Make sample aws deployable

pinzon · pinzon · commit ac917071a996 · 2024-04-30T14:06:05.000-05:00
diff --git a/Makefile b/Makefile
@@ -30,11 +30,22 @@ deploy-local:
 	cdklocal bootstrap || true; \
 	cdklocal deploy --all --require-approval never
 
+deploy-aws:
+	$(VENV_RUN); \
+	cd deployments/cdk; \
+	cdk bootstrap || true; \
+	cdk deploy --all --require-approval never
+
 destroy-local:
 	$(VENV_RUN); \
 	cd deployments/cdk; \
 	cdklocal destroy --all
 
+destroy-aws:
+	$(VENV_RUN); \
+	cd deployments/cdk; \
+	cdk destroy --all
+
 format:
 	$(VENV_ACTIVATE); python -m isort .; python -m black .
 
diff --git a/deployments/cdk/app.py b/deployments/cdk/app.py
@@ -1,12 +1,11 @@
 import aws_cdk as cdk
-import env
 from wordpress import WordpressStack
 
 
 def main():
     app = cdk.App()
 
-    WordpressStack(app, "WordpressStack", env=env.ENV_LOCAL)
+    WordpressStack(app, "WordpressStack")
 
     app.synth()
 
diff --git a/deployments/cdk/env.py b/deployments/cdk/env.py
@@ -1,7 +1,7 @@
 import aws_cdk as cdk
 
-ENV_PRODUCTION = cdk.Environment(account="886468871268", region="eu-central-1")
-ENV_STAGING = cdk.Environment(account="583952393159", region="eu-central-1")
-ENV_SHARED = cdk.Environment(account="385386232812", region="eu-central-1")
-ENV_SANDBOX = cdk.Environment(account="000000000000", region="us-east-1")
-ENV_LOCAL = cdk.Environment(account="000000000000", region="us-east-1")
+# ENV_PRODUCTION = cdk.Environment(account="886468871268", region="eu-central-1")
+# ENV_STAGING = cdk.Environment(account="583952393159", region="eu-central-1")
+# ENV_SHARED = cdk.Environment(account="385386232812", region="eu-central-1")
+# ENV_SANDBOX = cdk.Environment(account="000000000000", region="us-east-1")
+# ENV_LOCAL = cdk.Environment(account="000000000000", region="us-east-1")
diff --git a/deployments/cdk/wordpress.py b/deployments/cdk/wordpress.py
@@ -21,13 +21,13 @@ def __init__(self, scope: constructs.Construct, construct_id: str, **kwargs) ->
             self,
             "VPC",
             nat_gateways=1,
-            cidr="10.0.0.0/16",
+            ipaddress=ec2.IpAddresses.cidr("10.0.0.0/16"),
             subnet_configuration=[
                 ec2.SubnetConfiguration(
                     name="public", subnet_type=ec2.SubnetType.PUBLIC, cidr_mask=24
                 ),
                 ec2.SubnetConfiguration(
-                    name="private", subnet_type=ec2.SubnetType.PRIVATE_WITH_NAT, cidr_mask=24
+                    name="private", subnet_type=ec2.SubnetType.PRIVATE_WITH_EGRESS, cidr_mask=24
                 ),
             ],
         )
@@ -43,7 +43,7 @@ def __init__(self, scope: constructs.Construct, construct_id: str, **kwargs) ->
             self,
             "WordpressDatabase",
             credentials=rds.Credentials.from_password(
-                username=db_user, password=cdk.SecretValue.plain_text(db_password)
+                username=db_user, password=cdk.SecretValue.unsafe_plain_text(db_password)
             ),
             database_name=db_name,
             engine=rds.DatabaseInstanceEngine.MARIADB,
@@ -53,15 +53,20 @@ def __init__(self, scope: constructs.Construct, construct_id: str, **kwargs) ->
         # ECS cluster
         cluster = ecs.Cluster(self, "ServiceCluster", vpc=self.vpc)
 
+        wp_health_check = ecs.HealthCheck(
+            command=['CMD-SHELL', 'curl -s -o /dev/null -w "%{http_code}" http://localhost | grep -qE "200|301|302"'],
+            start_period=cdk.Duration.minutes(2)
+        )
+
         docker_image = ecs.ContainerImage.from_registry("wordpress")
         web_service = ecs_patterns.ApplicationLoadBalancedFargateService(
             self,
             "Wordpress",
             cluster=cluster,
             target_protocol=elbv2.ApplicationProtocol.HTTP,
             protocol=elbv2.ApplicationProtocol.HTTP,
+            health_check=wp_health_check,
             desired_count=1,
-            # container size
             cpu=512,
             memory_limit_mib=2048,
             task_image_options=ecs_patterns.ApplicationLoadBalancedTaskImageOptions(
@@ -78,4 +83,13 @@ def __init__(self, scope: constructs.Construct, construct_id: str, **kwargs) ->
             ),
         )
 
+        web_service.target_group.configure_health_check(
+            path="/index.php",
+            healthy_http_codes="200,301,302",
+            interval=cdk.Duration.seconds(120),
+            unhealthy_threshold_count=10
+        )
+
+        database.connections.allow_default_port_from(web_service.service.connections)
+
         # TODO: add APIGW and dns + cert
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "dependencies": {
-    "aws-cdk": "^2.20.0",
-    "aws-cdk-local": "^2.15.0"
+    "aws-cdk": "^2.139.1",
+    "aws-cdk-local": "^2.18.0"
   }
 }
diff --git a/setup.cfg b/setup.cfg
@@ -34,7 +34,7 @@ dev =
     %(deploy)s
 
 deploy =
-    aws-cdk-lib==2.20.0
+    aws-cdk-lib==2.139.1
     constructs>=10.0.0,<11.0.0
 
 [options.package_data]

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"dependencies": {`
`3`		`- "aws-cdk": "^2.20.0",`
`4`		`- "aws-cdk-local": "^2.15.0"`
	`3`	`+ "aws-cdk": "^2.139.1",`
	`4`	`+ "aws-cdk-local": "^2.18.0"`
`5`	`5`	`}`
`6`	`6`	`}`