Enigo/cfn.yaml

## cfn.yaml
---
AWSTemplateFormatVersion: 2010-09-09

Parameters:
 VpcId:
   Description: VPC id where stack should be deployed
   Type: AWS::EC2::VPC::Id
 Subnets:
   Description: Subnet IDs
   Type: CommaDelimitedList
 ImageId:
   Description: AMI id
   Type: AWS::EC2::Image::Id
 InstanceType:
   Description: ec2 instance type
   Type: String
   Default: i3.large
   ConstraintDescription: must be a valid EC2 instance type.

Resources:
 ScyllaInterNodeSecurityGroup:
   Type: AWS::EC2::SecurityGroup
   Properties:
     GroupDescription: "Security group for communication between ScyllaDB nodes"
     VpcId: !Ref VpcId
 ScyllaInterNodeSecurityGroup7000:
   Type: AWS::EC2::SecurityGroupIngress
   Properties:
     Description: Inter-node communication (RPC)
     GroupId: !Ref ScyllaInterNodeSecurityGroup
     IpProtocol: tcp
     FromPort: 7000
     ToPort: 7000
     SourceSecurityGroupId: !Ref ScyllaInterNodeSecurityGroup
 ScyllaInterNodeSecurityGroup7001:
   Type: AWS::EC2::SecurityGroupIngress
   Properties:
     Description: SSL inter-node communication (RPC)
     GroupId: !Ref ScyllaInterNodeSecurityGroup
     IpProtocol: tcp
     FromPort: 7001
     ToPort: 7001
     SourceSecurityGroupId: !Ref ScyllaInterNodeSecurityGroup
 ScyllaInterNodeSecurityGroup7199:
   Type: AWS::EC2::SecurityGroupIngress
   Properties:
     Description: JMX management
     GroupId: !Ref ScyllaInterNodeSecurityGroup
     IpProtocol: tcp
     FromPort: 7199
     ToPort: 7199
     SourceSecurityGroupId: !Ref ScyllaInterNodeSecurityGroup
 ScyllaInterNodeSecurityGroup9042:
   Type: AWS::EC2::SecurityGroupIngress
   Properties:
     Description: CQL (native_transport_port)
     GroupId: !Ref ScyllaInterNodeSecurityGroup
     IpProtocol: tcp
     FromPort: 9042
     ToPort: 9042
     SourceSecurityGroupId: !Ref ScyllaInterNodeSecurityGroup
 ScyllaInterNodeSecurityGroup9160:
   Type: AWS::EC2::SecurityGroupIngress
   Properties:
     Description: Scylla client port (Thrift)
     GroupId: !Ref ScyllaInterNodeSecurityGroup
     IpProtocol: tcp
     FromPort: 9160
     ToPort: 9160
     SourceSecurityGroupId: !Ref ScyllaInterNodeSecurityGroup
 ScyllaInterNodeSecurityGroup9180:
   Type: AWS::EC2::SecurityGroupIngress
   Properties:
     Description: Prometheus API
     GroupId: !Ref ScyllaInterNodeSecurityGroup
     IpProtocol: tcp
     FromPort: 9180
     ToPort: 9180
     SourceSecurityGroupId: !Ref ScyllaInterNodeSecurityGroup
 ScyllaInterNodeSecurityGroup9142:
   Type: AWS::EC2::SecurityGroupIngress
   Properties:
     Description: SSL CQL (secure client to node)
     GroupId: !Ref ScyllaInterNodeSecurityGroup
     IpProtocol: tcp
     FromPort: 9142
     ToPort: 9142
     SourceSecurityGroupId: !Ref ScyllaInterNodeSecurityGroup
 ScyllaInterNodeSecurityGroup10000:
   Type: AWS::EC2::SecurityGroupIngress
   Properties:
     Description: Scylla REST API
     GroupId: !Ref ScyllaInterNodeSecurityGroup
     IpProtocol: tcp
     FromPort: 10000
     ToPort: 10000
     SourceSecurityGroupId: !Ref ScyllaInterNodeSecurityGroup
 ScyllaInterNodeSecurityGroup19042:
   Type: AWS::EC2::SecurityGroupIngress
   Properties:
     Description: Native shard-aware transport port
     GroupId: !Ref ScyllaInterNodeSecurityGroup
     IpProtocol: tcp
     FromPort: 19042
     ToPort: 19042
