| AWSTemplateFormatVersion: '2010-09-09' |
| Description: A stack for deploying containerized applications onto a cluster of EC2 |
| hosts using Elastic Container Service. This stack runs containers on |
| hosts that are in a public VPC subnet. |
| Parameters: |
| TemplateBucketName: |
| Description: S3 bucket containing cloudformation templates |
| Type: String |
| ECSAMI: |
| Description: AMI ID |
| Type: AWS::SSM::Parameter::Value<AWS::EC2::Image::Id> |
| Default: /aws/service/ecs/optimized-ami/amazon-linux-2/recommended/image_id |
| InstanceType: |
| Description: EC2 instance type |
| Type: String |
| Default: m4.2xlarge |
| AllowedValues: [t2.micro, t2.small, t2.medium, t2.large, m3.medium, m3.large, |
| m3.xlarge, m3.2xlarge, m4.large, m4.xlarge, m4.2xlarge, m4.4xlarge, m4.10xlarge, |
| c4.large, c4.xlarge, c4.2xlarge, c4.4xlarge, c4.8xlarge, c3.large, c3.xlarge, |
| c3.2xlarge, c3.4xlarge, c3.8xlarge, r3.large, r3.xlarge, r3.2xlarge, r3.4xlarge, |
| r3.8xlarge, i2.xlarge, i2.2xlarge, i2.4xlarge, i2.8xlarge] |
| ConstraintDescription: Please choose a valid instance type. |
| InternetGatewayIdProp: |
| Type: String |
| Default: "" |
| Description: Internet Gateway id. If empty Internet Gateway will be created |
| VPCIdProp: |
| Type: String |
| Default: "" |
| Description: VPC id. If empty VPC will be created |
| Subnet1IdProp: |
| Type: String |
| Default: "" |
| Description: Subnet 1 id. If empty Network Stack will be created |
| Subnet1AZProp: |
| Type: String |
| Default: "" |
| Description: The Availability Zone of subnet1 |
| Subnet1CIDR: |
| Type: String |
| Default: 10.0.0.0/24 |
| Description: Subnet 1 CIDR. |
| Subnet2IdProp: |
| Type: String |
| Default: "" |
| Description: Subnet id 2. If empty Network Stack will be created |
| Subnet2CIDR: |
| Type: String |
| Default: 10.0.32.0/24 |
| Description: Subnet 2 CIDR. |
| Subnet2AZProp: |
| Type: String |
| Default: "" |
| Description: The Availability Zone of subnet2 |
| VPCCIDR: |
| Type: String |
| Default: 10.0.0.0/16 |
| Description: VPC CIDR. |
| ECSKeyName: |
| Type: String |
| Default: gerrit-cluster-keys |
| Description: EC2 key pair name the cluter's instances |
| EnvironmentName: |
| Description: An environment name used to build the log stream names |
| Type: String |
| Default: test |
| PrimaryFileSystemThroughputMode: |
| Description: Gerrit primary shared filesystem throughput mode |
| Type: String |
| Default: bursting |
| AllowedValues: [bursting, provisioned] |
| PrimaryFileSystemID: |
| Description: Gerrit primary shared filesystem id |
| Type: String |
| Default: "" |
| PrimaryProvisionedThroughputInMibps: |
| Description: Gerrit primary filesystem throughput, measured in MiB/s. Valid values are 1-1024. |
| Type: Number |
| Default: 256 |
| PrimaryMaxCount: |
| Description: The maximum number of EC2 instances in the primary autoscaling group |
| ConstraintDescription: number of primary instances in the primary autoscaling group. Must be at least 2 |
