Skip to content

Instantly share code, notes, and snippets.

@xsqian

xsqian/deploy_airpal_env.json

Created April 3, 2018 00:39
Show Gist options
  • Save xsqian/c2b025df93373d8094167b1465c33f43 to your computer and use it in GitHub Desktop.
Save xsqian/c2b025df93373d8094167b1465c33f43 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
deploy_airpal_env.json
{
"AWSTemplateFormatVersion": "2010-09-09",
"Parameters": {
"PrestoCoordinatorURL": {
"Description": "URL of the Presto Server. example: http://ec2-xx-xx-xx-xx.compute-1.amazonaws.com:8889",
"Type": "String"
},
"AirpalPort": {
"Description": "Airpal Port",
"Type": "String",
"Default": "8193"
},
"AirpalAdminPort": {
"Description": "Airpal Admin Port",
"Type": "String",
"Default": "8082"
},
"MyInstanceType": {
"Description": "Amazon EC2 instance type.",
"Type": "String",
"Default": "t2.small",
"ConstraintDescription": "Must be a valid Amazon EC2 instance type."
},
"MyKeyPairName": {
"Description": "Name of an existing Amazon EC2 key pair to enable SSH access to the instances.",
"Type": "AWS::EC2::KeyPair::KeyName"
},
"S3BootstrapBucket": {
"Description": "S3 Bucket bootstrap artifact is stored",
"Type": "String",
"Default": "emr.presto.airpal"
},
"InstallAirpal": {
"Description": "Bootstrap artifact to execute",
"Type": "String",
"Default": "scripts/install_airpal.sh"
},
"StartAirpal": {
"Description": "Script to start Airpal",
"Type": "String",
"Default": "scripts/start_airpal.sh"
},
"SSHCidrWhiteList": {
"Description": "The IP address range that can be used to connect using SSH or RDP to the Amazon EC2 instances.",
"Type": "String",
"MinLength": "9",
"MaxLength": "18",
"Default": "0.0.0.0/0",
"AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})",
"ConstraintDescription": "Must be a valid IP CIDR range of the form x.x.x.x/x."
},
"VpcIpBlock": {
"Description": "Cidr for the entire VPC",
"Type": "String",
"Default": "173.25.0.0/16"
},
"PublicSubnetIpBlocks": {
"Description": "CSV of Cidrs for Public Subnets",
"Type": "String",
"Default": "173.25.96.0/20"
}
},
"Mappings": {
"AWSNatAmisByRegion": {
"us-east-1": { "AMI": "ami-0d4cfd66" },
"us-west-1": { "AMI": "ami-87ea13c3" },
"us-west-2": { "AMI": "ami-d5c5d1e5" },
"eu-west-1": { "AMI": "ami-e4d18e93" },
"eu-central-1": { "AMI": "ami-a6b0b7bb" },
"ap-southeast-1": { "AMI": "ami-d44b4286" },
"ap-southeast-2": { "AMI": "ami-db7b39e1" },
"ap-northeast-1": { "AMI": "ami-1c1b9f1c" },
"sa-east-1": { "AMI": "ami-55098148" }
}
},
"Resources": {
"MyVPC": {
"Type": "AWS::EC2::VPC",
"Properties": {
"CidrBlock": { "Ref": "VpcIpBlock" },
"InstanceTenancy": "default",
"EnableDnsSupport": "true",
"EnableDnsHostnames": "true"
}
},
