此模板使用cloudformation 创建AWS 最佳实践基础网络环境,如有引用请修改安全组相应端口、EC2修改相应秘钥即可,本文参数设置采用aws官方文档链接:https://docs.amazonaws.cn/AWSCloudFormation/latest/UserGuide/Welcome.html 如有不足或侵权请联系微信改正(文章末尾)
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "Deploy a VPC",
"Resources": {
"VPC": {
"Type": "AWS::EC2::VPC",
"Properties": {
"CidrBlock": "10.0.0.0/16",
"EnableDnsHostnames": true,
"Tags": [
{
"Key": "Name",
"Value": "Lab VPC"
}
]
}
},
"InternetGateway": {
"Type": "AWS::EC2::InternetGateway",
"Properties": {
"Tags": [
{
"Key": "Name",
"Value": "Lab Internet Gateway"
}
]
}
},
"AttachGateway": {
"Type": "AWS::EC2::VPCGatewayAttachment",
"Properties": {
"VpcId": {
"Ref": "VPC"
},
"InternetGatewayId": {
"Ref": "InternetGateway"
}
}
},
"PublicSubnet1": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"VpcId": {
"Ref": "VPC"
},
"MapPublicIpOnLaunch": true,
"CidrBlock": "10.0.1.0/24",
"AvailabilityZone": "cn-northwest-1a",
"Tags": [
{
"Key": "Name",
"Value": "Public Subnet 1"
}
]
}
},
"PublicSubnet2": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"VpcId": {
"Ref": "VPC"
},
"MapPublicIpOnLaunch": true,
"CidrBlock": "10.0.2.0/24",
"AvailabilityZone": "cn-northwest-1b",
"Tags": [
{
"Key": "Name",
"Value": "Public Subnet 2"
}
]
}
},
"PrivateSubnet1": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"VpcId": {
"Ref": "VPC"
},
"CidrBlock": "10.0.3.0/24",
"AvailabilityZone": "cn-northwest-1a",
"Tags": [
{
"Key": "Name",
"Value": "EC2-Private Subnet 1"
}
]
}
},
"PrivateSubnet2": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"VpcId": {
"Ref": "VPC"
},
"CidrBlock": "10.0.4.0/24",
"AvailabilityZone": "cn-northwest-1b",
"Tags": [
{
"Key": "Name",
"Value": "EC2-Private Subnet 2"
}
]
}
},
"PrivateSubnet3": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"VpcId": {
"Ref": "VPC"
},
"CidrBlock": "10.0.5.0/24",
"AvailabilityZone": "cn-northwest-1a",
"Tags": [
{
"Key": "Name",
"Value": "DB-Private Subnet 3"
}
]
}
},
"PrivateSubnet4": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"VpcId": {
"Ref": "VPC"
},
"CidrBlock": "10.0.6.0/24",
"AvailabilityZone": "cn-northwest-1b",
"Tags": [
{
"Key": "Name",
"Value": "DB-Private Subnet 4"
}
]
}
},
"PublicRouteTable1": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
"VpcId": {
"Ref": "VPC"
},
"Tags": [
{
"Key": "Name",
"Value": "Public Route Table1"
}
]
}
},
"PublicSubnetRouteTableAssociation1": {
"Type": "AWS::EC2::SubnetRouteTableAssociation",
"Properties": {
"SubnetId": {
"Ref": "PublicSubnet1"
},
"RouteTableId": {
"Ref": "PublicRouteTable1"
}
}
},
"PublicSubnetRouteTableAssociation2": {
"Type": "AWS::EC2::SubnetRouteTableAssociation",
"Properties": {
"SubnetId": {
"Ref": "PublicSubnet2"
},
"RouteTableId": {
"Ref": "PublicRouteTable1"
}
}
},
"PublicRoute1": {
"Type": "AWS::EC2::Route",
"Properties": {
"RouteTableId": {
"Ref": "PublicRouteTable1"
},
"DestinationCidrBlock": "0.0.0.0/0",
"GatewayId": {
"Ref": "InternetGateway"
}
}
},
"PrivateRouteTable1": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
"VpcId": {
"Ref": "VPC"
},
"Tags": [
{
"Key": "Name",
"Value": "EC2-PrivateRouteTable1"
}
]
}
},
