INTRODUCTION

Automating AWS with CloudFormation

Manage Infrastructure Manually

- Good way to start

- Perfect for Proof-of-Conceptand Prototyping

A u to m ate Infrastructure

- Improve quality and efficiency

- Major benefit ofusing AWS

Background Knowledge

Virtual Mac hine

O b j e c t S to ra g e

EC2S e c urity

Gro up

SG

Private N e two rk

VPCS Q L

Database

RDS

N o S Q LDatabase

S3 DDBR o ute53

D N S

R53 …

Automation vs. Manual Work

H i g h co sts Managing

infrastruc turemanual ly is ineff ic ient

Managing AWS Manually

L o w qual ity Fai lures a n d o u ta g e s o ccur dur ing manual

c h a n g e s

L o w flexibi l i ty C h a n g i n g

infrastructure is c o mp lex and therefore

avo ided

A d a m , D e v O p s eng ineer at Cotocus

Frustrated with current situation

Goals

- Lower costs

- Improve quality

- Improve flexibility

S p e e d u p Re p l a c i n g manual

wo r k impro ves e ff i c iency

Advantages of Automating Infrastructure

A u to m ate d test ing Test ing infrastructure c h a n g e s like test ing

software

Do cumentat io n C o d e d o c u m ent s h o w

to m a n a g e infrastru cture

W h at is the b ig gest a d va nta ge of A m a zo n

We b Services?

Every part of AWS is controllable via an

API

AWS API EnablesAutomation

Controlling AWS with an API

Virtual Mac hine

O b j e c t S to ra g e

EC2S e c urity

Gro up

SG

Private N e two rk

VPCS Q L

Database

RDS R53

S3R o ute53

D N S

A P I

L a u n c h E C 2 instance

Create Secur ity G ro u p

U p d ate R D S database conf igurat ion

Create networking infrastructure

A d d n e w IAM user

…

API Usage Examples

Command Line Interface (CLI)

A c c e s s A P I from Terminal or write small She l l sc r ipts

Software Development Kit (SDK)

A c c e s s A P I f ro m p r o g r a m m i n g l a n g u a g e o f yo ur choice: Java , PHP,

JavasScr ipt , Ruby, Pytho n, …

Tools to Access AWS API

Res o lve dependen c ies

- RDS database needs to be created before EC2 instances arecreated.

- Security Groups needs to be created before EC2 instance iscreated.

U p d ate infrastructure

- Which steps are necessary toupdate existing infrastructure?

- Hard codedtransformation not very flexible.

Describing Infrastructure in Code

B lue p rint InfrastructureTo o ling

Def ine target state

Transform current state

into target state

D e s c r ib in g infrastructure in c o d e

- Resolves dependencies automatically

- Creates, updates or deletes infrastructure

- Performs idempotent and predictable changes to infrastructure

D es cr ib in g A W S infrastructure in c o d e

S u p p orts 9 5 % of serv ices on A W S

Maintained b yA m a zon

F ree to use

AWS CloudFormation

CloudFormation Key Concepts

J S O N

Re sourc e R elationship s

Fe e d b a c k

Re usab le

Interact ive

Aut omat e d

Delete

Deleting all resources of a stack in the right

order based on their dependencies.

Update

Updating existing stacks by making

changes to existing resources.

Create

Creating resources inthe right order basedon their dependencies.

Features of CloudFormation

A u to m ate a lmost every part of A W S with C lo u d Format ion

L e a rn h o w to automate:

- EC2 Instance

- VPC

- Security Group

- RDS

Use C lo u d Fo rm atio n to create stacks

- Managment Console

- Command Line Interface

Create C lo u d Fo rm at io n templates

Resource

Resource

Resource

DEV

Resource

Resource

Resource

Resource

PROD

Resource

Production Development

Using Cloud Formation, You may

EC2Instance

IAMRole

Security

Group

RDSDatabase

DynamoDB

Table

Launch

Configuration

VPCSubnet

A u tom a t in g infrastructure

- Lower costs

- Improve quality

- Improve flexibility

D es cr ib in g infrastructure in c o d e

- Noscripting or programming needed

- Perfect tool for thejob

A W S C lou d F orma t ion

- Describing AWS infrastructure incode

- Highly integrated withAWS

Conc l u s i on

Let’s start!

Create, Test, and Delete Infrastructure with CloudFormation

Objective

CloudFormation TemplatesService toprovision resources using templates

JSON Document

Contains configuration forresources Can be used in

Version Control

No limit to amount of resources

CloudFormation Template

"Type": "AWS::EC2::Instance",

"Properties": {

"ImageId": "ami-bff32ccc",

"InstanceType": "t2.nano”

}

TemplateWritten in J S O N descr ib ing the target state of the infrastructure.

Pre-existing VPC

CloudFormation

Template

EC2

Instance

IAMRole

Security

Group

CloudFormation Stack

RDS Instance

DynamoDB Table

VPC

Stack

EC2 Instance

RDS Instance

DynamoCDloBudTFaobrlmeation

Template

VPC

Stack

EC2 Instance

Other CloudFormation Operations

Updating a Stack

Deleting a Stack

Updating a stack may require resources to restart

Deleting a stackremoves all resources created in that stack

CloudFormation onlycreates the resources you explicitly configure in the

template

CloudFormer

Creates a CloudFormation template based on existing infrastructure

1 Template=

Multiple Stacks

Stack, Instance of a Template

Virtual Mac hine

O b j e c t S to ra g e

EC2S e c urity

Gro up

SG

Private N e two rk

VPCS Q L

Database

RDS

N o S Q LDatabase

S3 DDBR o ute53

D N S

R53 …

AWS CloudFormation

J S O N -Template

S tac kC lo ud F o rm ation

Def ine all n e e d e d A W S resources and

co nf igure them

current state into target

state

Instance o f template

r unning in an A W S regio n

CF

Transform

Custom Resources

AW SRe sourc e s

3 r d Part yRe sourc e s

S N S - b a c ke d c u stom resources

L a m b d a - b a c ke d c u stom resources

Custom Resources

DemoS im p le W ord P res s environment

- EC2 instance running WebServer

- RDS instance with MySQLengine

- Security Groups

H ave a look at template def in ing target state

Create stack b a s ed on template

Tex t Editor

I D E Integration

- Eclipse

- Visual Studio

AW S C lo u d Fo rmat ion Designer

- Graphical tool for creatingtemplates

- Part of AWSManagement Console