"MySubnet": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"CidrBlock": { "Ref": "PublicSubnetIpBlocks"},
"AvailabilityZone": {
"Fn::Select": [ 1, { "Fn::GetAZs" : "" } ]
},
"VpcId": {
"Ref": "MyVPC"
}
}
},
"MyIGW": {
"Type": "AWS::EC2::InternetGateway",
"Properties": {
}
},
"MyDHCPOption": {
"Type": "AWS::EC2::DHCPOptions",
"Properties": {
"DomainName": "ec2.internal",
"DomainNameServers": [
"AmazonProvidedDNS"
]
}
},
"MyNACL": {
"Type": "AWS::EC2::NetworkAcl",
"Properties": {
"VpcId": {
"Ref": "MyVPC"
}
}
},
"MyRouteTable": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
"VpcId": {
"Ref": "MyVPC"
}
}
},
"MyRouteTableAssociation": {
"Type": "AWS::EC2::SubnetRouteTableAssociation",
"Properties": {
"SubnetId": { "Ref": "MySubnet"
},
"RouteTableId": { "Ref": "MyRouteTable"
}
}
},
"AirpalServer": {
"Type": "AWS::EC2::Instance",
"DependsOn" : "gw1",
"Properties": {
"DisableApiTermination": "false",
"InstanceInitiatedShutdownBehavior": "stop",
"ImageId": { "Fn::FindInMap" : [ "AWSNatAmisByRegion", { "Ref" : "AWS::Region" }, "AMI" ]},
"InstanceType": { "Ref": "MyInstanceType" },
"KeyName": { "Ref": "MyKeyPairName" },
"Monitoring": "false",
"IamInstanceProfile": { "Ref": "MyRoleInstanceProfile" },
"Tags": [
{
"Key": "Name",
"Value": "Airpal-Server"
}
],
"UserData": {
"Fn::Base64": {
"Fn::Join": [
"",
[
"#!/bin/bash -ex\n",
"aws s3 cp s3://",
{ "Ref": "S3BootstrapBucket" }, "/", { "Ref": "InstallAirpal" }, " /tmp/", { "Ref": "InstallAirpal" }, " --region us-east-1\n",
"aws s3 cp s3://",
{ "Ref": "S3BootstrapBucket" }, "/", { "Ref": "StartAirpal" }, " /tmp/", { "Ref": "StartAirpal" }, " --region us-east-1\n",
"cd /tmp\n",
"chmod +x ", { "Ref": "InstallAirpal" }, "\n",
"chmod +x ", { "Ref": "StartAirpal" }, "\n",
"./", { "Ref": "InstallAirpal" }, "\n",
"sed -i ", "\"s|http://presto-coordinator-url.com|", { "Ref": "PrestoCoordinatorURL" }, "|g\" ", "/home/ec2-user/airpal-master/reference.yml\n",
"sed -i ", "\"s|8081|", { "Ref": "AirpalPort" }, "|g\" ", "/home/ec2-user/airpal-master/reference.yml\n",
"sed -i ", "\"s|8082|", { "Ref": "AirpalAdminPort" }, "|g\" ", "/home/ec2-user/airpal-master/reference.yml\n",
"/tmp/", { "Ref": "StartAirpal" }, "\n"
]
]
}
},
"NetworkInterfaces": [
{
"AssociatePublicIpAddress" : "true",
"DeleteOnTermination": "true",
"DeviceIndex": 0,
"SubnetId": {
"Ref": "MySubnet"
},
"GroupSet": [
{
"Ref": "MySG"
}
]
}
]
}
},
"MySG": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"GroupDescription": "launch-wizard-1 created 2015-08-04T16:57:14.003-04:00",
"VpcId": {
"Ref": "MyVPC"
}
}
},
"acl1": {
"Type": "AWS::EC2::NetworkAclEntry",
"Properties": {
"CidrBlock": "0.0.0.0/0",
"Egress": "true",
"Protocol": "-1",
"RuleAction": "allow",
"RuleNumber": "100",
"NetworkAclId": {
"Ref": "MyNACL"
}