"PrivateRouteTable2": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
"VpcId": {
"Ref": "VPC"
},
"Tags": [
{
"Key": "Name",
"Value": "EC2-PrivateRouteTable2"
}
]
}
},
"PrivateRouteTable3": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
"VpcId": {
"Ref": "VPC"
},
"Tags": [
{
"Key": "Name",
"Value": "DB-PrivateRouteTable3"
}
]
}
},
"PrivateRouteTable4": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
"VpcId": {
"Ref": "VPC"
},
"Tags": [
{
"Key": "Name",
"Value": "DB-PrivateRouteTable4"
}
]
}
},
"PrivateSubnetRouteTableAssociation1": {
"Type": "AWS::EC2::SubnetRouteTableAssociation",
"Properties": {
"SubnetId": {
"Ref": "PrivateSubnet1"
},
"RouteTableId": {
"Ref": "PrivateRouteTable1"
}
}
},
"PrivateSubnetRouteTableAssociation2": {
"Type": "AWS::EC2::SubnetRouteTableAssociation",
"Properties": {
"SubnetId": {
"Ref": "PrivateSubnet2"
},
"RouteTableId": {
"Ref": "PrivateRouteTable2"
}
}
},
"PrivateSubnetRouteTableAssociation3": {
"Type": "AWS::EC2::SubnetRouteTableAssociation",
"Properties": {
"SubnetId": {
"Ref": "PrivateSubnet3"
},
"RouteTableId": {
"Ref": "PrivateRouteTable3"
}
}
},
"PrivateSubnetRouteTableAssociation4": {
"Type": "AWS::EC2::SubnetRouteTableAssociation",
"Properties": {
"SubnetId": {
"Ref": "PrivateSubnet4"
},
"RouteTableId": {
"Ref": "PrivateRouteTable4"
}
}
},
"EIP1": {
"Type": "AWS::EC2::EIP",
"Properties": {
"Domain": "VPC"
}
},
"EIP2": {
"Type": "AWS::EC2::EIP",
"Properties": {
"Domain": "VPC"
}
},
"NAT1": {
"Type": "AWS::EC2::NatGateway",
"Properties": {
"AllocationId": {
"Fn::GetAtt": [
"EIP1",
"AllocationId"
]
},
"SubnetId": {
"Ref": "PublicSubnet1"
},
"Tags": [
{
"Key": "Name",
"Value": "NAT1"
}
]
}
},
"NAT2": {
"Type": "AWS::EC2::NatGateway",
"Properties": {
"AllocationId": {
"Fn::GetAtt": [
"EIP2",
"AllocationId"
]
},
"SubnetId": {
"Ref": "PublicSubnet2"
},
"Tags": [
{
"Key": "Name",
"Value": "NAT2"
}
]
}
},
"PrivateRoute1": {
"Type": "AWS::EC2::Route",
"Properties": {
"RouteTableId": {
"Ref": "PrivateRouteTable1"
},
"DestinationCidrBlock": "0.0.0.0/0",
"NatGatewayId": {
"Ref": "NAT1"
}
}
},
"PrivateRoute2": {
"Type": "AWS::EC2::Route",
"Properties": {
"RouteTableId": {
"Ref": "PrivateRouteTable2"
},
"DestinationCidrBlock": "0.0.0.0/0",
"NatGatewayId": {
"Ref": "NAT2"
}
}
},
"ELBSG": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"GroupDescription": "ELB for 80",
"GroupName": "ELB",
"VpcId": {
"Ref": "VPC"
},
"SecurityGroupIngress": [
{
"IpProtocol": "tcp",
"FromPort": "80",
"ToPort": "80",
"CidrIp": "0.0.0.0/0"
}
]
}
},
"EC2SG": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"GroupDescription": "EC2 for 80",
"GroupName": "EC2",
"VpcId": {
"Ref": "VPC"
},
"SecurityGroupIngress": [
{
"IpProtocol": "tcp",
"FromPort": "80",
"ToPort": "80"
}
]
}
},
"InstanceIngress": {
"Type": "AWS::EC2::SecurityGroupIngress",
"Properties": {
"GroupId": {
"Fn::GetAtt": [
"EC2SG",
"GroupId"
]
},
"IpProtocol": "tcp",
"FromPort": "80",
"ToPort": "80",
"SourceSecurityGroupId": {
"Fn::GetAtt": [
"ELBSG",
"GroupId"
]
}
}
},
"CACHESG": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"GroupDescription": "CACHE for 11211",
"GroupName": "CACHE",
"VpcId": {
"Ref": "VPC"
},
"SecurityGroupIngress": [
{
"IpProtocol": "tcp",
"FromPort": "11211",
"ToPort": "11211"
}
]
}
},
"CACHEIngress": {
"Type": "AWS::EC2::SecurityGroupIngress",
"Properties": {
"GroupId": {
"Fn::GetAtt": [
"CACHESG",
"GroupId"
]
},
"IpProtocol": "tcp",
"FromPort": "11211",
"ToPort": "11211",
"SourceSecurityGroupId": {
"Fn::GetAtt": [
"EC2SG",
"GroupId"
]
}
}
},
"EFSSG": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"GroupDescription": "EFS for 2049",
"GroupName": "EFS",
"VpcId": {
"Ref": "VPC"
},
"SecurityGroupIngress": [
{
"IpProtocol": "tcp",
"FromPort": "2049",
"ToPort": "2049"
}
]
}
},
"EFSIngress": {
"Type": "AWS::EC2::SecurityGroupIngress",
"Properties": {
"GroupId": {
"Fn::GetAtt": [
"EFSSG",
"GroupId"
]
},
"IpProtocol": "tcp",
"FromPort": "2049",
"ToPort": "2049",
"SourceSecurityGroupId": {
"Fn::GetAtt": [
"EC2SG",
"GroupId"
]
}
}
},
"RDSMYSG": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"GroupDescription": "RDSMY for 3306",
"GroupName": "RDSMY",
"VpcId": {
"Ref": "VPC"
},
"SecurityGroupIngress": [
{
"IpProtocol": "tcp",
"FromPort": "3306",
"ToPort": "3306"
}
]
}
},
"RDSIngress": {
"Type": "AWS::EC2::SecurityGroupIngress",
"Properties": {
"GroupId": {
"Fn::GetAtt": [
"RDSMYSG",
"GroupId"
]
},
"IpProtocol": "tcp",
"FromPort": "3306",
"ToPort": "3306",
"SourceSecurityGroupId": {
"Fn::GetAtt": [
"EC2SG",
"GroupId"
]
}
}
},
"myLaunchConfig": {
"Type": "AWS::AutoScaling::LaunchConfiguration",
"Properties": {
"ImageId": "ami-0a12cb9cd7fea53e7",
"SecurityGroups": [
{
"Ref": "EC2SG"
}
],
"InstanceType": "t3.micro",
"KeyName": "cn-wxzedu",
"UserData": {
"Fn::Base64": {
"Fn::Join": [
"",
[
"#!/bin/bash \n",
"sudo -s \n",
"sudo yum -y install httpd\n",
"sudo systemctl start httpd\n"
]
]
}
}
}
},
"myASG": {
"Type": "AWS::AutoScaling::AutoScalingGroup",
"Properties": {
"VPCZoneIdentifier": [
{
"Ref": "PublicSubnet1"
},
{
"Ref": "PublicSubnet2"
}
],
"LaunchConfigurationName": {
"Ref": "myLaunchConfig"
},
"MinSize": "1",
"MaxSize": "1",
"DesiredCapacity": "1",
"TargetGroupARNs": [
{
"Ref": "ALBTargetGroup"
}
]
}
},
"ApplicationLoadBalancer": {
"Type": "AWS::ElasticLoadBalancingV2::LoadBalancer",
"Properties": {
"Name": "ALB-server-demo",
"IpAddressType": "ipv4",
"SecurityGroups": [
{
"Ref": "ELBSG"
}
],
"Scheme": "internet-facing",
"Subnets": [
{
"Ref": "PublicSubnet1"
},
{
"Ref": "PublicSubnet2"
}
],
"Type": "application"
}
},
"ALBTargetGroup": {
"Type": "AWS::ElasticLoadBalancingV2::TargetGroup",
"Properties": {
"Name": "ALB-server-demo-group",
"HealthCheckEnabled": true,
"HealthCheckPath": "/",
"Protocol": "HTTP",
"Port": 80,
"TargetType": "instance",
"HealthCheckIntervalSeconds": 7,
"UnhealthyThresholdCount": 3,
"HealthCheckTimeoutSeconds": "6",
"VpcId": {
"Ref": "VPC"
}
}
},
"ALBListener": {
"Type": "AWS::ElasticLoadBalancingV2::Listener",
"Properties": {
"DefaultActions": [
{
"Type": "forward",
"TargetGroupArn": {
"Ref": "ALBTargetGroup"
}
}
],
"LoadBalancerArn": {
"Ref": "ApplicationLoadBalancer"
},
"Port": "80",
"Protocol": "HTTP"
}
}
}
}
微信:a1362623821