AWS CloudFormation - VPC Nested Stack-ALB, EC2 instances in Auto-Scaling Group

In this section, I have provided the YAML Script for creation of Application Load Balancer and EC2 in Auto-scaling Groups.


Before we go to the script, we need to understand few key things here.

  • Application Load Balancer can either route the traffic to specific EC2 instances or to a Group of instances. The best practice to to create Target Groups and route to them. So we will create a Target Group for our Webservers (created in previous post) and route the traffic to them.

  • For Auto-scaling group to work, we need to create a launch configuration that describes the AMI we want to launch (this simply means the image of required EC2 server instance which has all required OS, software and application code). In this example, I have randomly picked an AMI from the console.

  • We will be launching our EC2 instances in private subnets across 2 AZs so that they are secure and not accessible to all.

  • We need a keypair to launch EC2 instances. So I have created a temporary one as "Test" in AWS console. You would need to create one and update the name in Launch Configuration section.

Therefore, our script will create the following;

a. Load Balancer with Listener

b. Target Group for Load Balancer to route traffic

c. Launch Configuration for ASG

d. Auto-scaling Group (We mention the minimum required instances and maximum)

e. Auto-scaling Policy (We mention when do we want the auto-scaling to scale up and down)

As usual, we shall do this in 2 simple steps as mentioned below.


1. Copy the YAML script below and name it as servers.yaml. This script will create the resources mentioned above.

Description: >
  This template deploys an Application Load Balancer that exposes our various ECS services.
  We create them in a seperate nested template, so it can be referenced by all of the other nested templates.
Parameters:
 EnvironmentName:
 Description: Our environment name that will be prefixed to resource names
 Type: String

 VPC:
 Type: AWS::EC2::VPC::Id
 Description: VPC where the Application Load Balancer should be deployed to

 Subnets:
 Description: Subnets where the Application Load Balancer should be deployed to
 Type: List<AWS::EC2::Subnet::Id>

 Subnets1:
 Description: Subnets where the Application EC2 Servers should be deployed to
 Type: List<AWS::EC2::Subnet::Id>

 LBSecurityGroup:
 Description: Security Group to be applied to the Application Load Balancer
 Type: AWS::EC2::SecurityGroup::Id

 WSSecurityGroup:
 Description: Security Group to be applied to the WS Group
 Type: AWS::EC2::SecurityGroup::Id

 InstanceType:
 Description: Instance type that we use
 Type: String
 Default: t2.small
#======================================================================
# This section will define the Load Balancer, Listener Target Group, Launch Configuration, Autoscaling, Autoscaling Policies
#====================================================================== 
Resources:
 LoadBalancer:
 Type: AWS::ElasticLoadBalancingV2::LoadBalancer
 Properties:
 Name: !Ref EnvironmentName
 Subnets: !Ref Subnets
 SecurityGroups:
        - !Ref LBSecurityGroup
 Tags:
        - Key: Name
 Value: !Ref EnvironmentName

 LoadBalancerListenerWS:
 Type: AWS::ElasticLoadBalancingV2::Listener
 Properties:
 LoadBalancerArn: !Ref LoadBalancer
 Port: 80
 Protocol: HTTP
 DefaultActions:
        - Type: forward
 TargetGroupArn: !Ref WSTargetGroup

 WSTargetGroup: 
 Type: AWS::ElasticLoadBalancingV2::TargetGroup
 Properties:
 Name: !Sub ${EnvironmentName}-WSTarget
 VpcId: !Ref VPC
 Port: 80
 Protocol: HTTP =======================================================================
# WebServers Launch Configuration & Autoscaling Group creation with policies
=======================================================================
 WSLaunchConfiguration:
 Type: 'AWS::AutoScaling::LaunchConfiguration'
 Properties:
 ImageId: "ami-09929fc4b0eaeb3a0"
 InstanceMonitoring: true
 InstanceType: !Ref InstanceType
 SecurityGroups:
      - !Ref WSSecurityGroup
 KeyName: Test123
 AssociatePublicIpAddress: false

 WSAutoScalingGroup:
 Type: AWS::AutoScaling::AutoScalingGroup
 Properties:
 AutoScalingGroupName: Webserver Autoscaling Group
 Cooldown: 120
 DesiredCapacity: 2
 MaxSize: 4
 MinSize: 2
 LaunchConfigurationName: !Ref WSLaunchConfiguration
 TargetGroupARNs:
        - !Ref WSTargetGroup
 Tags:
        - 
 Key: Name
 Value: Weservers ASG
 PropagateAtLaunch: 'true'
 VPCZoneIdentifier: !Ref Subnets1

 WSASGScalingUpPolicy: 
 Type: AWS::AutoScaling::ScalingPolicy
 Properties: 
 AdjustmentType: "ChangeInCapacity"
 PolicyType: "SimpleScaling"
 Cooldown: "300"
 AutoScalingGroupName: !Ref WSAutoScalingGroup
 ScalingAdjustment: 1

 WSASGScalingDownPolicy: 
 Type: AWS::AutoScaling::ScalingPolicy
 Properties: 
 AdjustmentType: "ChangeInCapacity"
 PolicyType: "SimpleScaling"
 Cooldown: "300"
 AutoScalingGroupName: !Ref WSAutoScalingGroup
 ScalingAdjustment: -1
 
Outputs:
 LoadBalancer:
 Description: A reference to the Application Load Balancer
 Value: !Ref LoadBalancer

 LoadBalancerUrl:
 Description: The URL of the ALB
 Value: !GetAtt LoadBalancer.DNSName

 Listener:
 Description: A reference to a port 80 listener
 Value: !Ref LoadBalancerListenerWS

 WSTargetGroup:
 Description: Target Group of the Web Servers
 Value: !Ref WSTargetGroup

2. Update the Master.yaml that we have appended in previous post, with the below additional script.

 ALB:
 Type: AWS::CloudFormation::Stack
 Properties:
 TemplateURL: https://mycfstack.s3.amazonaws.com/resources.yaml
 Parameters:
 EnvironmentName: !Ref AWS::StackName
 VPC: !GetAtt VPC.Outputs.VPC
 Subnets: !GetAtt VPC.Outputs.PublicSubnets
 LBSecurityGroup: !GetAtt SecurityGroups.Outputs.LoadBalancerSecurityGroup
 Subnets1: !GetAtt VPC.Outputs.PrivateSubnets
 WSSecurityGroup: !GetAtt SecurityGroups.Outputs.WSSecurityGroup

How to upload and run the script?


- Re-upload the master.yaml in S3 as we have made changes.

- Also upload servers.yaml in the same S3 bucket (mycfstack)

- Go to Cloud Formation

- Create New Stack

- Click Next and provide a stack name. Click next and then click create stack button.


- Your stack will be executed in less than 5 mins.

Please navigate to EC2 section of your AWS console to confirm if Launch configuration and Auto-scaling groups have been created properly.


With this, we have proudly created a whole platform that consists of VPC, Subnets, Internet Gateway, NAT Gateways, Route tables, ALB with Listeners, Launch Configuration and Auto-scaling of EC2 instances.

I hope the above script will be useful to AWS beginners who are working or practicing cloud formation. Also, when you delete the master stack, it automatically deletes the whole platform in an orderly way.

Please provide your valuable comments on this article if this is of any help. Kindly share this with your known groups if you like it. Thanks.

319 views0 comments

Recent Posts

See All
  • Pinterest
  • Facebook
  • LinkedIn

© 2020 by techyfella.

Subscribe for techyfella updates!