}
},
"acl2": {
"Type": "AWS::EC2::NetworkAclEntry",
"Properties": {
"CidrBlock": "0.0.0.0/0",
"Protocol": "-1",
"RuleAction": "allow",
"RuleNumber": "100",
"NetworkAclId": {
"Ref": "MyNACL"
}
}
},
"SubnetACL": {
"Type": "AWS::EC2::SubnetNetworkAclAssociation",
"Properties": {
"NetworkAclId": {
"Ref": "MyNACL"
},
"SubnetId": {
"Ref": "MySubnet"
}
}
},
"gw1": {
"Type": "AWS::EC2::VPCGatewayAttachment",
"Properties": {
"VpcId": {
"Ref": "MyVPC"
},
"InternetGatewayId": {
"Ref": "MyIGW"
}
}
},
"route1": {
"Type": "AWS::EC2::Route",
"Properties": {
"DestinationCidrBlock": "0.0.0.0/0",
"RouteTableId": {
"Ref": "MyRouteTable"
},
"GatewayId": {
"Ref": "MyIGW"
}
},
"DependsOn": "gw1"
},
"dchpassoc1": {
"Type": "AWS::EC2::VPCDHCPOptionsAssociation",
"Properties": {
"VpcId": {
"Ref": "MyVPC"
},
"DhcpOptionsId": {
"Ref": "MyDHCPOption"
}
}
},
"ingress1": {
"Type": "AWS::EC2::SecurityGroupIngress",
"Properties": {
"GroupId": {
"Ref": "MySG"
},
"IpProtocol": "tcp",
"FromPort": "443",
"ToPort": "443",
"CidrIp": "0.0.0.0/0"
}
},
"ingress2": {
"Type": "AWS::EC2::SecurityGroupIngress",
"Properties": {
"GroupId": {
"Ref": "MySG"
},
"IpProtocol": "tcp",
"FromPort": "80",
"ToPort": "80",
"CidrIp": "0.0.0.0/0"
}
},
"ingress3": {
"Type": "AWS::EC2::SecurityGroupIngress",
"Properties": {
"GroupId": {
"Ref": "MySG"
},
"IpProtocol": "tcp",
"FromPort": "22",
"ToPort": "22",
"CidrIp": "0.0.0.0/0"
}
},
"ingress4": {
"Type": "AWS::EC2::SecurityGroupIngress",
"Properties": {
"GroupId": {
"Ref": "MySG"
},
"IpProtocol": "tcp",
"FromPort": "0",
"ToPort": "65535",
"CidrIp": "0.0.0.0/0"
}
},
"egress1": {
"Type": "AWS::EC2::SecurityGroupEgress",
"Properties": {
"GroupId": {
"Ref": "MySG"
},
"IpProtocol": "-1",
"CidrIp": "0.0.0.0/0"
}
},
"MyRole": {
"Type": "AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": [
"ec2.amazonaws.com"
]
},
"Action": [
"sts:AssumeRole"
]
}
]
},
"Path": "/"
}
},
"MyRolePolicy": {
"Type": "AWS::IAM::Policy",
"Properties": {
"PolicyName": "MyRole",
"PolicyDocument": {
"Statement": [
{
"Effect": "Allow",
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents",
"logs:DescribeLogStreams"
],
"Resource": [
"arn:aws:logs:*:*:*"
]
},
{
"Effect": "Allow",
"Action": [
"s3:Get*",
"s3:List*"
],
"Resource": [
{ "Fn::Join" : ["", [ "arn:aws:s3:::", { "Ref" : "S3BootstrapBucket" }, "/", { "Ref" : "InstallAirpal" }]]},
{ "Fn::Join" : ["", [ "arn:aws:s3:::", { "Ref" : "S3BootstrapBucket" }, "/", { "Ref" : "StartAirpal" }]]}
]
}
]
},
"Roles": [
{ "Ref": "MyRole" }
]
}
},
"MyRoleInstanceProfile": {
"Type": "AWS::IAM::InstanceProfile",
"Properties": {
"Path": "/",
"Roles": [
{ "Ref": "MyRole" }
]
}
}
},
"Description": "Airpal-test-v1"
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment