d.6xlarge + - z1d.large + - z1d.metal + - z1d.xlarge ConstraintDescription: Must be a valid Amazon EC2 instance type. Default: t2.large Description: The Amazon EC2 instance type for your web instances. @@ -289,7 +390,7 @@ Parameters: Type: String WPAdminPassword: AllowedPattern: ^([a-zA-Z0-9`~!#$%^&*()_+,\\-])*$ - ConstraintDescription: Must be letters (upper or lower), numbers, and these special characters '_'`~!#$%^&*()_+,- + ConstraintDescription: Must be letters (upper or lower), numbers, and these special characters '_'`~!#$%^&*()_+,- Description: The WordPress admin password. Type: String NoEcho: true @@ -457,7 +558,7 @@ Resources: [ PHP56, !Ref WebLaunchConfiguration56, !Ref WebLaunchConfiguration70 - ] + ] ] MaxSize: !Ref WebAsgMax MinSize: !Ref WebAsgMin @@ -526,7 +627,7 @@ Resources: !Join [ "",[ "#!/bin/bash -xe\n", - "if [ ! -f /etc/httpd/conf.d/", !Ref WPDirectory, ".conf ]; then\n", + "if [ ! -f /etc/httpd/conf.d/", !Ref WPDirectory, ".conf ]; then\n", " touch /etc/httpd/conf.d/", !Ref WPDirectory, ".conf\n", " echo 'ServerName 127.0.0.1:80' >> /etc/httpd/conf.d/", !Ref WPDirectory, ".conf\n", " echo 'DocumentRoot /var/www/wordpress/", !Ref WPDirectory, "' >> /etc/httpd/conf.d/", !Ref WPDirectory, ".conf\n", @@ -549,7 +650,7 @@ Resources: build_cacheclient: packages: yum: - gcc-c++: [] + gcc-c++: [] files: /tmp/install_cacheclient.sh: content: @@ -577,7 +678,7 @@ Resources: !Sub | #!/bin/bash -xe # create hidden opcache directory locally & change owner to apache - if [ ! -d /var/www/.opcache ]; then + if [ ! -d /var/www/.opcache ]; then mkdir -p /var/www/.opcache fi # enable opcache in /etc/php-5.5.d/opcache.ini @@ -605,14 +706,14 @@ Resources: "fi\n", "\n", "# make site directory\n", - "if [ ! -d /var/www/wordpress/", !Ref WPDirectory, " ]; then\n", + "if [ ! -d /var/www/wordpress/", !Ref WPDirectory, " ]; then\n", " mkdir -p /var/www/wordpress/", !Ref WPDirectory, "\n", "\n", " cd /var/www/wordpress/", !Ref WPDirectory, "\n", " # install wordpress if not installed\n", " # use public alb host name if wp domain name was empty\n", " if ! $(wp core is-installed --allow-root); then\n", - " wp core download --version='", !Ref WPVersion, "' --locale='", !Ref WPLocale, "' --allow-root\n", + " wp core download --version='", !Ref WPVersion, "' --locale='", !Ref WPLocale, "' --allow-root\n", " wp core config --dbname='", !Ref DatabaseName, "' --dbuser='", !Ref DatabaseMasterUsername, "' --dbpass='", !Ref DatabaseMasterPassword, "' --dbhost='", !Ref DatabaseClusterEndpointAddress, "' --dbprefix=wp_ --allow-root\n", " wp core install --url=", !If [ NoWPDomainName, !Ref PublicAlbHostname, !Join [ "", [ "'http://www.", !Ref WPDomainName, "'" ] ] ], " --title='", !Ref WPTitle, "' --admin_user='", !Ref WPAdminUsername, "' --admin_password='", !Ref WPAdminPassword, "' --admin_email='", !Ref WPAdminEmail, "' --skip-email --allow-root\n", " wp plugin install w3-total-cache\n", @@ -621,7 +722,7 @@ Resources: " # enable HTTPS in wp-config.php if ACM Public SSL Certificate parameter was not empty\n", !If [ NoSslCertificate, !Join [ '', [ " sed -i \"/$table_prefix = 'wp_';/ a \\# No ACM Public SSL Certificate \" /var/www/wordpress/", !Ref WPDirectory, "/wp-config.php\n" ] ] , !Join [ '', [ " sed -i \"/$table_prefix = 'wp_';/ a \\$_SERVER['HTTPS'] = 'on';\" /var/www/wordpress/", !Ref WPDirectory, "/wp-config.php\n" ] ] ], "\n", - " # set permissions of wordpress site directories\n", + " # set permissions of wordpress site directories\n", " chown -R apache:apache /var/www/wordpress/", !Ref WPDirectory, "\n", " chmod u+wrx /var/www/wordpress/", !Ref WPDirectory, "/wp-content/*\n", " if [ ! -f /var/www/wordpress/", !Ref WPDirectory, "/opcache-instanceid.php ]; then\n", @@ -640,7 +741,7 @@ Resources: mode: 000500 owner: root group: root - download_aws_ini: + download_aws_ini: files: /tmp/download_aws_ini.sh: content: @@ -665,7 +766,7 @@ Resources: install_wordpress: command: ./install_wordpress.sh cwd: /tmp - ignoreErrors: false + ignoreErrors: false install_cacheclient: commands: install_cacheclient: @@ -734,7 +835,7 @@ Resources: !Join [ "",[ "#!/bin/bash -xe\n", - "if [ ! -f /etc/httpd/conf.d/", !Ref WPDirectory, ".conf ]; then\n", + "if [ ! -f /etc/httpd/conf.d/", !Ref WPDirectory, ".conf ]; then\n", " touch /etc/httpd/conf.d/", !Ref WPDirectory, ".conf\n", " echo 'ServerName 127.0.0.1:80' >> /etc/httpd/conf.d/", !Ref WPDirectory, ".conf\n", " echo 'DocumentRoot /var/www/wordpress/", !Ref WPDirectory, "' >> /etc/httpd/conf.d/", !Ref WPDirectory, ".conf\n", @@ -757,7 +858,7 @@ Resources: build_cacheclient: packages: yum: - gcc-c++: [] + gcc-c++: [] files: /tmp/install_cacheclient.sh: content: @@ -785,7 +886,7 @@ Resources: !Sub | #!