AWS OpsWorks テンプレートスニペット
AWS OpsWorks は、ソフトウェア構成、アプリケーションのデプロイ、スケーリング、モニタリングなど、さまざまなタスクを簡素化するアプリケーション管理サービスです。AWS CloudFormation は、AWS OpsWorks のスタック、レイヤー、アプリケーション、インスタンスなどの AWS OpsWorks リソースを管理するときに使用できるリソース管理サービスです。
AWS OpsWorks のサンプル PHP アプリケーション
以下のサンプルテンプレートは、Git 公開リポジトリに格納されているサンプルの AWS OpsWorks PHP ウェブアプリケーションをデプロイするものです。AWS OpsWorks スタックにはアプリケーションサーバーが 2 つとロードバランサーがあり、着信トラフィックをサーバー間で均等に分散しています。AWS OpsWorks スタックには、ほかにもデータの保管用にバックエンド MySQL データベースサーバーが含まれます。このサンプル AWS OpsWorks アプリケーションの詳細については、「AWS OpsWorks ユーザーガイド」の「チュートリアル: アプリケーションサーバースタックを作成して AWSAWS OpsWorks の基礎を学ぶ」を参照してください。
注記
ServiceRoleArn と DefaultInstanceProfileArn のプロパティは、AWS OpsWorks を初めて使用してから作成された IAM ロールを参照します。
この例では、NoEcho プロパティを true に設定して MysqlRootPassword パラメータを定義しています。NoEcho 属性を true に設定すると、CloudFormation は、スタックまたはスタックイベントを記述するすべての呼び出しに対して、アスタリスク (*****) としてマスクされたパラメータ値を返します。
重要
機密情報は、CloudFormation テンプレートに直接埋め込むのではなく、スタックテンプレートの動的パラメータを使用して CloudFormation の外部 (AWS Systems Manager パラメータストアや AWS Secrets Manager など) に保存して管理した上で 参照することをお勧めします。
詳細については、「テンプレートに認証情報を埋め込まない のベストプラクティス」を参照してください。
JSON
{ "AWSTemplateFormatVersion": "2010-09-09", "Parameters": { "ServiceRole": { "Default": "aws-opsworks-service-role", "Description": "The OpsWorks service role", "Type": "String", "MinLength": "1", "MaxLength": "64", "AllowedPattern": "[a-zA-Z][a-zA-Z0-9-]*", "ConstraintDescription": "must begin with a letter and contain only alphanumeric characters." }, "InstanceRole": { "Default": "aws-opsworks-ec2-role", "Description": "The OpsWorks instance role", "Type": "String", "MinLength": "1", "MaxLength": "64", "AllowedPattern": "[a-zA-Z][a-zA-Z0-9-]*", "ConstraintDescription": "must begin with a letter and contain only alphanumeric characters." }, "AppName": { "Default": "myapp", "Description": "The app name", "Type": "String", "MinLength": "1", "MaxLength": "64", "AllowedPattern": "[a-zA-Z][a-zA-Z0-9]*", "ConstraintDescription": "must begin with a letter and contain only alphanumeric characters." }, "MysqlRootPassword" : { "Description" : "MysqlRootPassword", "NoEcho" : "true", "Type" : "String" } }, "Resources": { "myStack": { "Type": "AWS::OpsWorks::Stack", "Properties": { "Name": { "Ref": "AWS::StackName" }, "ServiceRoleArn": { "Fn::Join": [ "", ["arn:aws:iam::", {"Ref": "AWS::AccountId"}, ":role/", {"Ref": "ServiceRole"}] ] }, "DefaultInstanceProfileArn": { "Fn::Join": [ "", ["arn:aws:iam::", {"Ref": "AWS::AccountId"}, ":instance-profile/", {"Ref": "InstanceRole"}] ] }, "UseCustomCookbooks": "true", "CustomCookbooksSource": { "Type": "git", "Url": "git://github.com/amazonwebservices/opsworks-example-cookbooks.git" } } }, "myLayer": { "Type": "AWS::OpsWorks::Layer", "DependsOn": "myApp", "Properties": { "StackId": {"Ref": "myStack"}, "Type": "php-app", "Shortname" : "php-app", "EnableAutoHealing" : "true", "AutoAssignElasticIps" : "false", "AutoAssignPublicIps" : "true", "Name": "MyPHPApp", "CustomRecipes" : { "Configure" : ["phpapp::appsetup"] } } }, "DBLayer" : { "Type" : "AWS::OpsWorks::Layer", "DependsOn": "myApp", "Properties" : { "StackId" : {"Ref":"myStack"}, "Type" : "db-master", "Shortname" : "db-layer", "EnableAutoHealing" : "true", "AutoAssignElasticIps" : "false", "AutoAssignPublicIps" : "true", "Name" : "MyMySQL", "CustomRecipes" : { "Setup" : ["phpapp::dbsetup"] }, "Attributes" : { "MysqlRootPassword" : {"Ref":"MysqlRootPassword"}, "MysqlRootPasswordUbiquitous": "true" }, "VolumeConfigurations":[{"MountPoint":"/vol/mysql","NumberOfDisks":1,"Size":10}] } }, "ELBAttachment" : { "Type" : "AWS::OpsWorks::ElasticLoadBalancerAttachment", "Properties" : { "ElasticLoadBalancerName" : { "Ref" : "ELB" }, "LayerId" : { "Ref" : "myLayer" } } }, "ELB" : { "Type": "AWS::ElasticLoadBalancing::LoadBalancer", "Properties": { "AvailabilityZones": { "Fn::GetAZs" : "" } , "Listeners": [{ "LoadBalancerPort": "80", "InstancePort": "80", "Protocol": "HTTP", "InstanceProtocol": "HTTP" }], "HealthCheck": { "Target": "HTTP:80/", "HealthyThreshold": "2", "UnhealthyThreshold": "10", "Interval": "30", "Timeout": "5" } } }, "myAppInstance1": { "Type": "AWS::OpsWorks::Instance", "Properties": { "StackId": {"Ref": "myStack"}, "LayerIds": [{"Ref": "myLayer"}], "InstanceType": "m1.small" } }, "myAppInstance2": { "Type": "AWS::OpsWorks::Instance", "Properties": { "StackId": {"Ref": "myStack"}, "LayerIds": [{"Ref": "myLayer"}], "InstanceType": "m1.small" } }, "myDBInstance": { "Type": "AWS::OpsWorks::Instance", "Properties": { "StackId": {"Ref": "myStack"}, "LayerIds": [{"Ref": "DBLayer"}], "InstanceType": "m1.small" } }, "myApp" : { "Type" : "AWS::OpsWorks::App", "Properties" : { "StackId" : {"Ref":"myStack"}, "Type" : "php", "Name" : {"Ref": "AppName"}, "AppSource" : { "Type" : "git", "Url" : "git://github.com/amazonwebservices/opsworks-demo-php-simple-app.git", "Revision" : "version2" }, "Attributes" : { "DocumentRoot" : "web" } } } } }
YAML
AWSTemplateFormatVersion: '2010-09-09' Parameters: ServiceRole: Default: aws-opsworks-service-role Description: The OpsWorks service role Type: String MinLength: '1' MaxLength: '64' AllowedPattern: "[a-zA-Z][a-zA-Z0-9-]*" ConstraintDescription: must begin with a letter and contain only alphanumeric characters. InstanceRole: Default: aws-opsworks-ec2-role Description: The OpsWorks instance role Type: String MinLength: '1' MaxLength: '64' AllowedPattern: "[a-zA-Z][a-zA-Z0-9-]*" ConstraintDescription: must begin with a letter and contain only alphanumeric characters. AppName: Default: myapp Description: The app name Type: String MinLength: '1' MaxLength: '64' AllowedPattern: "[a-zA-Z][a-zA-Z0-9]*" ConstraintDescription: must begin with a letter and contain only alphanumeric characters. MysqlRootPassword: Description: MysqlRootPassword NoEcho: 'true' Type: String Resources: myStack: Type: AWS::OpsWorks::Stack Properties: Name: Ref: AWS::StackName ServiceRoleArn: !Sub "arn:aws:iam::${AWS::AccountId}:role/${ServiceRole}" DefaultInstanceProfileArn: !Sub "arn:aws:iam::${AWS::AccountId}:instance-profile/${InstanceRole}" UseCustomCookbooks: 'true' CustomCookbooksSource: Type: git Url: git://github.com/amazonwebservices/opsworks-example-cookbooks.git myLayer: Type: AWS::OpsWorks::Layer DependsOn: myApp Properties: StackId: Ref: myStack Type: php-app Shortname: php-app EnableAutoHealing: 'true' AutoAssignElasticIps: 'false' AutoAssignPublicIps: 'true' Name: MyPHPApp CustomRecipes: Configure: - phpapp::appsetup DBLayer: Type: AWS::OpsWorks::Layer DependsOn: myApp Properties: StackId: Ref: myStack Type: db-master Shortname: db-layer EnableAutoHealing: 'true' AutoAssignElasticIps: 'false' AutoAssignPublicIps: 'true' Name: MyMySQL CustomRecipes: Setup: - phpapp::dbsetup Attributes: MysqlRootPassword: Ref: MysqlRootPassword MysqlRootPasswordUbiquitous: 'true' VolumeConfigurations: - MountPoint: "/vol/mysql" NumberOfDisks: 1 Size: 10 ELBAttachment: Type: AWS::OpsWorks::ElasticLoadBalancerAttachment Properties: ElasticLoadBalancerName: Ref: ELB LayerId: Ref: myLayer ELB: Type: AWS::ElasticLoadBalancing::LoadBalancer Properties: AvailabilityZones: Fn::GetAZs: '' Listeners: - LoadBalancerPort: '80' InstancePort: '80' Protocol: HTTP InstanceProtocol: HTTP HealthCheck: Target: HTTP:80/ HealthyThreshold: '2' UnhealthyThreshold: '10' Interval: '30' Timeout: '5' myAppInstance1: Type: AWS::OpsWorks::Instance Properties: StackId: Ref: myStack LayerIds: - Ref: myLayer InstanceType: m1.small myAppInstance2: Type: AWS::OpsWorks::Instance Properties: StackId: Ref: myStack LayerIds: - Ref: myLayer InstanceType: m1.small myDBInstance: Type: AWS::OpsWorks::Instance Properties: StackId: Ref: myStack LayerIds: - Ref: DBLayer InstanceType: m1.small myApp: Type: AWS::OpsWorks::App Properties: StackId: Ref: myStack Type: php Name: Ref: AppName AppSource: Type: git Url: git://github.com/amazonwebservices/opsworks-demo-php-simple-app.git Revision: version2 Attributes: DocumentRoot: web