| Type: Number |
| Default: 2 |
| MinValue: 2 |
| GerritVolumeSnapshotId: |
| Description: Id of the EBS snapshot for Gerrit volume |
| Type: String |
| Default: "" |
| GerritVolumeAttachMaxRetries: |
| Description: Maximum number of retries when attaching Gerrit Volume |
| Type: Number |
| Default: 5 |
| GerritVolumeAttachRetryDelay: |
| Description: The delay in seconds between Gerrit Volume attach attempts |
| Type: Number |
| Default: 5 |
| GerritVolumeSizeInGiB: |
| Description: Gerrit volume size in GiB |
| Type: Number |
| Default: 10 |
| ReplicaFileSystemID: |
| Description: Gerrit replicas shared filesystem id |
| Type: String |
| Default: "" |
| ReplicaFileSystemThroughputMode: |
| Description: Gerrit replicas shared filesystem throughput mode |
| Type: String |
| Default: bursting |
| AllowedValues: [bursting, provisioned] |
| ReplicaProvisionedThroughputInMibps: |
| Description: Gerrit replicas shared filesystem throughput, measured in MiB/s. Valid values are 1-1024. |
| Type: Number |
| Default: 256 |
| ReplicaAutoScalingMinCapacity: |
| Type: Number |
| Description: The minimum number of tasks that replicas should scale in to |
| Default: 1 |
| ReplicaAutoScalingDesiredCapacity: |
| Description: The desired number of replica tasks to run |
| Type: Number |
| Default: 1 |
| ReplicaAutoScalingMaxCapacity: |
| Type: Number |
| Description: The maximum number of tasks that replicas should scale out to |
| Default: 2 |
| ReplicaCapacityProviderTarget: |
| Type: Number |
| Description: The target capacity value for the capacity provider of replicas |
| ConstraintDescription: The specified value must be > 0 and <= 100 |
| Default: 100 |
| MinValue: 1 |
| MaxValue: 100 |
| ReplicaCapacityProviderMinStepSize: |
| Type: Number |
| Description: The minimum number of EC2 instances for replicas that will scale in or scale out at one time |
| ConstraintDescription: The specified value must be >= 1 and <= 10 |
| Default: 1 |
| MinValue: 1 |
| MaxValue: 10 |
| ReplicaCapacityProviderMaxStepSize: |
| Type: Number |
| Description: The maximum number of EC2 instances for replicas that will scale in or scale out at one time |
| ConstraintDescription: The specified value must be >= 1 and less <= 10 |
| Default: 1 |
| MinValue: 1 |
| MaxValue: 10 |
| PrimariesGerritLoadBalancerScheme: |
| Description: The schema of the load balancer serving requests to primary gerrit instances |
| Type: String |
| Default: internet-facing |
| AllowedValues: [internal, internet-facing] |
| PrimariesGerritCertificateArn: |
| Description: SSL Certificates ARN for the load balancer serving requests to the primary gerrit instances |
| Type: String |
| DynamoDBLocksTableName: |
| Description: The name of the DynamoDB locks table |
| Type: String |
| Default: 'locksTable' |
| DynamoDBRefsTableName: |
| Description: The name of the DynamoDB refs table |
| Type: String |
| Default: 'refsDb' |
| CreateRefsDBTables: |
