add simple wordpress stack

thrau · thrau · commit 76073069bb96 · 2024-02-06T01:02:03.000+01:00
diff --git a/Makefile b/Makefile
@@ -0,0 +1,41 @@
+VENV_BIN = python3 -m venv
+VENV_DIR ?= .venv
+VENV_ACTIVATE = $(VENV_DIR)/bin/activate
+VENV_RUN = . $(VENV_ACTIVATE)
+
+venv: $(VENV_ACTIVATE)
+
+$(VENV_ACTIVATE): setup.py setup.cfg pyproject.toml
+	test -d .venv || $(VENV_BIN) .venv
+	$(VENV_RUN); pip install --upgrade pip setuptools wheel
+	$(VENV_RUN); pip install -e .[dev,deploy]
+	touch $(VENV_DIR)/bin/activate
+
+clean:
+	rm -rf .venv
+	rm -rf build/
+	rm -rf .eggs/
+	rm -rf *.egg-info/
+	rm -rf node_modules
+	rm -rf deployments/cdk/cdk.out
+
+install: venv
+	npm install; \
+	ln -sfn `pwd`/node_modules/aws-cdk/bin/cdk $(VENV_DIR)/bin/; \
+	ln -sfn `pwd`/node_modules/aws-cdk-local/bin/cdklocal $(VENV_DIR)/bin/
+
+deploy-local:
+	$(VENV_RUN); \
+	cd deployments/cdk; \
+	cdklocal bootstrap || true; \
+	cdklocal deploy --all --require-approval never
+
+destroy-local:
+	$(VENV_RUN); \
+	cd deployments/cdk; \
+	cdklocal destroy --all
+
+format:
+	$(VENV_ACTIVATE); python -m isort .; python -m black .
+
+.PHONY: clean format install deploy
diff --git a/README.md b/README.md
@@ -0,0 +1,34 @@
+wordpress-ecs-rds-cdk
+===============================
+
+Wordpress deployed using ECS and RDS
+
+
+## Quickstart
+
+to install python requirements and developer tools (ckdlocal, awslocal) into a venv run:
+
+    make install
+
+then, to deploy the cdk app, first start localstack and run
+
+    make deploy-local
+
+## Tinker
+
+After running `make install`, when you activate the virtual environment with
+
+    source .venv/bin/activate
+
+you get the *local commands: 
+    
+    cdklocal
+    awslocal
+
+You can for example get the name of the bucket that was created and whose name was added as an SSM parameter:
+
+    awslocal ssm get-parameter --name /artifacts/bucket
+
+Or list the created lambdas:
+
+    awslocal lambda list-functions
diff --git a/deployments/cdk/.gitignore b/deployments/cdk/.gitignore
@@ -0,0 +1 @@
+cdk.out/
diff --git a/deployments/cdk/app.py b/deployments/cdk/app.py
@@ -0,0 +1,15 @@
+import aws_cdk as cdk
+import env
+from wordpress import WordpressStack
+
+
+def main():
+    app = cdk.App()
+
+    WordpressStack(app, "WordpressStack", env=env.ENV_LOCAL)
+
+    app.synth()
+
+
+if __name__ == "__main__":
+    main()
diff --git a/deployments/cdk/cdk.context.json b/deployments/cdk/cdk.context.json
@@ -0,0 +1,10 @@
+{
+  "availability-zones:account=000000000000:region=us-east-1": [
+    "us-east-1a",
+    "us-east-1b",
+    "us-east-1c",
+    "us-east-1d",
+    "us-east-1e",
+    "us-east-1f"
+  ]
+}
diff --git a/deployments/cdk/cdk.json b/deployments/cdk/cdk.json
@@ -0,0 +1,29 @@
+{
+  "app": "python3 app.py",
+  "watch": {
+    "include": [
+      "**"
+    ],
+    "exclude": [
+      "README.md",
+      "cdk*.json",
+      "requirements*.txt",
+      "**/__init__.py",
+      "python/__pycache__",
+      "tests"
+    ]
+  },
+  "context": {
+    "@aws-cdk/aws-apigateway:usagePlanKeyOrderInsensitiveId": true,
+    "@aws-cdk/core:stackRelativeExports": true,
+    "@aws-cdk/aws-rds:lowercaseDbIdentifier": true,
+    "@aws-cdk/aws-lambda:recognizeVersionProps": true,
+    "@aws-cdk/aws-cloudfront:defaultSecurityPolicyTLSv1.2_2021": true,
+    "@aws-cdk-containers/ecs-service-extensions:enableDefaultLogDriver": true,
+    "@aws-cdk/aws-ec2:uniqueImdsv2TemplateName": true,
+    "@aws-cdk/core:target-partitions": [
+      "aws",
+      "aws-cn"
+    ]
+  }
+}
diff --git a/deployments/cdk/env.py b/deployments/cdk/env.py
@@ -0,0 +1,7 @@
+import aws_cdk as cdk
+
+ENV_PRODUCTION = cdk.Environment(account="886468871268", region="eu-central-1")
+ENV_STAGING = cdk.Environment(account="583952393159", region="eu-central-1")
+ENV_SHARED = cdk.Environment(account="385386232812", region="eu-central-1")
+ENV_SANDBOX = cdk.Environment(account="000000000000", region="us-east-1")
+ENV_LOCAL = cdk.Environment(account="000000000000", region="us-east-1")
diff --git a/deployments/cdk/wordpress.py b/deployments/cdk/wordpress.py
@@ -0,0 +1,81 @@
+import aws_cdk as cdk
+import constructs
+from aws_cdk import aws_ec2 as ec2
+from aws_cdk import aws_ecs as ecs
+from aws_cdk import aws_ecs_patterns as ecs_patterns
