Created
May 13, 2021 15:14
-
-
Save sophea/9e07a184cb6042800c7e1ffc73a8ba31 to your computer and use it in GitHub Desktop.
CDK FargateService with existing VPC java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package com.amazonaws.cdk.examples; | |
| import com.google.gson.Gson; | |
| import com.google.gson.GsonBuilder; | |
| import software.amazon.awscdk.core.Construct; | |
| import software.amazon.awscdk.core.Stack; | |
| import software.amazon.awscdk.core.StackProps; | |
| import software.amazon.awscdk.services.ec2.*; | |
| import software.amazon.awscdk.services.ecr.IRepository; | |
| import software.amazon.awscdk.services.ecr.Repository; | |
| import software.amazon.awscdk.services.ecs.*; | |
| import software.amazon.awscdk.services.elasticloadbalancingv2.*; | |
| import java.util.Arrays; | |
| public class ECSFargateLBWithVPCStack extends Stack { | |
| private static final Gson gson = new GsonBuilder().setPrettyPrinting().create(); | |
| public ECSFargateLBWithVPCStack(final Construct parent, final String id) { | |
| this(parent, id, null); | |
| } | |
| public ECSFargateLBWithVPCStack(final Construct parent, final String id, final StackProps props) { | |
| super(parent, id, props); | |
| /**import existing vpc by vpcId**/ | |
| VpcAttributes attr = VpcAttributes.builder() | |
| .vpcId("vpc-02bccc6be21c765ee") | |
| .availabilityZones(Arrays.asList("ap-southeast-1a", "ap-southeast-1b")) | |
| .vpcCidrBlock("10.100.0.0/16") | |
| .build(); | |
| IVpc vpc = Vpc.fromVpcAttributes(this, "vpc-02bccc6be21c765ee", attr); | |
| // ECR repository | |
| IRepository repository = Repository.fromRepositoryName(this, "repo", "demo"); | |
| // ECS cluster/resources | |
| Cluster cluster = new Cluster(this, "app-cluster", ClusterProps.builder() | |
| .vpc(vpc) | |
| .build()); | |
| ISubnet subnet1 = Subnet.fromSubnetAttributes(this, "subnet1", SubnetAttributes.builder() | |
| .subnetId("subnet-0f076b8c96770bcc5") | |
| .build()); | |
| ISubnet subnet2 = Subnet.fromSubnetAttributes(this, "subnet2", SubnetAttributes.builder() | |
| .subnetId("subnet-02e3d2585621eac69") | |
| .build()); | |
| SubnetSelection subnetSelection = SubnetSelection.builder() | |
| .subnets(Arrays.asList(subnet1, subnet2)) | |
| .build(); | |
| //SG | |
| SecurityGroup sg = SecurityGroup.Builder.create(this, "fargateSG") | |
| .vpc(vpc) | |
| .allowAllOutbound(true) | |
| .description("Fargate app SG") | |
| .build(); | |
| //TaskDefinition | |
| TaskDefinition taskDefinition = TaskDefinition.Builder.create(this, "taskDefinition") | |
| .memoryMiB("1024") | |
| .cpu("512") | |
| .compatibility(Compatibility.FARGATE) | |
| .build(); | |
| taskDefinition.addContainer("container", ContainerDefinitionOptions.builder() | |
| .image(ContainerImage.fromEcrRepository(repository, "1.0.1-SNAPSHOT")) | |
| .portMappings(Arrays.asList(PortMapping.builder() | |
| .containerPort(8080) | |
| .build())) | |
| .build()); | |
| //Fargate Service | |
| FargateService fargateService = FargateService.Builder.create(this, "fargateService") | |
| .cluster(cluster) | |
| .taskDefinition(taskDefinition) | |
| .assignPublicIp(true) | |
| .desiredCount(1) | |
| .vpcSubnets(subnetSelection) | |
| .securityGroups(Arrays.asList(sg)) | |
| .build(); | |
| ISubnet lbSubnet1 = Subnet.fromSubnetAttributes(this, "lbSubnet1", SubnetAttributes.builder().subnetId("subnet-0c529801dab056f64").build()); | |
| ISubnet lbSubnet2 = Subnet.fromSubnetAttributes(this, "lbSubnet2", SubnetAttributes.builder().subnetId("subnet-091d1f99aaca72ece").build()); | |
| SubnetSelection subnetSelection1 = SubnetSelection.builder() | |
| .subnets(Arrays.asList(lbSubnet1, lbSubnet2)) | |
| .availabilityZones(vpc.getAvailabilityZones()) | |
| .build(); | |
| /***Application LoadBalance*/ | |
| ApplicationLoadBalancer alb = ApplicationLoadBalancer.Builder.create(this, "fargetLB") | |
| .vpc(vpc) | |
| .vpcSubnets(subnetSelection1) | |
| .internetFacing(true) | |
| .build(); | |
| final ApplicationListener listener = alb.addListener("listener", BaseApplicationListenerProps.builder() | |
| .port(80) | |
| .build()); | |
| ApplicationTargetGroup applicationTargetGroup = ApplicationTargetGroup.Builder.create(this, " atg") | |
| .vpc(vpc) | |
| .port(80) | |
| .targetType(TargetType.IP) | |
| .build(); | |
| listener.addTargetGroups("target", AddApplicationTargetGroupsProps.builder() | |
| .targetGroups(Arrays.asList(applicationTargetGroup)) | |
| .build()); | |
| //LB Security Group | |
| SecurityGroup sgLb = SecurityGroup.Builder.create(this, "lbSG") | |
| .vpc(vpc) | |
| .allowAllOutbound(true) | |
| .description("LB Fargate app SG") | |
| .build(); | |
| sgLb.addIngressRule(Peer.anyIpv4(), Port.tcp(80), "Allow http inbound from anywhere"); | |
| alb.addSecurityGroup(sgLb); | |
| //add sglb security group into fargate sg | |
| sg.addIngressRule(sgLb, Port.tcp(8080), "Allow http inbound from SG -" + sgLb.getSecurityGroupName()); | |
| //attacth target group into fargate | |
| fargateService.attachToApplicationTargetGroup(applicationTargetGroup); | |
| // CfnOutput.Builder.create(this, "out").value(applicationLoadBalancedFargateService.getLoadBalancer().getLoadBalancerDnsName()); | |
| // CfnOutput.Builder.create(this, "out").value(alb.getLoadBalancerDnsName()); | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment