Created
January 20, 2020 14:08
-
-
Save ignitz/e06c8246a5583467607fa6d2367ecc37 to your computer and use it in GitHub Desktop.
Example of CloudFormation to deploy a nginx and Jupyter instances
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| AWSTemplateFormatVersion: '2010-09-09' | |
| Description: Deploys a simple instance with UserData that I'm RICA. | |
| Parameters: | |
| KeyName: | |
| Description: Name of an existing EC2 KeyPair to enable SSH access to the instance | |
| Type: AWS::EC2::KeyPair::KeyName | |
| ConstraintDescription: must be the name of an existing EC2 KeyPair. | |
| InstanceType: | |
| Description: EC2 instance type | |
| Type: String | |
| Default: t2.large | |
| AllowedValues: | |
| - t2.micro | |
| - t2.large | |
| - t2.xlarge | |
| - t3.micro | |
| - t3.large | |
| - t3.xlarge | |
| Description: Enter instance type of EC2. Default is t2.large. | |
| AMI: | |
| Description: AMI (Default is Amazon Linux x86) | |
| Type: String | |
| # Default: ami-f4cc1de2 # Ubuntu | |
| Default: ami-0b69ea66ff7391e80 # Amazon Linux | |
| Location: | |
| Description: The IP address range. | |
| Type: String | |
| MinLength: '9' | |
| MaxLength: '18' | |
| Default: '0.0.0.0/0' | |
| AllowedPattern: (\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})/(\d{1,2}) | |
| ConstraintDescription: must be a valid IP CIDR range of the form x.x.x.x/x. | |
| useVPC: | |
| Type: AWS::EC2::VPC::Id | |
| Description: "VPC to deploy the cluster into." | |
| Default: vpc-275ad05d | |
| useSubnet: | |
| Type: AWS::EC2::Subnet::Id | |
| Description: "Subnet to deploy the cluster into. Must be in the selected VPC." | |
| environment: | |
| Type: String | |
| Description: "Select the type of environment to put in AWS's tag" | |
| Default: dev | |
| AllowedValues: | |
| - dev | |
| - staging | |
| - prod | |
| teamTag: | |
| Type: String | |
| Description: "Select the team to put in AWS's tag" | |
| Default: data | |
| AllowedValues: | |
| - data | |
| - marketing | |
| - dev | |
| Resources: | |
| MyInstance: | |
| Type: AWS::EC2::Instance | |
| Properties: | |
| InstanceType: !Ref 'InstanceType' | |
| SecurityGroupIds: | |
| - !Ref 'InstanceSecurityGroup' | |
| KeyName: !Ref 'KeyName' | |
| ImageId: !Ref 'AMI' | |
| SubnetId: !Ref 'useSubnet' | |
| Tags: | |
| - Key: Name | |
| Value: Yuri Niitsuma's instance | |
| - Key: env | |
| Value: !Ref environment | |
| - Key: team | |
| Value: !Ref teamTag | |
| BlockDeviceMappings: | |
| - DeviceName: /dev/xvda | |
| Ebs: | |
| VolumeSize: 40 | |
| DeleteOnTermination: true | |
| VolumeType: gp2 | |
| UserData: | |
| Fn::Base64: !Sub | |
| - | | |
| #!/bin/bash | |
| # Get own IP of Ec2 instance | |
| SELFIP=$(curl http://169.254.169.254/latest/meta-data/local-ipv4) | |
| # Send logs of User data to console in CloudWatch | |
| exec > >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1 | |
| # Add hostname to hosts | |
| echo -e "\n$SELFIP ${HOSTNAME}\n" >> /etc/hosts | |
| hostnamectl set-hostname ${HOSTNAME} | |
| # Update | |
| yum update -y | |
| # Install Jupyter infra | |
| su - ec2-user -c "(cd /home/ec2-user/ && curl -o Anaconda.sh ${ANACONDA} && chmod +x Anaconda.sh)" | |
| su - ec2-user -c "(cd /home/ec2-user/ && mkdir -p notebooks/ && bash Anaconda.sh -b -p /home/ec2-user/anaconda && rm Anaconda.sh)" | |
| # Add SystemD auto init Jupyter notebook | |
| echo "[Unit]" > ${SYSTEMDJUPYTERFILE} | |
| echo "Description=Jupyter" >> ${SYSTEMDJUPYTERFILE} | |
| echo "" >> ${SYSTEMDJUPYTERFILE} | |
| echo "Wants=network-online.target" >> ${SYSTEMDJUPYTERFILE} | |
| echo "After=network-online.target" >> ${SYSTEMDJUPYTERFILE} | |
| echo "" >> ${SYSTEMDJUPYTERFILE} | |
| echo "[Service]" >> ${SYSTEMDJUPYTERFILE} | |
| echo "User=ec2-user" >> ${SYSTEMDJUPYTERFILE} | |
| echo "Group=ec2-user" >> ${SYSTEMDJUPYTERFILE} | |
| echo "ExecStart=/home/ec2-user/autostart/jupyter.sh" >> ${SYSTEMDJUPYTERFILE} | |
| echo "" >> ${SYSTEMDJUPYTERFILE} | |
| echo "[Install]" >> ${SYSTEMDJUPYTERFILE} | |
| echo "WantedBy=default.target" >> ${SYSTEMDJUPYTERFILE} | |
| # End SystemD | |
| chmod +x ${SYSTEMDJUPYTERFILE} | |
| # Add Script to run Jupyter | |
