Getting Started with CloudFormation
Setting up our first CloudFormation Stack
Modern IT infrastructures can be quite complex and are usually built from many distinct components: computing instances, load balancers, storage volumes, CDNs, caching nodes, one or more database clusters, etc. You need to set up each component specifically for the environment that you are using (like production, staging, development, etc.), to keep them updated and to remove or swap components due to software changes. CloudFormation is a great tool that helps system administrators by managing these details automatically.
In this course, CloudAcademy's Senior DevOps Engineer, Antonio Angelino, will discuss how AWS CloudFormation works and how you can use it to build scalable infrastructures. AWS CloudFormation allows you to easily create sets of cloud resources such as Amazon EC2 instances, CloudFront distributions, RDS database instances, and other services by just writing a template file.
This is an intermediate-level course, so you should have some experience with AWS and its basic services like EC2, ELB, AutoScaling, and RDS. Also, some knowledge of high availability concepts, the JSON file format, and Wordpress would be helpful to understand the ideas behind the practical part of the course and the template's syntax.
If you need to learn more about the AWS services cited here, please check our collection of AWS courses, in particular, the courses about EC2 and RDS. Also, if you want to test your knowledge on the basic topics covered in this course, check out our AWS questions.
Resources used within this lecture
CloudFormation Template: https://s3.amazonaws.com/cloudformation-templates-us-east-1/WordPress_Multi_AZ.template
In this course we will use an example template that you can find at the following address. In order to deploy a fully functional Wordpress cluster. Let's take a look at the template source. This template is a great example, demonstrating the power of AWS CloudFormation. It creates several different resources, a load balancer, an autoscaling group for web server instances, a MySQL cluster using AWS RDS, all required security groups and EC2 instances. CloudFormation also downloads and sets up the latest version of Wordpress during the last creation step. As you can see the author started declaring the format version in writing an exhausted description of the template itself. Looking at the parameter section you can see a set of parameters that the AWS user has to choose in order begin a stack creation. KeyName is the only parameter that doesn't have a default value because we need to specify an existing key pair name that will be use by all EC2 instances. If we decide to use the AWS management console, the stack creation wizard will ask us to choose a correct value for every parameter.
The mapping section is use to associate one specific OS architecture to each EC2 instance type and each AWS region to a set of AMI IDs. For example, if you want to create a Wordpress cluster in the eu-west-1 region using a set of t1.micro instances, CloudFormation will use the ami 953b06e1 disk image.
The resources section is the most important one and we'll analyze it item-by-item. The first declared resource is a load balancer. Amazon elastic load balancing service allows us to choose the balancing policy, add origin and destination ports for each listener and set up a health check in order to avoid sending request to dead instances.
This load balancer will listen on port 80 waiting for HTTP requests and will distribute all request to our instances using a cookie based policy.
Web server group is an EC2 autoscaling group composed by a maximum of five EC2 instances. As you can see default number of running instances is selected by the user during the parameters configuration.
This resource doesn't create an EC2 instance by itself but it links to another resource called launch config. Before talking about the launch config resource it's useful to talk about the wait handle and the WaitCondition resources. A Wait Condition Handle is a kind the semaphore.
It can be use to make AWS CloudFormation pause the creation of the stack and wait for a signal before it continues to create the stack. A wait condition is extremely useful to coordinate external configuration options, for example, to install Apache web server into instance X.
In stack resource, for example to create instance X. Using wait conditions we can consider the creation of the specific resource completed when all externally link tasks are completed. Launch config is a great example of how to use wait conditions. Launch config is in charge of creating EC2 instances and configuring them. CloudFormation will create all specified instances, install httpd, php and php-mysql packages using Yum, download the latest version of Wordpress from wordpress.org and create a wp-config.php file using the users specified database name, user name and password and finally fix files owners. If all these steps succeeds cfn-signal will report the CloudFormation that operation resulted in the success and thanks to wait condition handle, the instance creation and configuration will be considered successful or failed.
DBInstance simply represents the RDS MySQL database cluster use by Wordpress. The The last two resources are the required security groups needed by EC2 instances and RDS instances. DB security group allows the MySQL connection from all EC2 stack instances. Web server security group enables HTTP access for the load balancer and SHH access.
Output is the last template section. The template author decided to return the web URL of Wordpress after the successful creation of the whole stack. Now we're ready to create our first CloudFormation stack using the analyzed template.
Antonio is an IT Manager and a software and infrastructure Engineer with 15 years of experience in designing, implementing and deploying complex webapps.
He has a deep knowledge of the IEEE Software and Systems Engineering Standards and of several programming languages (Python, PHP, Java, Scala, JS).
Antonio has also been using and designing cloud infrastructures for five years, using both public and private cloud services (Amazon Web Services, Google Cloud Platform, Azure, Openstack and Vmware vSphere).
During his past working experiences, he designed and managed large web clusters, also developing a service orchestrator for providing automatic scaling, self-healing and a Disaster Recovery Strategy.
Antonio is currently the Labs Product Manager and a Senior DevOps Engineer at Cloud Academy; his main goal is providing the best learn-by-doing experience possible taking care of the Cloud Academy Labs platform.