     SourceSecurityGroupId: !Ref ScyllaInterNodeSecurityGroup
 ScyllaInterNodeSecurityGroup19142:
   Type: AWS::EC2::SecurityGroupIngress
   Properties:
     Description: Native shard-aware transport port (ssl)
     GroupId: !Ref ScyllaInterNodeSecurityGroup
     IpProtocol: tcp
     FromPort: 19142
     ToPort: 19142
     SourceSecurityGroupId: !Ref ScyllaInterNodeSecurityGroup
 ScyllaDBSeedInstance:
   Type: AWS::EC2::Instance
   CreationPolicy:
     ResourceSignal:
       Count: 1
       Timeout: PT10M
   Properties:
     EbsOptimized: true
     ImageId: !Ref ImageId
     InstanceType: !Ref InstanceType
     InstanceInitiatedShutdownBehavior: terminate
     Monitoring: true
     NetworkInterfaces:
       - AssociatePublicIpAddress: true
         DeviceIndex: 0
         SubnetId: !Select [ 0, !Ref Subnets ]
         GroupSet:
           - !Ref ScyllaInterNodeSecurityGroup
     UserData:
       Fn::Base64:
         Fn::Sub: |
           #cloud-config
           runcmd:
            - bash /opt/scylla_setup/setup-seed-node.sh
            - /usr/local/bin/cfn-signal -e $? --stack ${AWS::StackName} --resource ScyllaDBSeedInstance --region ${AWS::Region}
 ScyllaDBAutoscalingGroup:
   DependsOn: ScyllaDBSeedInstance
   Type: AWS::AutoScaling::AutoScalingGroup
   CreationPolicy:
     ResourceSignal:
       Count: 1
       Timeout: PT10M
   UpdatePolicy:
     AutoScalingReplacingUpdate:
       WillReplace: true
   Properties:
     Tags:
       - Key: Type
         Value: scylladb
         PropagateAtLaunch: true
     TerminationPolicies:
       - OldestLaunchConfiguration
       - OldestInstance
       - Default
     VPCZoneIdentifier: !Ref Subnets
     MixedInstancesPolicy:
       InstancesDistribution:
         OnDemandBaseCapacity: 0
         OnDemandPercentageAboveBaseCapacity: 100
       LaunchTemplate:
         LaunchTemplateSpecification:
           LaunchTemplateId: !Ref ScyllaInstanceLaunchTemplate
           Version: !GetAtt ScyllaInstanceLaunchTemplate.LatestVersionNumber
         Overrides:
           - InstanceType: !Ref InstanceType
     MinSize: 1
     MaxSize: 1
     DesiredCapacity: 1
 ScyllaInstanceLaunchTemplate:
   DependsOn: ScyllaDBSeedInstance
   Type: AWS::EC2::LaunchTemplate
   Properties:
     LaunchTemplateData:
       EbsOptimized: true
       ImageId: !Ref ImageId
       InstanceInitiatedShutdownBehavior: terminate
       Monitoring:
         Enabled: true
       NetworkInterfaces:
         - AssociatePublicIpAddress: true
           DeviceIndex: 0
           Groups:
             - !Ref ScyllaInterNodeSecurityGroup
       UserData:
         Fn::Base64:
           Fn::Sub: |
             #cloud-config
             runcmd:
              - bash /opt/scylla_setup/setup-not-seed-node.sh ${ScyllaDBSeedInstance.PrivateIp}
              - /usr/local/bin/cfn-signal -e $? --stack ${AWS::StackName} --resource ScyllaDBAutoscalingGroup --region ${AWS::Region}
	---
	AWSTemplateFormatVersion: 2010-09-09

	Parameters:
	VpcId:
	Description: VPC id where stack should be deployed
	Type: AWS::EC2::VPC::Id
	Subnets:
	Description: Subnet IDs
	Type: CommaDelimitedList
	ImageId:
	Description: AMI id
	Type: AWS::EC2::Image::Id
	InstanceType:
	Description: ec2 instance type
	Type: String
	Default: i3.large
	ConstraintDescription: must be a valid EC2 instance type.