| Description: Whether to create DynamoDB tables for refs-db |
| Type: String |
| Default: false |
| AllowedValues: [true, false] |
| |
| Conditions: |
| ShouldCreateDynamoDBTables: !Equals [!Ref CreateRefsDBTables, "true"] |
| isProvisionedThroughput: !Equals [!Ref PrimaryFileSystemThroughputMode, "provisioned"] |
| CreatePrimaryEFS: !Equals [!Ref PrimaryFileSystemID, ""] |
| CreateReplicaEFS: !Equals [!Ref ReplicaFileSystemID, ""] |
| NetworkStackNeeded: !Or |
| - !Equals [!Ref VPCIdProp, ""] |
| - !And |
| - !Equals [!Ref InternetGatewayIdProp, ""] |
| - !Equals [!Ref Subnet1IdProp, ""] |
| - !Equals [!Ref Subnet2IdProp, ""] |
| |
| Mappings: |
| Gerrit: |
| Port: |
| HTTPS: 443 |
| HTTP: 8080 |
| SSH: 29418 |
| |
| Resources: |
| # ECS Resources |
| ECSCluster: |
| Type: AWS::ECS::Cluster |
| Properties: |
| ClusterName: !Sub '${AWS::StackName}-ECSCluster' |
| CapacityProviders: [ !Ref ReplicaCapacityProvider ] |
| |
| ReplicaCapacityProvider: |
| Type: AWS::ECS::CapacityProvider |
| Properties: |
| Name: !Sub '${AWS::StackName}-R' |
| AutoScalingGroupProvider: |
| AutoScalingGroupArn: !Ref ReplicaECSAutoScalingGroup |
| ManagedTerminationProtection: ENABLED |
| ManagedScaling: |
| MaximumScalingStepSize: !Ref ReplicaCapacityProviderMaxStepSize |
| MinimumScalingStepSize: !Ref ReplicaCapacityProviderMinStepSize |
| Status: ENABLED |
| TargetCapacity: !Ref ReplicaCapacityProviderTarget |
| |
| EcsHostSecurityGroup: |
| Type: AWS::EC2::SecurityGroup |
| Properties: |
| GroupDescription: Access to the ECS hosts that run containers |
| VpcId: !If [NetworkStackNeeded, !GetAtt ECSTaskNetworkStack.Outputs.VPCRef, !Ref VPCIdProp] |
| SecurityGroupIngress: |
| # Allow access to NLB from anywhere on the internet |
| - CidrIp: 0.0.0.0/0 |
| IpProtocol: -1 |
| |
| CloudWatchLogsGroup: |
| Type: AWS::Logs::LogGroup |
| Properties: |
| LogGroupName: !Ref AWS::StackName |
| RetentionInDays: 14 |
| |
| ReplicaECSAutoScalingGroup: |
| Type: AWS::AutoScaling::AutoScalingGroup |
| Properties: |
| VPCZoneIdentifier: |
| - !If [NetworkStackNeeded, !GetAtt ECSTaskNetworkStack.Outputs.PublicSubnetOneRef, !Ref Subnet1IdProp] |
| - !If [NetworkStackNeeded, !GetAtt ECSTaskNetworkStack.Outputs.PublicSubnetTwoRef, !Ref Subnet2IdProp] |
| LaunchConfigurationName: !Ref 'ReplicaLaunchConfiguration' |
| MinSize: !Ref ReplicaAutoScalingMinCapacity |
| MaxSize: !Ref ReplicaAutoScalingMaxCapacity |
| DesiredCapacity: !Ref ReplicaAutoScalingDesiredCapacity |
| NewInstancesProtectedFromScaleIn: true |
| CreationPolicy: |
| ResourceSignal: |
| Timeout: PT15M |
| UpdatePolicy: |
| AutoScalingReplacingUpdate: |
| WillReplace: 'true' |
| |
| ReplicaLaunchConfiguration: |
| Type: AWS::AutoScaling::LaunchConfiguration |
| Properties: |
| ImageId: !Ref 'ECSAMI' |
| SecurityGroups: [!Ref 'EcsHostSecurityGroup'] |
| InstanceType: !Ref 'InstanceType' |
| IamInstanceProfile: !Ref 'EC2InstanceProfile' |
| KeyName: !Ref ECSKeyName |
| UserData: |
| Fn::Base64: !Sub | |
| #!/bin/bash -xe |
| echo ECS_CLUSTER=${AWS::StackName}-ECSCluster >> /etc/ecs/ecs.config |
| echo ECS_INSTANCE_ATTRIBUTES={\"target_group\":\"replica\"} >> /etc/ecs/ecs.config |
| |
| # Make sure latest version of the helper scripts are installed as per recommendation: |
| # https://github.com/awsdocs/aws-cloudformation-user-guide/blob/master/doc_source/cfn-helper-scripts-reference.md#using-the-latest-version |
| yum install -y aws-cfn-bootstrap wget |
| |
| # Install the CloudWatch Logs agent |
| wget https://s3.amazonaws.com/amazoncloudwatch-agent/centos/amd64/latest/amazon-cloudwatch-agent.rpm |
| rpm -U ./amazon-cloudwatch-agent.rpm |
| /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a fetch-config -m ec2 -s |
| |
| /opt/aws/bin/cfn-signal -e $? --stack ${AWS::StackName} --resource ReplicaECSAutoScalingGroup --region ${AWS::Region} |
| |
| PrimariesHTTPGerritLoadBalancerSG: |
| Type: AWS::EC2::SecurityGroup |
| Properties: |
| VpcId: !If [NetworkStackNeeded, !GetAtt ECSTaskNetworkStack.Outputs.VPCRef, !Ref VPCIdProp] |
| GroupDescription: "Allow public HTTPS traffic to primaries gerrit" |
| GroupName: !Sub '${AWS::StackName}-Ps-H' |
| SecurityGroupIngress: |
| - IpProtocol: 'tcp' |
| FromPort: !FindInMap ['Gerrit', 'Port', 'HTTPS'] |
| ToPort: !FindInMap ['Gerrit', 'Port', 'HTTPS'] |
| CidrIp: '0.0.0.0/0' |
| Description: "HTTPS connections from everywhere (IPv4)" |
| - IpProtocol: 'tcp' |
| FromPort: !FindInMap ['Gerrit', 'Port', 'HTTPS'] |
| ToPort: !FindInMap ['Gerrit', 'Port', 'HTTPS'] |
| CidrIpv6: '::/0' |
| Description: "HTTPS connections from everywhere (IPv6)" |
| |
| PrimariesHTTPGerritLoadBalancer: |
| Type: AWS::ElasticLoadBalancingV2::LoadBalancer |
| Properties: |
| Name: !Sub '${AWS::StackName}-P-H' |
| Type: application |
| Scheme: !Ref PrimariesGerritLoadBalancerScheme |
| SecurityGroups: |
| - !Ref PrimariesHTTPGerritLoadBalancerSG |
| Subnets: |
| - !If [NetworkStackNeeded, !GetAtt ECSTaskNetworkStack.Outputs.PublicSubnetOneRef, !Ref Subnet1IdProp] |
| - !If [NetworkStackNeeded, !GetAtt ECSTaskNetworkStack.Outputs.PublicSubnetTwoRef, !Ref Subnet2IdProp] |
| |
| PrimariesSSHGerritLoadBalancer: |
| Type: AWS::ElasticLoadBalancingV2::LoadBalancer |
| Properties: |
| Type: network |
| Scheme: !Ref PrimariesGerritLoadBalancerScheme |
| Name: !Sub '${AWS::StackName}-Ps-S' |
| LoadBalancerAttributes: |
| - Key: 'load_balancing.cross_zone.enabled' |
| Value: true |
| Subnets: |
| - !If [NetworkStackNeeded, !GetAtt ECSTaskNetworkStack.Outputs.PublicSubnetOneRef, !Ref Subnet1IdProp] |
| - !If [NetworkStackNeeded, !GetAtt ECSTaskNetworkStack.Outputs.PublicSubnetTwoRef, !Ref Subnet2IdProp] |
| |
| PrimariesGerritHTTPTargetGroup: |
| Type: AWS::ElasticLoadBalancingV2::TargetGroup |
| DependsOn: PrimariesHTTPGerritLoadBalancer |
| Properties: |
| VpcId: !If [NetworkStackNeeded, !GetAtt ECSTaskNetworkStack.Outputs.VPCRef, !Ref VPCIdProp] |
| Port: !FindInMap ['Gerrit', 'Port', 'HTTP'] |
| Protocol: HTTP |
