HeatTemplateFormatVersion: '2012-12-12' Description: AWS CloudFormation Sample Template Parameters: KeyName: {Description: Name of an existing EC2 KeyPair to enable SSH access to the instances, Type: String} InstanceType: Description: WebServer EC2 instance type Type: String Default: m1.small AllowedValues: [m1.tiny, m1.small, m1.medium, m1.large, m1.xlarge] ConstraintDescription: must be a valid EC2 instance type. DBName: {Default: wordpress, Description: The WordPress database name, Type: String, MinLength: '1', MaxLength: '64', AllowedPattern: '[a-zA-Z][a-zA-Z0-9]*', ConstraintDescription: must begin with a letter and contain only alphanumeric characters.} DBUsername: {Default: admin, NoEcho: 'true', Description: The WordPress database admin account username, Type: String, MinLength: '1', MaxLength: '16', AllowedPattern: '[a-zA-Z][a-zA-Z0-9]*', ConstraintDescription: must begin with a letter and contain only alphanumeric characters.} DBPassword: {Default: admin, NoEcho: 'true', Description: The WordPress database admin account password, Type: String, MinLength: '1', MaxLength: '41', AllowedPattern: '[a-zA-Z0-9]*', ConstraintDescription: must contain only alphanumeric characters.} DBRootPassword: {Default: admin, NoEcho: 'true', Description: Root password for MySQL, Type: String, MinLength: '1', MaxLength: '41', AllowedPattern: '[a-zA-Z0-9]*', ConstraintDescription: must contain only alphanumeric characters.} LinuxDistribution: Default: F17 Description: Distribution of choice Type: String AllowedValues: [F18, F17, U10, RHEL-6.1, RHEL-6.2, RHEL-6.3] Mappings: AWSInstanceType2Arch: m1.tiny: {Arch: '32'} m1.small: {Arch: '64'} m1.medium: {Arch: '64'} m1.large: {Arch: '64'} m1.xlarge: {Arch: '64'} DistroArch2AMI: F18: {'32': F18-i386-cfntools, '64': F18-x86_64-cfntools} F17: {'32': F17-i386-cfntools, '64': F17-x86_64-cfntools} U10: {'32': U10-i386-cfntools, '64': U10-x86_64-cfntools} RHEL-6.1: {'32': rhel61-i386-cfntools, '64': rhel61-x86_64-cfntools} RHEL-6.2: {'32': rhel62-i386-cfntools, '64': rhel62-x86_64-cfntools} RHEL-6.3: {'32': rhel63-i386-cfntools, '64': rhel63-x86_64-cfntools} Resources: CfnUser: {Type: 'AWS::IAM::User'} WebServerKeys: Type: AWS::IAM::AccessKey Properties: UserName: {Ref: CfnUser} WebServerGroup: Type: AWS::AutoScaling::AutoScalingGroup Properties: AvailabilityZones: {'Fn::GetAZs': ''} LaunchConfigurationName: {Ref: LaunchConfig} MinSize: '1' MaxSize: '3' LoadBalancerNames: - {Ref: ElasticLoadBalancer} WebServerScaleUpPolicy: Type: AWS::AutoScaling::ScalingPolicy Properties: AdjustmentType: ChangeInCapacity AutoScalingGroupName: {Ref: WebServerGroup} Cooldown: '60' ScalingAdjustment: '1' WebServerScaleDownPolicy: Type: AWS::AutoScaling::ScalingPolicy Properties: AdjustmentType: ChangeInCapacity AutoScalingGroupName: {Ref: WebServerGroup} Cooldown: '60' ScalingAdjustment: '-1' MEMAlarmHigh: Type: AWS::CloudWatch::Alarm Properties: AlarmDescription: Scale-up if MEM > 50% for 1 minute MetricName: MemoryUtilization Namespace: system/linux Statistic: Average Period: '60' EvaluationPeriods: '1' Threshold: '50' AlarmActions: - {Ref: WebServerScaleUpPolicy} Dimensions: - Name: AutoScalingGroupName Value: {Ref: WebServerGroup} ComparisonOperator: GreaterThanThreshold MEMAlarmLow: Type: AWS::CloudWatch::Alarm Properties: AlarmDescription: Scale-down if MEM < 15% for 1 minute MetricName: MemoryUtilization Namespace: system/linux Statistic: Average Period: '60' EvaluationPeriods: '1' Threshold: '15' AlarmActions: - {Ref: WebServerScaleDownPolicy} Dimensions: - Name: AutoScalingGroupName Value: {Ref: WebServerGroup} ComparisonOperator: LessThanThreshold ElasticLoadBalancer: Type: AWS::ElasticLoadBalancing::LoadBalancer Properties: AvailabilityZones: {'Fn::GetAZs': ''} Listeners: - {LoadBalancerPort: '80', InstancePort: '80', Protocol: HTTP} HealthCheck: {Target: 'HTTP:80/', HealthyThreshold: '3', UnhealthyThreshold: '5', Interval: '30', Timeout: '5'} LaunchConfig: Type: AWS::AutoScaling::LaunchConfiguration Metadata: AWS::CloudFormation::Init: config: files: /etc/cfn/cfn-credentials: content: Fn::Join: - '' - - AWSAccessKeyId= - {Ref: WebServerKeys} - ' ' - AWSSecretKey= - Fn::GetAtt: [WebServerKeys, SecretAccessKey] - ' ' mode: '000400' owner: root group: root /tmp/setup.mysql: content: Fn::Join: - '' - - 'CREATE DATABASE ' - {Ref: DBName} - '; ' - 'GRANT ALL PRIVILEGES ON ' - {Ref: DBName} - .* TO ' - {Ref: DBUsername} - '''@''localhost'' ' - IDENTIFIED BY ' - {Ref: DBPassword} - '''; ' - 'FLUSH PRIVILEGES; ' - 'EXIT ' mode: '000644' owner: root group: root /tmp/stats-crontab.txt: content: Fn::Join: - '' - - 'MAIL="" ' - ' ' - '* * * * * /opt/aws/bin/cfn-push-stats --watch ' - {Ref: MEMAlarmHigh} - ' --mem-util ' - '* * * * * /opt/aws/bin/cfn-push-stats --watch ' - {Ref: MEMAlarmLow} - ' --mem-util ' mode: '000600' owner: root group: root packages: yum: python-psutil: [] cronie: [] mysql: [] mysql-server: [] httpd: [] wordpress: [] services: systemd: mysqld: {enabled: 'true', ensureRunning: 'true'} httpd: {enabled: 'true', ensureRunning: 'true'} crond: {enabled: 'true', ensureRunning: 'true'} Properties: ImageId: Fn::FindInMap: - DistroArch2AMI - {Ref: LinuxDistribution} - Fn::FindInMap: - AWSInstanceType2Arch - {Ref: InstanceType} - Arch InstanceType: {Ref: InstanceType} KeyName: {Ref: KeyName} UserData: Fn::Base64: Fn::Join: - '' - - '#!/bin/bash -v ' - '/opt/aws/bin/cfn-init -s ' - {Ref: 'AWS::StackName'} - ' -r LaunchConfig ' - ' --region ' - {Ref: 'AWS::Region'} - ' ' - '# Setup MySQL root password and create a user ' - mysqladmin -u root password ' - {Ref: DBRootPassword} - ''' ' - mysql -u root --password=' - {Ref: DBRootPassword} - ''' < /tmp/setup.mysql ' - 'sed -i "/Deny from All/d" /etc/httpd/conf.d/wordpress.conf ' - sed --in-place --e s/database_name_here/ - {Ref: DBName} - / --e s/username_here/ - {Ref: DBUsername} - / --e s/password_here/ - {Ref: DBPassword} - '/ /usr/share/wordpress/wp-config.php ' - 'systemctl restart httpd.service ' - '# install crontab ' - 'crontab /tmp/stats-crontab.txt ' Outputs: URL: Description: The URL of the website Value: Fn::Join: - '' - - http:// - Fn::GetAtt: [ElasticLoadBalancer, DNSName] - /wordpress