-
Notifications
You must be signed in to change notification settings - Fork 60
/
Copy pathstack.yml
58 lines (58 loc) · 1.95 KB
/
stack.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
Resources:
AppNode:
Type: AWS::EC2::Instance
Properties:
InstanceType: t2.micro
ImageId: ami-a58d0dc5
KeyName: aws-key1
SecurityGroups:
- !Ref AppNodeSG
UserData: !Base64 |
#!/bin/bash
apt-get update -qq
apt-get install -y apt-transport-https ca-certificates
apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D
echo "deb https://apt.dockerproject.org/repo ubuntu-xenial main" | tee /etc/apt/sources.list.d/docker.list
apt-get update -qq
apt-get purge lxc-docker || true
apt-get -y install linux-image-extra-$(uname -r) linux-image-extra-virtual
apt-get -y install docker-engine
usermod -aG docker ubuntu
mkdir -p /etc/systemd/system/docker.service.d
printf "[Service]\nExecStart=\nExecStart=/usr/bin/dockerd -H fd:// -H tcp://0.0.0.0:2375\n" >> /etc/systemd/system/docker.service.d/docker.conf
systemctl daemon-reload
systemctl restart docker
AppNodeSG:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: for the app nodes that allow ssh, http and docker ports
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: '80'
ToPort: '80'
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: '22'
ToPort: '22'
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: '2375'
ToPort: '2375'
CidrIp: 0.0.0.0/0
DatabaseInstance:
Type: AWS::RDS::DBInstance
Properties:
DBName: "blog"
Engine: MySQL
MasterUsername: bloguser
MasterUserPassword: password123
DBInstanceClass: db.t2.micro
AllocatedStorage: '5'
DBSecurityGroups:
- !Ref DatabaseSG
DatabaseSG:
Type: AWS::RDS::DBSecurityGroup
Properties:
GroupDescription: Security Group for RDS public access
DBSecurityGroupIngress:
- CIDRIP: 0.0.0.0/0