| HealthCheckPort: !FindInMap ['Gerrit', 'Port', 'HTTP'] |
| HealthCheckProtocol: HTTP |
| HealthCheckPath: '/config/server/healthcheck~status' |
| Name: !Sub '${AWS::StackName}-Ps-H' |
| TargetGroupAttributes: |
| - Key: 'stickiness.enabled' |
| Value: true |
| - Key: 'stickiness.type' |
| Value: 'lb_cookie' |
| |
| PrimariesGerritHTTPSListener: |
| Type: AWS::ElasticLoadBalancingV2::Listener |
| Properties: |
| Certificates: |
| - CertificateArn: !Ref PrimariesGerritCertificateArn |
| DefaultActions: |
| - Type: forward |
| TargetGroupArn: !Ref PrimariesGerritHTTPTargetGroup |
| LoadBalancerArn: !Ref PrimariesHTTPGerritLoadBalancer |
| Port: !FindInMap ['Gerrit', 'Port', 'HTTPS'] |
| Protocol: HTTPS |
| |
| PrimariesGerritSSHTargetGroup: |
| Type: AWS::ElasticLoadBalancingV2::TargetGroup |
| DependsOn: PrimariesSSHGerritLoadBalancer |
| Properties: |
| VpcId: !If [NetworkStackNeeded, !GetAtt ECSTaskNetworkStack.Outputs.VPCRef, !Ref VPCIdProp] |
| Port: !FindInMap ['Gerrit', 'Port', 'SSH'] |
| Protocol: TCP |
| HealthCheckPort: !FindInMap ['Gerrit', 'Port', 'HTTP'] |
| HealthCheckProtocol: HTTP |
| HealthCheckPath: '/config/server/healthcheck~status' |
| Name: !Sub '${AWS::StackName}-Ps-S' |
| |
| PrimariesGerritSSHListener: |
| Type: AWS::ElasticLoadBalancingV2::Listener |
| Properties: |
| DefaultActions: |
| - Type: forward |
| TargetGroupArn: !Ref PrimariesGerritSSHTargetGroup |
| LoadBalancerArn: !Ref PrimariesSSHGerritLoadBalancer |
| Port: !FindInMap ['Gerrit', 'Port', 'SSH'] |
| Protocol: TCP |
| |
| Primary1ASG: |
| Type: AWS::CloudFormation::Stack |
| Properties: |
| TemplateURL: !Join [ '', ['https://', !Ref TemplateBucketName, '.s3.amazonaws.com/cf-primary-asg.yml'] ] |
| TimeoutInMinutes: '25' |
| Parameters: |
| GerritInstanceNumber: 1 |
| EC2AMI: !Ref ECSAMI |
| InstanceType: !Ref InstanceType |
| ECSKeyName: !Ref ECSKeyName |
| EnvironmentName: !Ref EnvironmentName |
| ECSCluster: !Ref ECSCluster |
| EC2SecurityGroup: !Ref EcsHostSecurityGroup |
| EC2InstanceProfile: !Ref EC2InstanceProfile |
| FileSystem: !If [CreatePrimaryEFS, !GetAtt PrimaryGitFileSystemPermanentStack.Outputs.FileSystemID, !Ref PrimaryFileSystemID ] |
| SubnetId: !If [NetworkStackNeeded, !GetAtt ECSTaskNetworkStack.Outputs.PublicSubnetOneRef, !Ref Subnet1IdProp] |
| AvailabilityZone: !If [NetworkStackNeeded, !GetAtt ECSTaskNetworkStack.Outputs.PublicSubnetOneAZ, !Ref Subnet1AZProp] |
| LogGroupName: !Ref AWS::StackName |
| PrimaryMaxCount: !Ref PrimaryMaxCount |
| GerritVolumeAttachMaxRetries: !Ref GerritVolumeAttachMaxRetries |
| GerritVolumeAttachRetryDelay: !Ref GerritVolumeAttachRetryDelay |
| GerritVolumeSnapshotId: !Ref GerritVolumeSnapshotId |
| GerritVolumeSizeInGiB: !Ref GerritVolumeSizeInGiB |
| TemplateBucketName: !Ref TemplateBucketName |
| |
| Primary2ASG: |
| Type: AWS::CloudFormation::Stack |
| Properties: |
| TemplateURL: !Join [ '', ['https://', !Ref TemplateBucketName, '.s3.amazonaws.com/cf-primary-asg.yml'] ] |
| TimeoutInMinutes: '25' |
| Parameters: |
| GerritInstanceNumber: 2 |
| EC2AMI: !Ref ECSAMI |
| InstanceType: !Ref InstanceType |
| ECSKeyName: !Ref ECSKeyName |
| EnvironmentName: !Ref EnvironmentName |
| ECSCluster: !Ref ECSCluster |
| EC2SecurityGroup: !Ref EcsHostSecurityGroup |
| EC2InstanceProfile: !Ref EC2InstanceProfile |
| FileSystem: !If [CreatePrimaryEFS, !GetAtt PrimaryGitFileSystemPermanentStack.Outputs.FileSystemID, !Ref PrimaryFileSystemID ] |
| SubnetId: !If [NetworkStackNeeded, !GetAtt ECSTaskNetworkStack.Outputs.PublicSubnetTwoRef, !Ref Subnet2IdProp] |
| AvailabilityZone: !If [NetworkStackNeeded, !GetAtt ECSTaskNetworkStack.Outputs.PublicSubnetTwoAZ, !Ref Subnet2AZProp] |
| LogGroupName: !Ref AWS::StackName |
| PrimaryMaxCount: !Ref PrimaryMaxCount |
| GerritVolumeAttachMaxRetries: !Ref GerritVolumeAttachMaxRetries |
| GerritVolumeAttachRetryDelay: !Ref GerritVolumeAttachRetryDelay |
| GerritVolumeSnapshotId: !Ref GerritVolumeSnapshotId |
| GerritVolumeSizeInGiB: !Ref GerritVolumeSizeInGiB |
| TemplateBucketName: !Ref TemplateBucketName |
| |
| EC2InstanceProfile: |
| Type: AWS::IAM::InstanceProfile |
| Properties: |
| Path: / |
| Roles: [!Ref 'EC2Role'] |
| |
| # Role for the EC2 hosts. This allows the ECS agent on the EC2 hosts |
| # to communciate with the ECS control plane, as well as download the docker |
| # images from ECR to run on your host. |
| EC2Role: |
| Type: AWS::IAM::Role |
| Properties: |
| AssumeRolePolicyDocument: |
| Statement: |
| - Effect: Allow |
| Principal: |
| Service: [ec2.amazonaws.com] |
| Action: ['sts:AssumeRole'] |
| Path: / |
| Policies: |
| - PolicyName: ecs-service |
| PolicyDocument: |
| Statement: |
| - Effect: Allow |
| Action: |
| - 'ecs:CreateCluster' |
| - 'ecs:DeregisterContainerInstance' |
| - 'ecs:DiscoverPollEndpoint' |
| - 'ecs:Poll' |
| - 'ecs:RegisterContainerInstance' |
| - 'ecs:StartTelemetrySession' |
| - 'ecs:Submit*' |
| - 'logs:CreateLogStream' |
| - 'logs:PutLogEvents' |
| - 'ecr:GetAuthorizationToken' |
| - 'ecr:BatchGetImage' |
| - 'ecr:GetDownloadUrlForLayer' |
| - 'ec2:AttachVolume' |
| - 'ec2:DescribeVolumes' |
| - "dynamodb:CreateTable" |
| - "dynamodb:DeleteTable" |
| - "dynamodb:ListTables" |
| Resource: '*' |
| |
| PrimaryGitFileSystemPermanentStack: |
| Type: AWS::CloudFormation::Stack |
| DeletionPolicy: Retain |
| Condition: CreatePrimaryEFS |
| Properties: |
| TemplateURL: !Join [ '', ['https://', !Ref TemplateBucketName, '.s3.amazonaws.com/cf-efs-stack.yml'] ] |
| TimeoutInMinutes: '25' |
| Parameters: |
| FileSystemThroughputMode: !Ref PrimaryFileSystemThroughputMode |
| ProvisionedThroughputInMibps: !Ref PrimaryProvisionedThroughputInMibps |
| PublicSubnet1: !If [NetworkStackNeeded, !GetAtt ECSTaskNetworkStack.Outputs.PublicSubnetOneRef, !Ref Subnet1IdProp] |
| PublicSubnet2: !If [NetworkStackNeeded, !GetAtt ECSTaskNetworkStack.Outputs.PublicSubnetTwoRef, !Ref Subnet2IdProp] |