/bin/bash -xe # create hidden opcache directory locally & change owner to apache - if [ ! -d /var/www/.opcache ]; then + if [ ! -d /var/www/.opcache ]; then mkdir -p /var/www/.opcache fi # enable opcache in /etc/php-5.6.d/opcache.ini @@ -813,14 +914,14 @@ Resources: "fi\n", "\n", "# make site directory\n", - "if [ ! -d /var/www/wordpress/", !Ref WPDirectory, " ]; then\n", + "if [ ! -d /var/www/wordpress/", !Ref WPDirectory, " ]; then\n", " mkdir -p /var/www/wordpress/", !Ref WPDirectory, "\n", "\n", " cd /var/www/wordpress/", !Ref WPDirectory, "\n", " # install wordpress if not installed\n", " # use public alb host name if wp domain name was empty\n", " if ! $(wp core is-installed --allow-root); then\n", - " wp core download --version='", !Ref WPVersion, "' --locale='", !Ref WPLocale, "' --allow-root\n", + " wp core download --version='", !Ref WPVersion, "' --locale='", !Ref WPLocale, "' --allow-root\n", " wp core config --dbname='", !Ref DatabaseName, "' --dbuser='", !Ref DatabaseMasterUsername, "' --dbpass='", !Ref DatabaseMasterPassword, "' --dbhost='", !Ref DatabaseClusterEndpointAddress, "' --dbprefix=wp_ --allow-root\n", " wp core install --url=", !If [ NoWPDomainName, !Ref PublicAlbHostname, !Join [ "", [ "'http://www.", !Ref WPDomainName, "'" ] ] ], " --title='", !Ref WPTitle, "' --admin_user='", !Ref WPAdminUsername, "' --admin_password='", !Ref WPAdminPassword, "' --admin_email='", !Ref WPAdminEmail, "' --skip-email --allow-root\n", " wp plugin install w3-total-cache\n", @@ -829,7 +930,7 @@ Resources: " # enable HTTPS in wp-config.php if ACM Public SSL Certificate parameter was not empty\n", !If [ NoSslCertificate, !Join [ '', [ " sed -i \"/$table_prefix = 'wp_';/ a \\# No ACM Public SSL Certificate \" /var/www/wordpress/", !Ref WPDirectory, "/wp-config.php\n" ] ] , !Join [ '', [ " sed -i \"/$table_prefix = 'wp_';/ a \\$_SERVER['HTTPS'] = 'on';\" /var/www/wordpress/", !Ref WPDirectory, "/wp-config.php\n" ] ] ], "\n", - " # set permissions of wordpress site directories\n", + " # set permissions of wordpress site directories\n", " chown -R apache:apache /var/www/wordpress/", !Ref WPDirectory, "\n", " chmod u+wrx /var/www/wordpress/", !Ref WPDirectory, "/wp-content/*\n", " if [ ! -f /var/www/wordpress/", !Ref WPDirectory, "/opcache-instanceid.php ]; then\n", @@ -848,7 +949,7 @@ Resources: mode: 000500 owner: root group: root - download_aws_ini: + download_aws_ini: files: /tmp/download_aws_ini.sh: content: @@ -873,7 +974,7 @@ Resources: install_wordpress: command: ./install_wordpress.sh cwd: /tmp - ignoreErrors: false + ignoreErrors: false install_cacheclient: commands: install_cacheclient: @@ -942,7 +1043,7 @@ Resources: !Join [ "",[ "#!/bin/bash -xe\n", - "if [ ! -f /etc/httpd/conf.d/", !Ref WPDirectory, ".conf ]; then\n", + "if [ ! -f /etc/httpd/conf.d/", !Ref WPDirectory, ".conf ]; then\n", " touch /etc/httpd/conf.d/", !Ref WPDirectory, ".conf\n", " echo 'ServerName 127.0.0.1:80' >> /etc/httpd/conf.d/", !Ref WPDirectory, ".conf\n", " echo 'DocumentRoot /var/www/wordpress/", !Ref WPDirectory, "' >> /etc/httpd/conf.d/", !Ref WPDirectory, ".conf\n", @@ -965,7 +1066,7 @@ Resources: build_cacheclient: packages: yum: - gcc-c++: [] + gcc-c++: [] files: /tmp/install_cacheclient.sh: content: @@ -994,7 +1095,7 @@ Resources: !Sub | #!/bin/bash -xe # create hidden opcache directory locally & change owner to apache - if [ ! -d /var/www/.opcache ]; then + if [ ! -d /var/www/.opcache ]; then mkdir -p /var/www/.opcache fi # enable opcache in /etc/php-7.0.d/10-opcache.ini @@ -1022,14 +1123,14 @@ Resources: "fi\n", "\n", "# make site directory\n", - "if [ ! -d /var/www/wordpress/", !Ref WPDirectory, " ]; then\n", + "if [ ! -d /var/www/wordpress/", !Ref WPDirectory, " ]; then\n", " mkdir -p /var/www/wordpress/", !Ref WPDirectory, "\n", "\n", " cd /var/www/wordpress/", !Ref WPDirectory, "\n", " # install wordpress if not installed\n", " # use public alb host name if wp domain name was empty\n", " if ! $(wp core is-installed --allow-root); then\n", - " wp core download --version='", !Ref WPVersion, "' --locale='", !Ref WPLocale, "' --allow-root\n", + " wp core download --version='", !Ref WPVersion, "' --locale='", !Ref WPLocale, "' --allow-root\n", " wp core config --dbname='", !Ref DatabaseName, "' --dbuser='", !Ref DatabaseMasterUsername, "' --dbpass='", !Ref DatabaseMasterPassword, "' --dbhost='", !Ref DatabaseClusterEndpointAddress, "' --dbprefix=wp_ --allow-root\n", " wp core install --url=", !If [ NoWPDomainName, !Ref PublicAlbHostname, !Join [ "", [ "'http://www.", !Ref WPDomainName, "'" ] ] ], " --title='", !Ref WPTitle, "' --admin_user='", !Ref WPAdminUsername, "' --admin_password='", !Ref WPAdminPassword, "' --admin_email='", !Ref WPAdminEmail, "' --skip-email --allow-root\n", " wp plugin install w3-total-cache\n", @@ -1038,7 +1139,7 @@ Resources: " # enable HTTPS in wp-config.php if ACM Public SSL Certificate parameter was not empty\n", !If [ NoSslCertificate, !Join [ '', [ " sed -i \"/$table_prefix = 'wp_';/ a \\# No ACM Public SSL Certificate \" /var/www/wordpress/", !Ref WPDirectory, "/wp-config.php\n" ] ] , !Join [ '', [ " sed -i \"/$table_prefix = 'wp_';/ a \\$_SERVER['HTTPS'] = 'on';\" /var/www/wordpress/", !Ref WPDirectory, "/wp-config.php\n" ] ] ], "\n", - " # set permissions of wordpress site directories\n", + " # set permissions of wordpress site directories\n", " chown -R apache:apache /var/www/wordpress/", !Ref WPDirectory, "\n", " chmod u+wrx /var/www/wordpress/", !Ref WPDirectory, "/wp-content/*\n", " if [ ! -f /var/www/wordpress/", !Ref WPDirectory, "/opcache-instanceid.php ]; then\n", @@ -1057,7 +1158,7 @@ Resources: mode: 000500 owner: root group: root - download_aws_ini: + download_aws_ini: files: /tmp/download_aws_ini.sh: content: @@ -1082,7 +1183,7 @@ Resources: install_wordpress: command: ./install_wordpress.sh cwd: /tmp - ignoreErrors: false + ignoreErrors: false install_cacheclient: commands: install_cacheclient: diff --git a/templates/aws-refarch-wordpress-master-newvpc.yaml b/templates/aws-refarch-wordpress-master-newvpc.yaml index 9a0a1ce..603008b 100644 --- a/templates/aws-refarch-wordpress-master-newvpc.yaml +++ b/templates/aws-refarch-wordpress-master-newvpc.yaml @@ -99,7 +99,7 @@ Metadata: CloudFrontAcmCertificate: default: CloudFront Certificate ARN DatabaseCmk: - default: AWS KMS CMK for RDS + default: AWS KMS CMK for RDS DatabaseEncrpytedBoolean: default: Encrypted DB Cluster DatabaseInstanceType: @@ -217,97 +217,198 @@ Parameters: BastionInstanceType: AllowedValues: - - t2.nano - - t2.micro - - t2.small - - t2.medium - - t2.large - - t2.xlarge - - t2.2xlarge - - m3.medium - - m3.large - - m3.xlarge - - m3.2xlarge - - m4.large - - m4.xlarge - - m4.2xlarge - - m4.4xlarge - - m4.10xlarge - - m4.16xlarge - - m5.large - - m5.xlarge - - m5.2xlarge - - m5.4xlarge - - m5.12xlarge - - m5.24xlarge - - c3.large - - c3.xlarge - - c3.2xlarge - - c3.4xlarge - - c3.8xlarge - - c4.large - - c4.xlarge - - c4.2xlarge - - c4.4xlarge - - c4.8xlarge - - c5.large - - c5.xlarge - - c5.2xlarge - - c5.4xlarge - - c5.9xlarge + - a1.2xlarge + - a1.4xlarge + - a1.large + - a1.medium + - a1.xlarge + - c4.2xlarge + - c4.4xlarge + - c4.8xlarge + - c4.large + - c4.xlarge + - c5.12xlarge - c5.18xlarge - - r3.large - - r3.xlarge - - r3.2xlarge - - r3.4xlarge - - r3.8xlarge - - r4.large - - r4.xlarge - - r4.2xlarge - - r4.4xlarge - - r4.8xlarge - - r4.16xlarge - - x1.16xlarge - - x1.32xlarge - - x1e.xlarge - - x1e.2xlarge - - x1e.4xlarge - - x1e.8xlarge - - x1e.16xlarge - - x1e.32xlarge - - d2.xlarge - - d2.2xlarge - - d2.4xlarge - - d2.8xlarge - - h1.2xlarge - - h1.4xlarge - - h1.8xlarge - - h1.16xlarge - - i2.xlarge - - i2.2xlarge - - i2.4xlarge - - i2.8xlarge - - i3.large - - i3.xlarge - - i3.2xlarge - - i3.4xlarge - - i3.8xlarge + - c5.24xlarge + - c5.2xlarge + - c5.4xlarge + - c5.9xlarge + - c5.large + - c5.metal + - c5.xlarge + - c5d.18xlarge + - c5d.2xlarge + - c5d.4xlarge + - c5d.9xlarge + - c5d.large + - c5d.xlarge + - c5n.18xlarge + - c5n.2xlarge + - c5n.4xlarge + - c5n.9xlarge + - c5n.large + - c5n.xlarge + - cc1.4xlarge + - cc2.8xlarge + - cg1.4xlarge + - d2.2xlarge + - d2.4xlarge + - d2.8xlarge + - d2.xlarge + - f1.16xlarge + - f1.2xlarge + - f1.4xlarge + - g3.16xlarge + - g3.4xlarge + - g3.8xlarge + - g3s.xlarge + - h1.16xlarge + - h1.2xlarge + - h1.4xlarge + - h1.8xlarge + - hi1.4xlarge - i3.16xlarge - - f1.2xlarge - - f1.16xlarge - - g2.2xlarge - - g2.8xlarge - - g3.4xlarge - - g3.8xlarge - - g3.16xlarge - - p2.xlarge - - p2.8xlarge - - p2.16xlarge - - p3.2xlarge - - p3.8xlarge + - i3.2xlarge + - i3.4xlarge + - i3.8xlarge + - i3.large + - i3.metal + - i3.xlarge + - i3en.12xlarge + - i3en.24xlarge + - i3en.2xlarge + - i3en.3xlarge + - i3en.6xlarge + - i3en.large + - i3en.xlarge + - m4.10xlarge + - m4.16xlarge + - m4.2xlarge + - m4.4xlarge + - m4.large + - m4.xlarge + - m5.12xlarge + - m5.16xlarge + - m5.24xlarge + - m5.2xlarge + - m5.4xlarge + - m5.8xlarge + - m5.large + - m5.metal + - m5.xlarge + - m5a.12xlarge + - m5a.16xlarge + - m5a.24xlarge + - m5a.2xlarge + - m5a.4xlarge + - m5a.8xlarge + - m5a.large + - m5a.xlarge + - m5ad.12xlarge + - m5ad.16xlarge + - m5ad.24xlarge + - m5ad.2xlarge + - m5ad.4xlarge + - m5ad.8xlarge + - m5ad.large + - m5ad.xlarge + - m5d.12xlarge + - m5d.16xlarge + - m5d.24xlarge + - m5d.2xlarge + - m5d.4xlarge + - m5d.8xlarge + - m5d.large + - m5d.metal + - m5d.xlarge + - p2.16xlarge + - p2.8xlarge + - p2.xlarge - p3.16xlarge + - p3.2xlarge + - p3.8xlarge + - p3dn.24xlarge + - r4.16xlarge + - r4.2xlarge + - r4.4xlarge + - r4.8xlarge + - r4.large + - r4.xlarge + - r5.12xlarge + - r5.16xlarge + - r5.24xlarge + - r5.2xlarge + - r5.4xlarge + - r5.8xlarge + - r5.large + - r5.metal + - r5.xlarge + - r5a.12xlarge + - r5a.16xlarge + - r5a.24xlarge + - r5a.2xlarge + - r5a.4xlarge + - r5a.8xlarge + - r5a.large + - r5a.xlarge + - r5ad.12xlarge + - r5ad.16xlarge + - r5ad.24xlarge + - r5ad.2xlarge + - r5ad.4xlarge + - r5ad.8xlarge + - r5ad.large + - r5ad.xlarge + - r5d.12xlarge + - r5d.16xlarge + - r5d.24xlarge + - r5d.2xlarge + - r5d.4xlarge + - r5d.8xlarge + - r5d.large + - r5d.metal + - r5d.xlarge + - t2.2xlarge + - t2.large + - t2.medium + - t2.micro + - t2.nano + - t2.small + - t2.xlarge + - t3.2xlarge + - t3.large + - t3.medium + - t3.micro + - t3.nano + - t3.small + - t3.xlarge + - t3a.2xlarge + - t3a.large + - t3a.medium + - t3a.micro + - t3a.nano + - t3a.small + - t3a.xlarge + - u-12tb1.metal + - u-6tb1.metal + - u-9tb1.metal + - x1.16xlarge + - x1.32xlarge + - x1e.16xlarge + - x1e.2xlarge + - x1e.32xlarge + - x1e.4xlarge + - x1e.8xlarge + - x1e.xlarge + - z1d.12xlarge + - z1d.2xlarge + - z1d.3xlarge + - z1d.6xlarge + - z1d.large + - z1d.metal + - z1d.xlarge ConstraintDescription: Must be a valid Amazon EC2 instance type. - Default: t2.nano + Default: t3a.nano Description: Bastion EC2 instance type. Type: String CloudFrontAcmCertificate: @@ -326,21 +427,34 @@ Parameters: Type: String DatabaseInstanceType: AllowedValues: + - db.t2.micro - db.t2.small - db.t2.medium - - db.r3.large - - db.r3.xlarge - - db.r3.2xlarge - - db.r3.4xlarge - - db.r3.8xlarge + - db.t2.large + - db.t2.xlarge + - db.t2.2xlarge + - db.t3.micro + - db.t3.small + - db.t3.medium + - db.t3.large + - db.t3.xlarge + - db.t3.2xlarge - db.r4.large - db.r4.xlarge - db.r4.2xlarge - db.r4.4xlarge - db.r4.8xlarge - db.r4.16xlarge + - db.r5.large + - db.r5.xlarge + - db.r5.2xlarge + - db.r5.4xlarge + - db.r5.8xlarge + - db.r5.12xlarge + - db.r5.16xlarge + - db.r5.24xlarge ConstraintDescription: Must be a valid RDS instance