cloudformation getting started with yaml

Download CloudFormation Getting Started with YAML

Post on 22-Jan-2018

713 views

Category:

Technology

6 download

Embed Size (px)

TRANSCRIPT

  1. 1. 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. 2017/11/14 JAWS-UG CloudFormation Getting Started with YAML
  2. 2. 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Who am I ? Amazon Web Services Japan Solution Architect AWS CLI IT B & E 2
  3. 3. 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. CFn
  4. 4. 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Agenda 1. CloudFormation YAML 2. CloudFormation 1. 100 2. Web3
  5. 5. 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. CloudFormation BlackBelt https://www.slideshare.net/AmazonWebServicesJapan/aws-black-belt-online-seminar-2016-aws-cloudformation https://aws.amazon.com/jp/aws-jp-introduction/
  6. 6. 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. CloudFormation YAML
  7. 7. 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. 1. YAML 2. 3. 4.
  8. 8. 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. 1. YAML
  9. 9. 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. YAML JSON YAML YAML CFn YAML http://magazine.rubyist.net/?0009-YAML
  10. 10. 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. - aaa - bbb - ccc abc: value1 def: value2 ghi: value3 abc: - aaa - bbb - ccc def: - eee - fff - ggg - abc: value1 def: value2 - ghi: value3 jkl: value4 [ {"abc": "value1", "def": "value2" }, {"ghi": "value3", "jkl": "value4" } ] { "abc": "value1", "def": "value2", "ghi": "value3} [ "aaa", "bbb", "ccc"] { "abc": [ "aaa", "bbb", "ccc" ], "def": [ "eee", "fff", "ggg" ]} JSON
  11. 11. 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. - aaa - bbb - ccc abc: value1 def: value2 ghi: value3 1 1 [aaa, bbb, ccc] {abc: value1, def: value2, ghi: value3
  12. 12. 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. YAML / / (true, false) / JSON CFn
  13. 13. 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. UserData text1: hogera hogehoge foobar text1: | hogera hogehoge foobar hogera hogehoge foobar hogera hogehoge foobar
  14. 14. 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. 2.
  15. 15. 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. YAML aws cloudformation validate-template CloudFormation Designer JSON Ctrl-Space emacs yaml-mode, fly-check, highlight-indentation, auto-complete http://docs.aws.amazon.com/ja_jp/AWSCloudFormation/latest/UserGuide/working-with-templates-cfn-designer-json-editor.html vimVS Code
  16. 16. 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. 3.
  17. 17. 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. (Description) AWS (Resource) (Outputs)
  18. 18. 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. (Type) AWS (Properties)
  19. 19. 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Outputs Export)
  20. 20. 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Parameter Parameter !Ref aws cloudformation create-stack --stack-name yaml-stack-aurora --template-body file://yaml-aurora.yaml --capabilities CAPABILITY_IAM --parameters ParameterKey=SecStackName,ParameterValue=yaml-stack2-nw ParameterKey=BaseStackName,ParameterValue=yaml-stack2 ParameterKey=DBPassword,ParameterValue=dbpassword ParameterKey=DBUser,ParameterValue=dbuser CLI
  21. 21. 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Cross Stack Reference Export ID ImportValue NestedStack CrossStackReference
  22. 22. 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. 15 http://docs.aws.amazon.com/ja_jp/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference.html Fn::xxx!xxx2 !Ref, !GetAtt !Sub AZ !GetAZs Fn::ImportValue Base64 Fn::Base64 !FindInMap !If
  23. 23. 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. !Ref ID !GetAtt !Sub ${xxx}( !Select !Select [ 1, [ apples, grapes, oranges, mangoes] ] grapes !GetAZs AZ AZ !Join
  24. 24. 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. 4.
  25. 25. 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. CloudFormerYAML YAML cfn-flip https://github.com/awslabs/aws-cfn-template-flip / CloudFormer CLIYAML : aws rds describe-db-instances | ruby -ryaml -rjson -e 'puts YAML.dump(JSON.parse(STDIN.read))' https://aws.amazon.com/jp/cloudformation/aws-cloudformation-templates/ awslabs (https://github.com/awslabs )