| SecurityGroupVPCID: !If [NetworkStackNeeded, !GetAtt ECSTaskNetworkStack.Outputs.VPCRef, !Ref VPCIdProp] |
| SecurityGroupCidrIp1: !Ref Subnet1CIDR |
| SecurityGroupCidrIp2: !Ref Subnet2CIDR |
| TagValue: "efs-for-gerrit-primaries" |
| |
| ReplicaGitFileSystemPermanentStack: |
| Type: AWS::CloudFormation::Stack |
| DeletionPolicy: Retain |
| Condition: CreateReplicaEFS |
| Properties: |
| TemplateURL: !Join [ '', ['https://', !Ref TemplateBucketName, '.s3.amazonaws.com/cf-efs-stack.yml'] ] |
| TimeoutInMinutes: '25' |
| Parameters: |
| FileSystemThroughputMode: !Ref ReplicaFileSystemThroughputMode |
| ProvisionedThroughputInMibps: !Ref ReplicaProvisionedThroughputInMibps |
| PublicSubnet1: !If [NetworkStackNeeded, !GetAtt ECSTaskNetworkStack.Outputs.PublicSubnetOneRef, !Ref Subnet1IdProp] |
| PublicSubnet2: !If [NetworkStackNeeded, !GetAtt ECSTaskNetworkStack.Outputs.PublicSubnetTwoRef, !Ref Subnet2IdProp] |
| SecurityGroupVPCID: !If [NetworkStackNeeded, !GetAtt ECSTaskNetworkStack.Outputs.VPCRef, !Ref VPCIdProp] |
| SecurityGroupCidrIp1: !Ref Subnet1CIDR |
| SecurityGroupCidrIp2: !Ref Subnet2CIDR |
| TagValue: "efs-for-gerrit-replicas" |
| |
| ECSTaskNetworkStack: |
| Type: AWS::CloudFormation::Stack |
| DeletionPolicy: Retain |
| Condition: NetworkStackNeeded |
| Properties: |
| TemplateURL: !Join [ '', ['https://', !Ref TemplateBucketName, '.s3.amazonaws.com/cf-gerrit-network-stack.yml'] ] |
| TimeoutInMinutes: '25' |
| Parameters: |
| InternetGatewayIdProp: !Ref 'InternetGatewayIdProp' |
| VPCIdProp: !Ref 'VPCIdProp' |
| VPCCIDR: !Ref 'VPCCIDR' |
| Subnet1IdProp: !Ref 'Subnet1IdProp' |
| Subnet1CIDR: !Ref 'Subnet1CIDR' |
| Subnet1AZProp: !Ref 'Subnet1AZProp' |
| Subnet2IdProp: !Ref 'Subnet2IdProp' |
| Subnet2CIDR: !Ref 'Subnet2CIDR' |
| Subnet2AZProp: !Ref 'Subnet2AZProp' |
| |
| DynamoDBPersistentStack: |
| Type: AWS::CloudFormation::Stack |
| DeletionPolicy: Retain |
| Condition: ShouldCreateDynamoDBTables |
| Properties: |
| TemplateURL: !Join [ '', ['https://', !Ref TemplateBucketName, '.s3.amazonaws.com/cf-dynamodb-stack.yml'] ] |
| TimeoutInMinutes: '25' |
| Parameters: |
| DynamoDBRefsTableName: !Ref DynamoDBRefsTableName |
| DynamoDBLocksTableName: !Ref DynamoDBLocksTableName |
| |
| Outputs: |
| ClusterName: |
| Description: The name of the ECS cluster |
| Value: !Ref 'ECSCluster' |
| Export: |
| Name: !Join [ ':', [ !Ref 'AWS::StackName', 'ClusterName' ] ] |
| VPCId: |
| Description: The ID of the VPC that this stack is deployed in |
| Value: !If [NetworkStackNeeded, !GetAtt ECSTaskNetworkStack.Outputs.VPCRef, !Ref VPCIdProp] |
| Export: |
| Name: !Join [ ':', [ !Ref 'AWS::StackName', 'VPCId' ] ] |
| PublicSubnetOne: |
| Description: Public subnet one |
| Value: !If [NetworkStackNeeded, !GetAtt ECSTaskNetworkStack.Outputs.PublicSubnetOneRef, !Ref Subnet1IdProp] |
| Export: |
| Name: !Join [ ':', [ !Ref 'AWS::StackName', 'PublicSubnetOne' ] ] |
| PublicSubnetOneAZ: |
| Description: Public subnet one AZ |