class. - Default: db.t2.medium + Default: db.t3.medium Description: The Amazon RDS database instance class. Type: String DatabaseMasterUsername: @@ -364,97 +478,198 @@ Parameters: Type: String EfsAlarmsInstanceType: AllowedValues: - - t2.nano - - t2.micro - - t2.small - - t2.medium - - t2.large - - t2.xlarge - - t2.2xlarge - - m3.medium - - m3.large - - m3.xlarge - - m3.2xlarge - - m4.large - - m4.xlarge - - m4.2xlarge - - m4.4xlarge - - m4.10xlarge - - m4.16xlarge - - m5.large - - m5.xlarge - - m5.2xlarge - - m5.4xlarge - - m5.12xlarge - - m5.24xlarge - - c3.large - - c3.xlarge - - c3.2xlarge - - c3.4xlarge - - c3.8xlarge - - c4.large - - c4.xlarge - - c4.2xlarge - - c4.4xlarge - - c4.8xlarge - - c5.large - - c5.xlarge - - c5.2xlarge - - c5.4xlarge - - c5.9xlarge + - a1.2xlarge + - a1.4xlarge + - a1.large + - a1.medium + - a1.xlarge + - c4.2xlarge + - c4.4xlarge + - c4.8xlarge + - c4.large + - c4.xlarge + - c5.12xlarge - c5.18xlarge - - r3.large - - r3.xlarge - - r3.2xlarge - - r3.4xlarge - - r3.8xlarge - - r4.large - - r4.xlarge - - r4.2xlarge - - r4.4xlarge - - r4.8xlarge - - r4.16xlarge - - x1.16xlarge - - x1.32xlarge - - x1e.xlarge - - x1e.2xlarge - - x1e.4xlarge - - x1e.8xlarge - - x1e.16xlarge - - x1e.32xlarge - - d2.xlarge - - d2.2xlarge - - d2.4xlarge - - d2.8xlarge - - h1.2xlarge - - h1.4xlarge - - h1.8xlarge - - h1.16xlarge - - i2.xlarge - - i2.2xlarge - - i2.4xlarge - - i2.8xlarge - - i3.large - - i3.xlarge - - i3.2xlarge - - i3.4xlarge - - i3.8xlarge + - c5.24xlarge + - c5.2xlarge + - c5.4xlarge + - c5.9xlarge + - c5.large + - c5.metal + - c5.xlarge + - c5d.18xlarge + - c5d.2xlarge + - c5d.4xlarge + - c5d.9xlarge + - c5d.large + - c5d.xlarge + - c5n.18xlarge + - c5n.2xlarge + - c5n.4xlarge + - c5n.9xlarge + - c5n.large + - c5n.xlarge + - cc1.4xlarge + - cc2.8xlarge + - cg1.4xlarge + - d2.2xlarge + - d2.4xlarge + - d2.8xlarge + - d2.xlarge + - f1.16xlarge + - f1.2xlarge + - f1.4xlarge + - g3.16xlarge + - g3.4xlarge + - g3.8xlarge + - g3s.xlarge + - h1.16xlarge + - h1.2xlarge + - h1.4xlarge + - h1.8xlarge + - hi1.4xlarge - i3.16xlarge - - f1.2xlarge - - f1.16xlarge - - g2.2xlarge - - g2.8xlarge - - g3.4xlarge - - g3.8xlarge - - g3.16xlarge - - p2.xlarge - - p2.8xlarge - - p2.16xlarge - - p3.2xlarge - - p3.8xlarge + - i3.2xlarge + - i3.4xlarge + - i3.8xlarge + - i3.large + - i3.metal + - i3.xlarge + - i3en.12xlarge + - i3en.24xlarge + - i3en.2xlarge + - i3en.3xlarge + - i3en.6xlarge + - i3en.large + - i3en.xlarge + - m4.10xlarge + - m4.16xlarge + - m4.2xlarge + - m4.4xlarge + - m4.large + - m4.xlarge + - m5.12xlarge + - m5.16xlarge + - m5.24xlarge + - m5.2xlarge + - m5.4xlarge + - m5.8xlarge + - m5.large + - m5.metal + - m5.xlarge + - m5a.12xlarge + - m5a.16xlarge + - m5a.24xlarge + - m5a.2xlarge + - m5a.4xlarge + - m5a.8xlarge + - m5a.large + - m5a.xlarge + - m5ad.12xlarge + - m5ad.16xlarge + - m5ad.24xlarge + - m5ad.2xlarge + - m5ad.4xlarge + - m5ad.8xlarge + - m5ad.large + - m5ad.xlarge + - m5d.12xlarge + - m5d.16xlarge + - m5d.24xlarge + - m5d.2xlarge + - m5d.4xlarge + - m5d.8xlarge + - m5d.large + - m5d.metal + - m5d.xlarge + - p2.16xlarge + - p2.8xlarge + - p2.xlarge - p3.16xlarge + - p3.2xlarge + - p3.8xlarge + - p3dn.24xlarge + - r4.16xlarge + - r4.2xlarge + - r4.4xlarge + - r4.8xlarge + - r4.large + - r4.xlarge + - r5.12xlarge + - r5.16xlarge + - r5.24xlarge + - r5.2xlarge + - r5.4xlarge + - r5.8xlarge + - r5.large + - r5.metal + - r5.xlarge + - r5a.12xlarge + - r5a.16xlarge + - r5a.24xlarge + - r5a.2xlarge + - r5a.4xlarge + - r5a.8xlarge + - r5a.large + - r5a.xlarge + - r5ad.12xlarge + - r5ad.16xlarge + - r5ad.24xlarge + - r5ad.2xlarge + - r5ad.4xlarge + - r5ad.8xlarge + - r5ad.large + - r5ad.xlarge + - r5d.12xlarge + - r5d.16xlarge + - r5d.24xlarge + - r5d.2xlarge + - r5d.4xlarge + - r5d.8xlarge + - r5d.large + - r5d.metal + - r5d.xlarge + - t2.2xlarge + - t2.large + - t2.medium + - t2.micro + - t2.nano + - t2.small + - t2.xlarge + - t3.2xlarge + - t3.large + - t3.medium + - t3.micro + - t3.nano + - t3.small + - t3.xlarge + - t3a.2xlarge + - t3a.large + - t3a.medium + - t3a.micro + - t3a.nano + - t3a.small + - t3a.xlarge + - u-12tb1.metal + - u-6tb1.metal + - u-9tb1.metal + - x1.16xlarge + - x1.32xlarge + - x1e.16xlarge + - x1e.2xlarge + - x1e.32xlarge + - x1e.4xlarge + - x1e.8xlarge + - x1e.xlarge + - z1d.12xlarge + - z1d.2xlarge + - z1d.3xlarge + - z1d.6xlarge + - z1d.large + - z1d.metal + - z1d.xlarge ConstraintDescription: Must be a valid Amazon EC2 instance type. - Default: t2.nano + Default: t3a.nano Description: The Amazon EC2 instance type that dynamically adjusts alarm thresholds based on permitted throughput changes. Type: String EfsEncrpytedBoolean: @@ -491,97 +706,198 @@ Parameters: Type: Number EfsGrowthInstanceType: AllowedValues: - - t2.nano - - t2.micro - - t2.small - - t2.medium - - t2.large - - t2.xlarge - - t2.2xlarge - - m3.medium - - m3.large - - m3.xlarge - - m3.2xlarge - - m4.large - - m4.xlarge - - m4.2xlarge - - m4.4xlarge - - m4.10xlarge - - m4.16xlarge - - m5.large - - m5.xlarge - - m5.2xlarge - - m5.4xlarge - - m5.12xlarge - - m5.24xlarge - - c3.large - - c3.xlarge - - c3.2xlarge - - c3.4xlarge - - c3.8xlarge - - c4.large - - c4.xlarge - - c4.2xlarge - - c4.4xlarge - - c4.8xlarge - - c5.large - - c5.xlarge - - c5.2xlarge - - c5.4xlarge - - c5.9xlarge + - a1.2xlarge + - a1.4xlarge + - a1.large + - a1.medium + - a1.xlarge + - c4.2xlarge + - c4.4xlarge + - c4.8xlarge + - c4.large + - c4.xlarge + - c5.12xlarge - c5.18xlarge - - r3.large - - r3.xlarge - - r3.2xlarge - - r3.4xlarge - - r3.8xlarge - - r4.large - - r4.xlarge - - r4.2xlarge - - r4.4xlarge - - r4.8xlarge - - r4.16xlarge - - x1.16xlarge - - x1.32xlarge - - x1e.xlarge - - x1e.2xlarge - - x1e.4xlarge - - x1e.8xlarge - - x1e.16xlarge - - x1e.32xlarge - - d2.xlarge - - d2.2xlarge - - d2.4xlarge - - d2.8xlarge - - h1.2xlarge - - h1.4xlarge - - h1.8xlarge - - h1.16xlarge - - i2.xlarge - - i2.2xlarge - - i2.4xlarge - - i2.8xlarge - - i3.large - - i3.xlarge - - i3.2xlarge - - i3.4xlarge - - i3.8xlarge + - c5.24xlarge + - c5.2xlarge + - c5.4xlarge + - c5.9xlarge + - c5.large + - c5.metal + - c5.xlarge + - c5d.18xlarge + - c5d.2xlarge + - c5d.4xlarge + - c5d.9xlarge + - c5d.large + - c5d.xlarge + - c5n.18xlarge + - c5n.2xlarge + - c5n.4xlarge + - c5n.9xlarge + - c5n.large + - c5n.xlarge + - cc1.4xlarge + - cc2.8xlarge + - cg1.4xlarge + - d2.2xlarge + - d2.4xlarge + - d2.8xlarge + - d2.xlarge + - f1.16xlarge + - f1.2xlarge + - f1.4xlarge + - g3.16xlarge + - g3.4xlarge + - g3.8xlarge + - g3s.xlarge + - h1.16xlarge + - h1.2xlarge + - h1.4xlarge + - h1.8xlarge + - hi1.4xlarge - i3.16xlarge - - f1.2xlarge - - f1.16xlarge - - g2.2xlarge - - g2.8xlarge - - g3.4xlarge - - g3.8xlarge - - g3.16xlarge - - p2.xlarge - - p2.8xlarge - - p2.16xlarge - - p3.2xlarge - - p3.8xlarge + - i3.2xlarge + - i3.4xlarge + - i3.8xlarge + - i3.large + - i3.metal + - i3.xlarge + - i3en.12xlarge + - i3en.24xlarge + - i3en.2xlarge + - i3en.3xlarge + - i3en.6xlarge + - i3en.large + - i3en.xlarge + - m4.10xlarge + - m4.16xlarge + - m4.2xlarge + - m4.4xlarge + - m4.large + - m4.xlarge + - m5.12xlarge + - m5.16xlarge + - m5.24xlarge + - m5.2xlarge + - m5.4xlarge + - m5.8xlarge + - m5.large + - m5.metal + - m5.xlarge + - m5a.12xlarge + - m5a.16xlarge + - m5a.24xlarge + - m5a.2xlarge + - m5a.4xlarge + - m5a.8xlarge + - m5a.large + - m5a.xlarge + - m5ad.12xlarge + - m5ad.16xlarge + - m5ad.24xlarge + - m5ad.2xlarge + - m5ad.4xlarge + - m5ad.8xlarge + - m5ad.large + - m5ad.xlarge + - m5d.12xlarge + - m5d.16xlarge + - m5d.24xlarge + - m5d.2xlarge + - m5d.4xlarge + - m5d.8xlarge + - m5d.large + - m5d.metal + - m5d.xlarge + - p2.16xlarge + - p2.8xlarge + - p2.xlarge - p3.16xlarge + - p3.2xlarge + - p3.8xlarge + - p3dn.24xlarge + - r4.16xlarge + - r4.2xlarge + - r4.4xlarge + - r4.8xlarge + - r4.large + - r4.xlarge + - r5.12xlarge + - r5.16xlarge + - r5.24xlarge + - r5.2xlarge + - r5.4xlarge + - r5.8xlarge + - r5.large + - r5.metal + - r5.xlarge + - r5a.12xlarge + - r5a.16xlarge + - r5a.24xlarge + - r5a.2xlarge + - r5a.4xlarge + - r5a.8xlarge + - r5a.large + - r5a.xlarge + - r5ad.12xlarge + - r5ad.16xlarge + - r5ad.24xlarge + - r5ad.2xlarge + - r5ad.4xlarge + - r5ad.8xlarge + - r5ad.large + - r5ad.xlarge + - r5d.12xlarge + - r5d.16xlarge + - r5d.24xlarge + - r5d.2xlarge + - r5d.4xlarge + - r5d.8xlarge + - r5d.large + - r5d.metal + - r5d.xlarge + - t2.2xlarge + - t2.large + - t2.medium + - t2.micro + - t2.nano + - t2.small + - t2.xlarge + - t3.2xlarge + - t3.large + - t3.medium + - t3.micro + - t3.nano + - t3.small + - t3.xlarge + - t3a.2xlarge + - t3a.large + - t3a.medium + - t3a.micro + - t3a.nano + - t3a.small + - t3a.xlarge + - u-12tb1.metal + - u-6tb1.metal + - u-9tb1.metal + - x1.16xlarge + - x1.32xlarge + - x1e.16xlarge + - x1e.2xlarge + - x1e.32xlarge + - x1e.4xlarge + - x1e.8xlarge + - x1e.xlarge + - z1d.12xlarge + - z1d.2xlarge + - z1d.3xlarge + - z1d.6xlarge + - z1d.large + - z1d.metal + - z1d.xlarge ConstraintDescription: Must be a valid Amazon EC2 instance type. - Default: r4.large + Default: r5.large Description: The Amazon EC2 instance type that adds data to the file system. Type: String EfsPerformanceMode: @@ -607,15 +923,24 @@ Parameters: - cache.m4.2xlarge - cache.m4.4xlarge - cache.m4.10xlarge - - cache.m3.medium - - cache.m3.large - - cache.m3.xlarge - - cache.m3.2xlarge - - cache.r3.large - - cache.r3.xlarge - - cache.r3.2xlarge - - cache.r3.4xlarge - - cache.r3.8xlarge + - cache.m5.large + - cache.m5.xlarge + - cache.m5.2xlarge + - cache.m5.4xlarge + - cache.m5.12xlarge + - cache.m5.24xlarge + - cache.r4.large + - cache.r4.xlarge + - cache.r4.2xlarge + - cache.r4.4xlarge + - cache.r4.8xlarge + - cache.r4.16xlarge + - cache.r5.large + - cache.r5.xlarge + - cache.r5.2xlarge + - cache.r5.4xlarge + - cache.r5.12xlarge + - cache.r5.24xlarge ConstraintDescription: Must be a valid Amazon ElastiCache node type. Default: cache.t2.medium Description: The Amazon ElastiCache cluster node type. @@ -634,7 +959,7 @@ Parameters: - 7.0 Default: 7.0 Description: The version of PHP to install. - Type: String + Type: String PublicAlbAcmCertificate: AllowedPattern: ^$|(arn:aws:acm:)([a-z0-9/:-])*([a-z0-9])$ Description: '[ Optional ] The AWS Certification Manager certificate ARN for the ALB certificate - this certificate should be created in the region you wish to run the ALB and must reference the WordPress domain name you use below.' @@ -679,97 +1004,198 @@ Parameters: Type: String WebInstanceType: AllowedValues: - - t2.nano - - t2.micro - - t2.small - - t2.medium - - t2.large - - t2.xlarge - - t2.2xlarge - - m3.medium - - m3.large - - m3.xlarge - - m3.2xlarge - - m4.large - - m4.xlarge - - m4.2xlarge - - m4.4xlarge - - m4.10xlarge - - m4.16xlarge - - m5.large - - m5.xlarge - - m5.2xlarge - - m5.4xlarge - - m5.12xlarge - - m5.24xlarge - - c3.large - - c3.xlarge - - c3.2xlarge - - c3.4xlarge - - c3.8xlarge - - c4.large - - c4.xlarge - - c4.2xlarge - - c4.4xlarge - - c4.8xlarge - - c5.large - - c5.xlarge - - c5.2xlarge - - c5.4xlarge - - c5.9xlarge + - a1.2xlarge + - a1.4xlarge + - a1.large + - a1.medium + - a1.xlarge + - c4.2xlarge + - c4.4xlarge + - c4.8xlarge + - c4.large + - c4.xlarge + - c5.12xlarge - c5.18xlarge - - r3.large - - r3.xlarge - - r3.2xlarge - - r3.4xlarge - - r3.8xlarge - - r4.large - - r4.xlarge - - r4.2xlarge - - r4.4xlarge - - r4.8xlarge - - r4.16xlarge - - x1.16xlarge - - x1.32xlarge - - x1e.xlarge - - x1e.2xlarge - - x1e.4xlarge - - x1e.8xlarge - - x1e.16xlarge - - x1e.32xlarge - - d2.xlarge - - d2.2xlarge - - d2.4xlarge - - d2.8xlarge - - h1.2xlarge - - h1.4xlarge - - h1.8xlarge - - h1.16xlarge - - i2.xlarge - - i2.2xlarge - - i2.4xlarge - - i2.8xlarge - - i3.large - - i3.xlarge - - i3.2xlarge - - i3.4xlarge - - i3.8xlarge + - c5.24xlarge + - c5.2xlarge + - c5.4xlarge + - c5.9xlarge + - c5.large + - c5.metal + - c5.xlarge + - c5d.18xlarge + - c5d.2xlarge + - c5d.4xlarge + - c5d.9xlarge + - c5d.large + - c5d.xlarge + - c5n.18xlarge + - c5n.2xlarge + - c5n.4xlarge + - c5n.9xlarge + - c5n.large + - c5n.xlarge + - cc1.4xlarge + - cc2.8xlarge + - cg1.4xlarge + - d2.2xlarge + - d2.4xlarge + - d2.8xlarge + - d2.xlarge + - f1.16xlarge + - f1.2xlarge + - f1.4xlarge + - g3.16xlarge + - g3.4xlarge + - g3.8xlarge + - g3s.xlarge + - h1.16xlarge + - h1.2xlarge + - h1.4xlarge + - h1.8xlarge + - hi1.4xlarge - i3.16xlarge - - f1.2xlarge - - f1.16xlarge - - g2.2xlarge - - g2.8xlarge - - g3.4xlarge - - g3.8xlarge - - g3.16xlarge - - p2.xlarge - - p2.8xlarge - - p2.16xlarge - - p3.2xlarge - - p3.8xlarge + - i3.2xlarge + - i3.4xlarge + - i3.8xlarge + - i3.large + - i3.metal + - i3.xlarge + - i3en.12xlarge + - i3en.24xlarge + - i3en.2xlarge + - i3en.3xlarge + - i3en.6xlarge + - i3en.large + - i3en.xlarge + - m4.10xlarge + - m4.16xlarge + - m4.2xlarge + - m4.4xlarge + - m4.large + - m4.xlarge + - m5.12xlarge + - m5.16xlarge + - m5.24xlarge + - m5.2xlarge + - m5.4xlarge + - m5.8xlarge + - m5.large + - m5.metal + - m5.xlarge + - m5a.12xlarge + - m5a.16xlarge + - m5a.24xlarge + - m5a.2xlarge + - m5a.4xlarge + - m5a.8xlarge + - m5a.large + - m5a.xlarge + - m5ad.12xlarge + - m5ad.16xlarge + - m5ad.24xlarge + - m5ad.2xlarge + - m5ad.4xlarge + - m5ad.8xlarge + - m5ad.large + - m5ad.xlarge + - m5d.12xlarge + - m5d.16xlarge + - m5d.24xlarge + - m5d.2xlarge + - m5d.4xlarge + - m5d.8xlarge + - m5d.large + - m5d.metal + - m5d.xlarge + - p2.16xlarge + - p2.8xlarge + - p2.xlarge - p3.16xlarge + - p3.2xlarge + - p3.8xlarge + - p3dn.24xlarge + - r4.16xlarge + - r4.2xlarge + - r4.4xlarge + - r4.8xlarge + - r4.large + - r4.xlarge + - r5.12xlarge + - r5.16xlarge + - r5.24xlarge + - r5.2xlarge + - r5.4xlarge + - r5.8xlarge + - r5.large + - r5.metal + - r5.xlarge + - r5a.12xlarge + - r5a.16xlarge + - r5a.24xlarge + - r5a.2xlarge + - r5a.4xlarge + - r5a.8xlarge + - r5a.large + - r5a.xlarge + - r5ad.12xlarge + - r5ad.16xlarge + - r5ad.24xlarge + - r5ad.2xlarge + - r5ad.4xlarge + - r5ad.8xlarge + - r5ad.large + - r5ad.xlarge + - r5d.12xlarge + - r5d.16xlarge + - r5d.24xlarge + - r5d.2xlarge + - r5d.4xlarge + - r5d.8xlarge + - r5d.large + - r5d.metal + - r5d.xlarge + - t2.2xlarge + - t2.large + - t2.medium + - t2.micro + - t2.nano + - t2.small + - t2.xlarge + - t3.2xlarge + - t3.large + - t3.medium + - t3.micro + - t3.nano + - t3.small + - t3.xlarge + - t3a.2xlarge + - t3a.large + - t3a.medium + - t3a.micro + - t3a.nano + - t3a.small + - t3a.xlarge + - u-12tb1.metal + - u-6tb1.metal + - u-9tb1.metal + - x1.16xlarge + - x1.32xlarge + - x1e.16xlarge + - x1e.2xlarge + - x1e.32xlarge + - x1e.4xlarge + - x1e.8xlarge + - x1e.xlarge + - z1d.12xlarge + - z1d.2xlarge + - z1d.3xlarge + - z1d.6xlarge + - z1d.large + - z1d.metal + - z1d.xlarge ConstraintDescription: Must be a valid Amazon EC2 instance type. - Default: t2.large + Default: t3.large Description: The Amazon EC2 instance type for your web instances. Type: String AdminEmail: @@ -778,7 +1204,7 @@ Parameters: Type: String WPAdminPassword: AllowedPattern: ^([a-zA-Z0-9`~!#$%^&*()_+,\\-])*$ - ConstraintDescription: Must be letters (upper or lower), numbers, spaces, and these special characters `~!#$%^&*()_+,- + ConstraintDescription: Must be letters (upper or lower), numbers, spaces, and these special characters `~!#$%^&*()_+,- Description: The WordPress admin password. Letters, numbers, spaces, and these special characters `~!#$%^&*()_+,- Type: String NoEcho: true @@ -972,7 +1398,7 @@ Conditions: - !Condition AvailableAWSRegion DeployCloudFront: !And - !Equals [ true, !Ref UseCloudFrontBoolean ] - - !Condition AvailableAWSRegion + - !Condition AvailableAWSRegion DeployElastiCache: !And - !Equals [ true, !Ref UseElastiCacheBoolean ] - !Condition AvailableAWSRegion @@ -1030,7 +1456,7 @@ Resources: PublicAlbFullName: !GetAtt [ publicalb, Outputs.PublicAlbFullName ] EfsCreateAlarms: - !Ref EfsCreateAlarms + !Ref EfsCreateAlarms TemplateURL: https://s3.amazonaws.com/aws-refarch/wordpress/latest/templates/aws-refarch-wordpress-06-dashboard.yaml dashboardwithnoalarms: Condition: EfsCreateNoAlarms @@ -1045,7 +1471,7 @@ Resources: PublicAlbFullName: !GetAtt [ publicalb, Outputs.PublicAlbFullName ] EfsCreateAlarms: - !Ref EfsCreateAlarms + !Ref EfsCreateAlarms TemplateURL: https://s3.amazonaws.com/aws-refarch/wordpress/latest/templates/aws-refarch-wordpress-06-dashboard.yaml efsfilesystem: DependsOn: [ newvpc, securitygroups ] @@ -1065,7 +1491,7 @@ Resources: InstanceType: !Ref EfsGrowthInstanceType NumberOfSubnets: - !Ref NumberOfAZs + !Ref NumberOfAZs PerformanceMode: !Ref EfsPerformanceMode Subnet: @@ -1090,7 +1516,7 @@ Resources: InstanceType: !Ref EfsAlarmsInstanceType NumberOfSubnets: - !Ref NumberOfAZs + !Ref NumberOfAZs Subnet: !GetAtt [ newvpc, Outputs.DataSubnet ] WarningThreshold: @@ -1297,5 +1723,3 @@ Outputs: OpCacheValidationUrl: Description: A page to validate OpCache has been enabled for each instance in the ASG. Refresh the page to see the status of each instance in the ASG. Value: !Join [ '', [ !If [ CreateRecordSet, !Join [ '', [ 'http://www.', !Ref WPDomainName ] ], !If [ DeployCloudFront, !GetAtt [ cloudfront, Outputs.DnsHostname ], !GetAtt [ publicalb, Outputs.PublicAlbHostname ] ] ], '/opcache-instanceid.php' ] ] - - From 30375a093946f6d709b0d1de722225055431778c Mon Sep 17 00:00:00 2001 From: Daniel Dias Date: Sun, 25 Aug 2019 05:05:03 +0200 Subject: [PATCH 2/3] Updated PHP version --- templates/aws-refarch-wordpress-04-web.yaml | 6 ++++-- templates/aws-refarch-wordpress-master-newvpc.yaml | 6 ++++-- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/templates/aws-refarch-wordpress-04-web.yaml b/templates/aws-refarch-wordpress-04-web.yaml index 60fc750..e670608 100644 --- a/templates/aws-refarch-wordpress-04-web.yaml +++ b/templates/aws-refarch-wordpress-04-web.yaml @@ -150,10 +150,12 @@ Parameters: Type: String PHPVersion: AllowedValues: - - 5.5 - 5.6 - 7.0 - Default: 7.0 + - 7.1 + - 7.2 + - 7.3 + Default: 7.3 Description: The version of PHP to install. Type: String PublicAlbTargetGroupArn: diff --git a/templates/aws-refarch-wordpress-master-newvpc.yaml b/templates/aws-refarch-wordpress-master-newvpc.yaml index 603008b..ce40b8e 100644 --- a/templates/aws-refarch-wordpress-master-newvpc.yaml +++ b/templates/aws-refarch-wordpress-master-newvpc.yaml @@ -954,10 +954,12 @@ Parameters: Type: String PHPVersion: AllowedValues: - - 5.5 - 5.6 - 7.0 - Default: 7.0 + - 7.1 + - 7.2 + - 7.3 + Default: 7.3 Description: The version of PHP to install. Type: String PublicAlbAcmCertificate: From ea5fffac04b2f89e899b8eac06e6a7499392d53b Mon Sep 17 00:00:00 2001 From: Daniel Dias Date: Sun, 25 Aug 2019 05:08:56 +0200 Subject: [PATCH 3/3] Fixed master template name and link. --- README.md | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 8c0430d..5c7faf6 100644 --- a/README.md +++ b/README.md @@ -33,7 +33,7 @@ To launch the entire stack and deploy a WordPress site on AWS, click on one of t You can launch this CloudFormation stack, using your account, in the following AWS Regions: | AWS Region Code | Name | Launch | -| --- | --- | --- +| --- | --- | --- | us-east-1 |US East (N. Virginia)| [![cloudformation-launch-stack](images/cloudformation-launch-stack.png)](https://console.aws.amazon.com/cloudformation/home?region=us-east-1#/stacks/new?stackName=WordPress&templateURL=https://s3.amazonaws.com/aws-refarch/wordpress/latest/templates/aws-refarch-wordpress-master-newvpc.yaml) | | us-east-2 |US East (Ohio)| [![cloudformation-launch-stack](images/cloudformation-launch-stack.png)](https://console.aws.amazon.com/cloudformation/home?region=us-east-2#/stacks/new?stackName=WordPress&templateURL=https://s3.amazonaws.com/aws-refarch/wordpress/latest/templates/aws-refarch-wordpress-master-newvpc.yaml) | | us-west-2 |US West (Oregon)| [![cloudformation-launch-stack](images/cloudformation-launch-stack.png)](https://console.aws.amazon.com/cloudformation/home?region=us-west-2#/stacks/new?stackName=WordPress&templateURL=https://s3.amazonaws.com/aws-refarch/wordpress/latest/templates/aws-refarch-wordpress-master-newvpc.yaml) | @@ -63,7 +63,7 @@ max_execution_time = 30 #### Using Bastion to access Wordpress instances -From the EC2 console, navigate to Auto Scaling groups and find the Bastion launch configuration for your stack. Edit the launch configuration and set the desired instances to 1. Press Save and the Bastion instance will be created. Bastion is a gateway to your instances for enhanced security. +From the EC2 console, navigate to Auto Scaling groups and find the Bastion launch configuration for your stack. Edit the launch configuration and set the desired instances to 1. Press Save and the Bastion instance will be created. Bastion is a gateway to your instances for enhanced security. The Wordpress CLI is enabled on each instance, SSH into Bastion, then SSH into an instance. From the wordpress install directory `/var/www/wordpress/` use the `wp` command to interact with your wordpress install. @@ -109,14 +109,14 @@ OPcache is a byte-code cache engine running on each EC2 instance that caches pre - Mount the EFS file system using the default Linux mount options identified in the [Amazon EFS User Guide](http://docs.aws.amazon.com/efs/latest/ug/mounting-fs-mount-cmd-general.html). Changing some of the activating caching options from their defaults, like actimeo, acregmax, or acdirmax may generate significantly higher metadata operations by timing out the attribute caches more frequently. Careful testing is recommended if the defaults are not used. - + - Increase the size of realpath_cache_size. Setting it to 512k is a good start but finding out how much realpath cache you’re actually using will help you fine tune this setting and be more precise. To find out how much real path cache you’re actually using, place