	Resources:
	ScyllaInterNodeSecurityGroup:
	Type: AWS::EC2::SecurityGroup
	Properties:
	GroupDescription: "Security group for communication between ScyllaDB nodes"
	VpcId: !Ref VpcId
	ScyllaInterNodeSecurityGroup7000:
	Type: AWS::EC2::SecurityGroupIngress
	Properties:
	Description: Inter-node communication (RPC)
	GroupId: !Ref ScyllaInterNodeSecurityGroup
	IpProtocol: tcp
	FromPort: 7000
	ToPort: 7000
	SourceSecurityGroupId: !Ref ScyllaInterNodeSecurityGroup
	ScyllaInterNodeSecurityGroup7001:
	Type: AWS::EC2::SecurityGroupIngress
	Properties:
	Description: SSL inter-node communication (RPC)
	GroupId: !Ref ScyllaInterNodeSecurityGroup
	IpProtocol: tcp
	FromPort: 7001
	ToPort: 7001
	SourceSecurityGroupId: !Ref ScyllaInterNodeSecurityGroup
	ScyllaInterNodeSecurityGroup7199:
	Type: AWS::EC2::SecurityGroupIngress
	Properties:
	Description: JMX management
	GroupId: !Ref ScyllaInterNodeSecurityGroup
	IpProtocol: tcp
	FromPort: 7199
	ToPort: 7199
	SourceSecurityGroupId: !Ref ScyllaInterNodeSecurityGroup
	ScyllaInterNodeSecurityGroup9042:
	Type: AWS::EC2::SecurityGroupIngress
	Properties:
	Description: CQL (native_transport_port)
	GroupId: !Ref ScyllaInterNodeSecurityGroup
	IpProtocol: tcp
	FromPort: 9042
	ToPort: 9042
	SourceSecurityGroupId: !Ref ScyllaInterNodeSecurityGroup
	ScyllaInterNodeSecurityGroup9160:
	Type: AWS::EC2::SecurityGroupIngress
	Properties:
	Description: Scylla client port (Thrift)
	GroupId: !Ref ScyllaInterNodeSecurityGroup
	IpProtocol: tcp
	FromPort: 9160
	ToPort: 9160
	SourceSecurityGroupId: !Ref ScyllaInterNodeSecurityGroup
	ScyllaInterNodeSecurityGroup9180:
	Type: AWS::EC2::SecurityGroupIngress
	Properties:
	Description: Prometheus API
	GroupId: !Ref ScyllaInterNodeSecurityGroup
	IpProtocol: tcp
	FromPort: 9180
	ToPort: 9180
	SourceSecurityGroupId: !Ref ScyllaInterNodeSecurityGroup
	ScyllaInterNodeSecurityGroup9142:
	Type: AWS::EC2::SecurityGroupIngress
	Properties:
	Description: SSL CQL (secure client to node)
	GroupId: !Ref ScyllaInterNodeSecurityGroup
	IpProtocol: tcp
	FromPort: 9142
	ToPort: 9142
	SourceSecurityGroupId: !Ref ScyllaInterNodeSecurityGroup
	ScyllaInterNodeSecurityGroup10000:
	Type: AWS::EC2::SecurityGroupIngress
	Properties:
	Description: Scylla REST API
	GroupId: !Ref ScyllaInterNodeSecurityGroup
	IpProtocol: tcp
	FromPort: 10000
	ToPort: 10000
	SourceSecurityGroupId: !Ref ScyllaInterNodeSecurityGroup
	ScyllaInterNodeSecurityGroup19042:
	Type: AWS::EC2::SecurityGroupIngress
	Properties:
	Description: Native shard-aware transport port