| Value: !If [NetworkStackNeeded, !GetAtt ECSTaskNetworkStack.Outputs.PublicSubnetOneAZ, !Ref Subnet1AZProp] |
| Export: |
| Name: !Join [ ':', [ !Ref 'AWS::StackName', 'PublicSubnetOneAZ' ] ] |
| PublicSubnetTwo: |
| Description: Public subnet two |
| Value: !If [NetworkStackNeeded, !GetAtt ECSTaskNetworkStack.Outputs.PublicSubnetTwoRef, !Ref Subnet2IdProp] |
| Export: |
| Name: !Join [ ':', [ !Ref 'AWS::StackName', 'PublicSubnetTwo' ] ] |
| PublicSubnetTwoAZ: |
| Description: Public subnet two AZ |
| Value: !If [NetworkStackNeeded, !GetAtt ECSTaskNetworkStack.Outputs.PublicSubnetTwoAZ, !Ref Subnet2AZProp] |
| Export: |
| Name: !Join [ ':', [ !Ref 'AWS::StackName', 'PublicSubnetTwoAZ' ] ] |
| ClusterArn: |
| Description: The ARN of the ECS cluster |
| Value: !GetAtt ECSCluster.Arn |
| Export: |
| Name: !Join [ ':', [ !Ref 'AWS::StackName', 'ClusterArn' ] ] |
| ReplicaFileSystemID: |
| Description: The ID of the EFS to be mounted by replicas |
| Value: !If [CreateReplicaEFS, !GetAtt ReplicaGitFileSystemPermanentStack.Outputs.FileSystemID, !Ref ReplicaFileSystemID ] |
| Export: |
| Name: !Join [ ':', [ !Ref 'AWS::StackName', 'ReplicaFileSystemID' ] ] |
| PrimariesGerritHTTPTargetGroup: |
| Description: The target group registering both gerrit1 and gerrit2 serving HTTP traffic |
| Value: !Ref 'PrimariesGerritHTTPTargetGroup' |
| Export: |
| Name: !Join [ ':', [ !Ref 'AWS::StackName', 'PrimariesGerritHTTPTargetGroup' ] ] |
| PrimariesGerritSSHTargetGroup: |
| Description: The target group registering both gerrit1 and gerrit2 serving SSH traffic |
| Value: !Ref 'PrimariesGerritSSHTargetGroup' |
| Export: |
| Name: !Join [ ':', [ !Ref 'AWS::StackName', 'PrimariesGerritSSHTargetGroup' ] ] |
| PrimariesHTTPGerritLoadBalancerDNSName: |
| Description: The DNS name of the load balancer serving HTTP requests to both gerrit1 and gerrit2 |
| Value: !GetAtt 'PrimariesHTTPGerritLoadBalancer.DNSName' |
| Export: |
| Name: !Join [ ':', [ !Ref 'AWS::StackName', 'PrimariesHTTPGerritLoadBalancerDNSName' ] ] |
| PrimariesSSHGerritLoadBalancerDNSName: |
| Description: The DNS name of the load balancer serving SSH requests to both gerrit1 and gerrit2 |
| Value: !GetAtt 'PrimariesSSHGerritLoadBalancer.DNSName' |
| Export: |
| Name: !Join [ ':', [ !Ref 'AWS::StackName', 'PrimariesSSHGerritLoadBalancerDNSName' ] ] |
| PrimariesHTTPGerritCanonicalHostedZoneID: |
| Description: Canonical Hosted Zone ID of the load balancer serving HTTP requests to both gerrit1 and gerrit2 |
| Value: !GetAtt 'PrimariesHTTPGerritLoadBalancer.CanonicalHostedZoneID' |
| Export: |
| Name: !Join [ ':', [ !Ref 'AWS::StackName', 'PrimariesHTTPGerritCanonicalHostedZoneID' ] ] |
| PrimariesSSHGerritCanonicalHostedZoneID: |
| Description: Canonical Hosted Zone ID of the load balancer serving SSH requests to both gerrit1 and gerrit2 |
| Value: !GetAtt 'PrimariesSSHGerritLoadBalancer.CanonicalHostedZoneID' |
| Export: |
| Name: !Join [ ':', [ !Ref 'AWS::StackName', 'PrimariesSSHGerritCanonicalHostedZoneID' ] ] |