the following php code snippet in a php file (you can use any name – for example realpathcache.php) and place it in your WordPress directory. Open a browser and point to this php file. Refresh your page multiple times. The value being returned is the amount of memory in bytes realpath cache is using. Take note of the maximum value being returned after refreshing this page multiple times. This, plus a little headroom, should be the value of the realpath_cache_size setting. ``` ``` - + - Please get the number of php files using “find . -type f -print | grep php | wc -l” in your WordPress directory. This number should be smaller than your opcache.max_accelerated_files settings. This setting controls how many PHP files, at most, can be held in memory at once. It's important that your project has LESS FILES than whatever you set this at. - The default value for opcache.memory consumption is 64 MB. Increasing this setting could improve performance by caching more files in memory. Consider setting this to a value of 512MB (opcache.memory_consumption=512) or more to improve performance. Testing different opcache.memory consumption values is recommended to optimize the performance for your particular workload. In case memory size turns out to be a limiting factor, the cloudformation template also configures opcache.file_cache to use local storage (an EBS or instance store volume). During testing we recommend disabling opcache.validate_timestamps so calls are not being made to the NFS server to ensure opcache’s coherency. It is not recommended that opcache.validate_timestamps be disabled in production. @@ -125,7 +125,7 @@ To learn more about OPcache, please read http://php.net/manual/en/book.opcache.p #### Offloading Static Assets -WordPress has a large partner ecosystem to further enhance the usability, performance, and ease of maintenance of WordPress deployments. Plugins, like W3-Total-Cache, allow you to leverage other AWS services like Amazon S3 and Amazon CloudFront to offload and store static content. Others may like the simplicity of storing all content on Amazon EFS and avoid installing and managing 3rd party plugins. +WordPress has a large partner ecosystem to further enhance the usability, performance, and ease of maintenance of WordPress deployments. Plugins, like W3-Total-Cache, allow you to leverage other AWS services like Amazon S3 and Amazon CloudFront to offload and store static content. Others may like the simplicity of storing all content on Amazon EFS and avoid installing and managing 3rd party plugins. #### Setup W3-Total-Cache The W3-Total-Cache plugin is required for the reference architecutre to have the best performance. W3 allows Offloading of static assets, and impliments memcached to cache Objects, Database Queries, ect. @@ -141,18 +141,18 @@ To setup W3-Total-Cache, activate it in plugins (Will be installed automatically Press Save All & Purge Cache -You will see errors saying 127.0.0.1:11211 not accessible. +You will see errors saying 127.0.0.1:11211 not accessible. Now Inside each menu in the sidebar navigation, scroll to Memcached server option (Advanced), and paste the ElasticCache Configuration Endpoint. Press test and ensure it passes. Under Browser Cache, enable both **Set expires header** and **Set cache control header** (When testing this may be combersome) Under CDN, paste in a valid and uniquely created IAM Key and Secret that has access to S3 or an S3 bucket. Paste in the Cloudfront prefix that was created with the stack. Also scroll to Advanced and select **Export changed files automatically** -Since files will be offloaded to S3, ensure to add the S3 bucket as an origin on your CloudFront Distribution. Simply navigate to the distribution, select the Origin tab, Create Origin, Click on the Origin Domain Name text field and find the S3 bucket used for CDN. **Note:** This will take some time, the Distribution will be In Progress until CDN replication is complete. +Since files will be offloaded to S3, ensure to add the S3 bucket as an origin on your CloudFront Distribution. Simply navigate to the distribution, select the Origin tab, Create Origin, Click on the Origin Domain Name text field and find the S3 bucket used for CDN. **Note:** This will take some time, the Distribution will be In Progress until CDN replication is complete. ## Master Template The master template receives all input parameters and passes them to the appropriate nested template which are executed in order based on conditions and dependencies. -Review the template here [aws-refarch-wordpress-master.yaml](templates/aws-refarch-wordpress-master.yaml) +Review the template here [aws-refarch-wordpress-master-newvpc.yaml](templates/aws-refarch-wordpress-master-newvpc.yaml) ### AWS Resources Created: @@ -240,7 +240,7 @@ Review the template here [aws-refarch-wordpress-master.yaml](templates/aws-refar ## Master Template The master template receives all input parameters and passes them to the appropriate nested template which are executed in order based on dependencies. -Review the template here [aws-refarch-wordpress-master.yaml](templates/aws-refarch-wordpress-master.yaml) +Review the template here [aws-refarch-wordpress-master-newvpc.yaml](templates/aws-refarch-wordpress-master-newvpc.yaml) ## New VPC Template Review the template here [aws-refarch-wordpress-01-newvpc.yaml](templates/aws-refarch-wordpress-01-newvpc.yaml)