+from aws_cdk import aws_elasticloadbalancingv2 as elbv2
+from aws_cdk import aws_rds as rds
+
+# FIXME
+db_user = "wordpress"
+db_password = "wordpress-password"
+db_name = "wordpress"
+
+
+class WordpressStack(cdk.Stack):
+    def __init__(self, scope: constructs.Construct, construct_id: str, **kwargs) -> None:
+        super().__init__(scope, construct_id, **kwargs)
+
+        # VPC
+        self.vpc = ec2.Vpc(
+            self,
+            "VPC",
+            nat_gateways=1,
+            cidr="10.0.0.0/16",
+            subnet_configuration=[
+                ec2.SubnetConfiguration(
+                    name="public", subnet_type=ec2.SubnetType.PUBLIC, cidr_mask=24
+                ),
+                ec2.SubnetConfiguration(
+                    name="private", subnet_type=ec2.SubnetType.PRIVATE_WITH_NAT, cidr_mask=24
+                ),
+            ],
+        )
+        self.cluster_sec_group = ec2.SecurityGroup(
+            self,
+            "cluster-sec-group",
+            security_group_name="cluster-sec-group",
+            vpc=self.vpc,
+            allow_all_outbound=True,
+        )
+
+        database = rds.DatabaseInstance(
+            self,
+            "WordpressDatabase",
+            credentials=rds.Credentials.from_password(
+                username=db_user, password=cdk.SecretValue.plain_text(db_password)
+            ),
+            database_name=db_name,
+            engine=rds.DatabaseInstanceEngine.MARIADB,
+            vpc=self.vpc,
+        )
+
+        # ECS cluster
+        cluster = ecs.Cluster(self, "ServiceCluster", vpc=self.vpc)
+
+        docker_image = ecs.ContainerImage.from_registry("wordpress")
+        web_service = ecs_patterns.ApplicationLoadBalancedFargateService(
+            self,
+            "Wordpress",
+            cluster=cluster,
+            target_protocol=elbv2.ApplicationProtocol.HTTP,
+            protocol=elbv2.ApplicationProtocol.HTTP,
+            desired_count=1,
+            # container size
+            cpu=512,
+            memory_limit_mib=2048,
+            task_image_options=ecs_patterns.ApplicationLoadBalancedTaskImageOptions(
+                image=docker_image,
+                container_port=80,
+                container_name="webapp",
+                enable_logging=True,
+                environment={
+                    "WORDPRESS_DB_HOST": f"{database.db_instance_endpoint_address}:{database.db_instance_endpoint_port}",
+                    "WORDPRESS_DB_USER": db_user,
+                    "WORDPRESS_DB_PASSWORD": db_password,
+                    "WORDPRESS_DB_NAME": db_name,
+                },
+            ),
+        )
+
+        # TODO: add APIGW and dns + cert
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -0,0 +1,6 @@
+{
+  "dependencies": {
+    "aws-cdk": "^2.20.0",
+    "aws-cdk-local": "^2.15.0"
+  }
+}
diff --git a/pyproject.toml b/pyproject.toml
@@ -0,0 +1,14 @@
+[build-system]
+requires = ['setuptools', 'wheel']
+build-backend = "setuptools.build_meta"
+
+[tool.black]
+line_length = 100
+include = '((deployments/cdk|lambda)/.*\.py$|tests/.*\.py$)'
+extend_exclude = '(.venv|build)'
+
+[tool.isort]
+profile = 'black'
+skip = 'cdk.out,.venv,node_modules'
+#extend_skip = []
+line_length = 100
diff --git a/setup.cfg b/setup.cfg
@@ -0,0 +1,41 @@
+[metadata]
+name = wordpress-ecs-rds-cdk
+version = 0.1.0
+url = https://github.com/localstack-samples/wordpress-ecs-rds-cdk
+author = LocalStack Contributors
+author_email = info@localstack.cloud
+description = Wordpress deployed using ECS and RDS
+long_description = file: README.md
+long_description_content_type = text/markdown; charset=UTF-8
+
+[options]
+test_suite = tests
+packages=find:
+
+[options.packages.find]
+exclude =
+    tests
+    lambdas
+    deployments
+
+[options.extras_require]
+dev =
+    black==22.3.0
+    flake8>=3.6.0
+    flake8-black==0.3.2
+    flake8-isort>=4.0.0
+    flake8-quotes>=0.11.0
+    pre-commit==2.13.0
+    pyproject-flake8
+    isort==5.9.1
+    pytest>=7.0
+    awscli
+    awscli-local
+    %(deploy)s
+
+deploy =
+    aws-cdk-lib==2.20.0
+    constructs>=10.0.0,<11.0.0
+
+[options.package_data]
+* = *.md
diff --git a/setup.py b/setup.py
@@ -0,0 +1,3 @@
+from setuptools import setup
+
+setup()