	GroupId: !Ref ScyllaInterNodeSecurityGroup
	IpProtocol: tcp
	FromPort: 19042
	ToPort: 19042
	SourceSecurityGroupId: !Ref ScyllaInterNodeSecurityGroup
	ScyllaInterNodeSecurityGroup19142:
	Type: AWS::EC2::SecurityGroupIngress
	Properties:
	Description: Native shard-aware transport port (ssl)
	GroupId: !Ref ScyllaInterNodeSecurityGroup
	IpProtocol: tcp
	FromPort: 19142
	ToPort: 19142
	SourceSecurityGroupId: !Ref ScyllaInterNodeSecurityGroup
	ScyllaDBSeedInstance:
	Type: AWS::EC2::Instance
	CreationPolicy:
	ResourceSignal:
	Count: 1
	Timeout: PT10M
	Properties:
	EbsOptimized: true
	ImageId: !Ref ImageId
	InstanceType: !Ref InstanceType
	InstanceInitiatedShutdownBehavior: terminate
	Monitoring: true
	NetworkInterfaces:
	- AssociatePublicIpAddress: true
	DeviceIndex: 0
	SubnetId: !Select [ 0, !Ref Subnets ]
	GroupSet:
	- !Ref ScyllaInterNodeSecurityGroup
	UserData:
	Fn::Base64:
	Fn::Sub: \|
	#cloud-config
	runcmd:
	- bash /opt/scylla_setup/setup-seed-node.sh
	- /usr/local/bin/cfn-signal -e $? --stack ${AWS::StackName} --resource ScyllaDBSeedInstance --region ${AWS::Region}
	ScyllaDBAutoscalingGroup:
	DependsOn: ScyllaDBSeedInstance
	Type: AWS::AutoScaling::AutoScalingGroup
	CreationPolicy:
	ResourceSignal:
	Count: 1
	Timeout: PT10M
	UpdatePolicy:
	AutoScalingReplacingUpdate:
	WillReplace: true
	Properties:
	Tags:
	- Key: Type
	Value: scylladb
	PropagateAtLaunch: true
	TerminationPolicies:
	- OldestLaunchConfiguration
	- OldestInstance
	- Default
	VPCZoneIdentifier: !Ref Subnets
	MixedInstancesPolicy:
	InstancesDistribution:
	OnDemandBaseCapacity: 0
	OnDemandPercentageAboveBaseCapacity: 100
	LaunchTemplate:
	LaunchTemplateSpecification:
	LaunchTemplateId: !Ref ScyllaInstanceLaunchTemplate
	Version: !GetAtt ScyllaInstanceLaunchTemplate.LatestVersionNumber
	Overrides:
	- InstanceType: !Ref InstanceType
	MinSize: 1
	MaxSize: 1
	DesiredCapacity: 1
	ScyllaInstanceLaunchTemplate:
	DependsOn: ScyllaDBSeedInstance
	Type: AWS::EC2::LaunchTemplate
	Properties:
	LaunchTemplateData:
	EbsOptimized: true
	ImageId: !Ref ImageId
	InstanceInitiatedShutdownBehavior: terminate
	Monitoring:
	Enabled: true
	NetworkInterfaces:
	- AssociatePublicIpAddress: true
	DeviceIndex: 0
	Groups:
	- !Ref ScyllaInterNodeSecurityGroup
	UserData:
	Fn::Base64:
	Fn::Sub: \|
	#cloud-config
	runcmd:
	- bash /opt/scylla_setup/setup-not-seed-node.sh ${ScyllaDBSeedInstance.PrivateIp}
	- /usr/local/bin/cfn-signal -e $? --stack ${AWS::StackName} --resource ScyllaDBAutoscalingGroup --region ${AWS::Region}