  26. 26. 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. CFn AWS http://docs.aws.amazon.com/ja_jp/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html http://docs.aws.amazon.com/ja_jp/AWSCloudFormation/latest/UserGuide/aws-product-property-reference.html http://docs.aws.amazon.com/ja_jp/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference.html http://docs.aws.amazon.com/ja_jp/AWSCloudFormation/latest/UserGuide/pseudo-parameter-reference.html http://docs.aws.amazon.com/ja_jp/AWSCloudFormation/latest/UserGuide/aws-product-attribute-reference.html
  27. 27. 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. CFn AWS http://docs.aws.amazon.com/ja_jp/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html / / / !Ref !GetAtt .xxx PropertiesResource
  28. 28. 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. CFn Rollback C L I ! C L I ! aws cloudformation validate-template --template-body file://yaml-aurora.yaml aws cloudformation create-stack --stack-name yaml-stack-aurora --template-body file://yaml-aurora.yaml --capabilities CAPABILITY_IAM --parameters ParameterKey=SecStackName,ParameterValue=yaml-stack2-nw ParameterKey=BaseStackName,ParameterValue=yaml-stack2 ParameterKey=DBPassword,ParameterValue=dbpassword ParameterKey=DBUser,ParameterValue=dbuser aws cloudformation describe-stack-events --stack-name yaml-stack-aurora query 'reverse(StackEvents[])
  29. 29. 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. CFn / / / / validation cfn-update.sh #!/bin/sh mode=$1; shift stack_name=$1; shift template=$1; shift if [ "$mode" != "create" -a "$mode" != "update" ]; then echo "$0 (create|update) stack-name template-name [param1=val2 param2=val2 ...]; exit 1 fi params=$(echo $* | perl -np -e "s/([^= ]+)=([^ ]+)/ParameterKey=1,ParameterValue=2/g") if [ "$params" != "" ]; then params="--parameters ${params} fi cmd="aws cloudformation ${mode}-stack --stack-name ${stack_name} --template-body file://${template} --capabilities CAPABILITY_IAM $params echo ${cmd} eval ${cmd} ./cfn-validate.sh yaml-eip.yaml ./cfn-update.sh create yaml-stack-r53 yaml-r53.yaml ./cfn-update.sh create yaml-stack-eip yaml-eip.yaml R53StackName=yaml-stack-r53 ./cfn-status.sh yaml-stack-eip -v
  30. 30. 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. 1. YAML 2. 3. 4.
  31. 31. 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. CloudFormation
  32. 32. 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. CloudFormation 100 Web3
  33. 33. 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. 100 100AWS AWSID VPC VPCEC2
  34. 34. 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. 100 10 us-east-1 ap-northeast-1 EC2 IAM 10 10Region VPC CLI Organizations AssumeRole StackSetRole Cloudformation StackSet 10IAM IAM us-east-1StackSet Cloudformation StackSet VPC StackSet OrganizationsCFn StackSetRole - AWSCloudFormationStackSetAdministrationRole - AWSCloudFormationStackSetExecutionRole user00110 & pw CFn TemplateLoop 10yaml EC2IAMCondition StackSetStack503StackSet 200 VPCCFn &
  35. 35. 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Web3 BasionAP AP Basion AP DB DataVolume(EBS) RDSDataVolume Security Group ALB EIP& Public Subet1 Private Subet1 Private Subet2 Public Subet2 Auto Scaling Group IAM Role & Policy Hosted Zone DataVolume
  36. 36. 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Web3 / CrossStack Reference
  37. 37. 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Web3 Basion AP ALB EIP& Public Subet1 Private Subet1 Private Subet2 Public Subet2 Auto Scaling Group LB SG AP SG DB SG Basion SG HostedZone = CrossStack Reference -xxx
  38. 38. 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Web3 Basion AP ALB EIP& Public Subet1 Private Subet1 Private Subet2 Public Subet2 Auto Scaling Group LB SG AP SG DB SG Basion SG HostedZone HostedZoneNS HostedZone IAM DBAP BlueGreenALB DB SSM Parameter StoreCLI CFnParameters NoEchoCLI IAMRole SecurityGroup EC2DeletionPolicy EBS DeletionPolicy RDSDeletionPolicysnapshotretain
  39. 39. 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. 1. CloudFormation YAML 2. CloudFormation 1. 100 2. Web3 CloudFormation CloudFormation CloudFormation
  40. 40. 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Thank You!