| mkdir -p /home/ec2-user/autostart/ | |
| echo "#!/bin/bash" > /home/ec2-user/autostart/jupyter.sh | |
| echo "HOME=/home/ec2-user" >> /home/ec2-user/autostart/jupyter.sh | |
| echo "source \$HOME/anaconda/bin/activate" >> /home/ec2-user/autostart/jupyter.sh | |
| # echo "jupyter notebook --NotebookApp.token='' --NotebookApp.ip='*' --NotebookApp.base_url=/jupyter --NotebookApp.notebook_dir=\$HOME/notebooks" >> /home/ec2-user/autostart/jupyter.sh | |
| echo "jupyter notebook --NotebookApp.ip='*' --NotebookApp.notebook_dir=\$HOME/notebooks" >> /home/ec2-user/autostart/jupyter.sh | |
| # Add permissions | |
| chmod +x /home/ec2-user/autostart/jupyter.sh | |
| chown ec2-user:ec2-user -R /home/ec2-user/autostart/ | |
| # Create Execute Notebook example | |
| echo "#!/bin/bash" > /home/ec2-user/run.sh | |
| echo "HOME=/home/ec2-user" >> /home/ec2-user/run.sh | |
| echo "source \$HOME/anaconda/bin/activate" >> /home/ec2-user/run.sh | |
| echo "mkdir -p /home/ec2-user/notebooks/outputs/" >> /home/ec2-user/run.sh | |
| echo "jupyter nbconvert --execute --to notebook --output \"/home/ec2-user/notebooks/outputs/\$(date '+%Y%m%d%H%M')_\$1\" \"/home/ec2-user/notebooks/\$1\"" >> /home/ec2-user/run.sh | |
| echo "echo \"\$1 executado\"" >> /home/ec2-user/run.sh | |
| echo "exit 0" >> /home/ec2-user/run.sh | |
| chmod +x /home/ec2-user/run.sh | |
| chown ec2-user:ec2-user /home/ec2-user/run.sh | |
| # End script example | |
| # Add more heap memory | |
| echo "vm.max_map_count=262144" >> /etc/sysctl.conf | |
| # Install tools | |
| # Oh my zsh | |
| yum install zsh git htop tmux util-linux-user -y | |
| sh -c "$(curl -fsSL https://raw.githubusercontent.com/robbyrussell/oh-my-zsh/master/tools/install.sh)" | |
| chsh -s $(which zsh) ec2-user | |
| # Install All dependences | |
| su - ec2-user -c "(cd /home/ec2-user/ && source /home/ec2-user/anaconda/bin/activate base) && conda install -c anaconda psycopg2 - y && pip install jupyterthemes -y && jt -t chesterish" | |
| # Enable SystemD | |
| systemctl start jupyter | |
| systemctl enable jupyter | |
| # Docker | |
| amazon-linux-extras install docker -y | |
| systemctl start docker | |
| systemctl enable docker | |
| # Docker Compose | |
| curl -L "https://github.com/docker/compose/releases/download/1.24.1/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose | |
| chmod +x /usr/local/bin/docker-compose | |
| ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose | |
| # Add ec2-user to Docker`s group | |
| usermod -a -G docker ec2-user | |
| # Add Portainer to monitoring docker | |
| docker volume create portainer_data | |
| docker run -d -p 8000:8000 -p 9000:9000 --restart always --name portainer -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer | |
| echo "UserData config done." | |
| reboot | |
| - ANACONDA: https://repo.anaconda.com/archive/Anaconda3-2019.07-Linux-x86_64.sh | |
| SYSTEMDJUPYTERFILE: /etc/systemd/system/jupyter.service | |
| HOSTNAME: "simba" | |
| InstanceSecurityGroup: | |
| Type: AWS::EC2::SecurityGroup | |
| Properties: | |
| GroupDescription: Group for EC2 instance | |
| SecurityGroupIngress: | |
| - IpProtocol: tcp | |
| ToPort: '80' | |
| FromPort: '80' | |
| CidrIp: '0.0.0.0/0' | |
| - IpProtocol: tcp | |
| ToPort: '9000' | |
| FromPort: '9000' | |
| CidrIp: '0.0.0.0/0' | |
| - IpProtocol: tcp | |
| ToPort: '22' | |
| FromPort: '22' | |
| CidrIp: !Ref 'Location' | |
| VpcId: !Ref 'useVPC' | |
| Type: AWS::EC2::SecurityGroup | |
| Metadata: | |
| AWS::CloudFormation::Interface: | |
| ParameterGroups: | |
| - | |
| Label: | |
| default: "Rede" | |
| Parameters: | |
| - useVPC | |
| - useSubnet | |
| - Location | |
| - | |
| Label: | |
| default: "My EC2" | |
| Parameters: | |
| - InstanceType | |
| - AMI | |
| - KeyName | |
| - | |
| Label: | |
| default: "Tags" | |
| Parameters: | |
| - environment | |
| - teamTag | |
| ParameterLabels: | |
| loginUsername: | |
| default: "Username" | |
| loginPassword: | |
| default: "Password" | |
| KeyName: | |
| default: "Chave de acesso para acessos as instancias EC2." | |
| Outputs: {} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment