Unverified Commit 41df37e0 authored by Jacob Cain's avatar Jacob Cain Committed by GitHub
Browse files

Remove aws config files from fastapi (#52) 

* remove fastapi

* add gitignore

* add back most fastapi files
parent bd9da63a

.gitignore

0 → 100644
+1 −0
Original line number Diff line number Diff line 
.DS_Store
 
 No newline at end of file

fastapi/aws/aws-stack.yml

deleted100644 → 0
+0 −165
Original line number Diff line number Diff line 
AWSTemplateFormatVersion: 2010-09-09

Description: spiceql

Resources:

  SpiceQLECSLaunchTemplate:

    Type: AWS::EC2::LaunchTemplate

    DependsOn: ECSCluster

    Properties:

      LaunchTemplateData:

        ImageId: /aws/service/ecs/optimized-ami/amazon-linux-2/kernel-5.10/recommended/image_id

        KeyName: AscEc2DevKey

        IamInstanceProfile:

          Arn: !Ref 'IamRoleInstanceProfile'

        BlockDeviceMappings:

          - DeviceName: /dev/xvda

            Ebs:

              VolumeSize: '5000'

        UserData: !Base64

          Fn::Sub:

            - "#!/bin/bash \necho ECS_CLUSTER=${ClusterName} >> /etc/ecs/ecs.config;"

            - ClusterName: !Ref 'ECSClusterName'

  SpiceQLProdLogGroupSlot1:

    Type: 'AWS::Logs::LogGroup'

    Properties:

      LogGroupName: spiceql_prod_slot1_log_group

    Metadata:

      'AWS::CloudFormation::Designer':

        id: e9e7c015-1dda-480c-98e4-c4795d48e148

  SpiceQLProdTaskDefSlot1:

    Type: 'AWS::ECS::TaskDefinition'

    Properties:

      RequiresCompatibilities:

        - EC2 #FARGATE

      ExecutionRoleArn: 'arn:aws:iam::950438895271:role/csr-EcsTask-Role'

      Cpu: 4096

      Memory: 8192

      NetworkMode: awsvpc

      Volumes:

        - Name: spiceql-ebs

          ConfiguredAtLaunch: true

          DockerVolumeConfiguration:

            Scope: shared

      ContainerDefinitions:

        - Name: spiceql_prod_slot1_container

          Image: 950438895271.dkr.ecr.us-west-2.amazonaws.com/spiceql:latest'

          MountPoints:

            - SourceVolume: spiceql-ebs

              ContainerPath: /mnt/isis_data

              ReadOnly: true

          PortMappings:

            - ContainerPort: 80

          LogConfiguration:

            LogDriver: awslogs

            Options:

              awslogs-region: !Ref 'AWS::Region'

              awslogs-group: !Ref SpiceQLProdLogGroupSlot1

              awslogs-stream-prefix: ecs

          Environment: 

            - Name: SPICEROOT

              Value: /mnt/isis_data

            - Name: SPICEQL_LOG_LEVEL

              Value: DEBUG

            - Name: SSPICE_DEBUG

              Value: TRUE

  SpiceQLProdECSClusterSlot1:

    Type: 'AWS::ECS::Cluster'

    Properties:

      ClusterName: spiceqlProdCluster_slot1

      ClusterSettings: 

        - Name: containerInsights 

          Value: enabled

  SpiceQLProdLBSlot1:

    Type: 'AWS::ElasticLoadBalancingV2::LoadBalancer'

    Properties:

      Name: spiceql-prod-slot1-LB

      Scheme: internal

      Subnets:

        - subnet-0567fccf47f9b29a0

        - subnet-0326c18b7c38caa73

      Type: application

      SecurityGroups:

        - !GetAtt SpiceQLProdLBSGSlot1.GroupId

  SpiceQLProdTGSlot1:

    Type: 'AWS::ElasticLoadBalancingV2::TargetGroup'

    Properties:

      Name: spiceql-prod-slot1-TG

      VpcId: vpc-004f1e36134bcaa04

      Protocol: HTTP

      Port: 80

      TargetType: ip

      HealthCheckPath: /

  SpiceQLProdListenerSlot1:

    Type: 'AWS::ElasticLoadBalancingV2::Listener'

    Properties:

      DefaultActions:

        - TargetGroupArn: !Ref SpiceQLProdTGSlot1

          Type: forward

      LoadBalancerArn: !Ref SpiceQLProdLBSlot1

      Port: 443

      Protocol: HTTPS

      SslPolicy: ELBSecurityPolicy-FS-1-2-Res-2020-10

      Certificates:

        - CertificateArn: >-

            arn:aws:acm:us-west-2:950438895271:certificate/6aa50410-fb5a-4300-888f-55aae14463df

  SpiceQLProdLBSGSlot1:

    Type: 'AWS::EC2::SecurityGroup'

    Properties:

      VpcId: vpc-004f1e36134bcaa04

      GroupDescription: SG for the Fargate ALB

      GroupName: spiceql-prod-slot1-LBSG

      SecurityGroupIngress:

        - CidrIpv6: '::/0'

          FromPort: 80

          ToPort: 443

          IpProtocol: TCP

          Description: Inbound rule for IPv6 traffic

        - CidrIp: 0.0.0.0/0

          FromPort: 80

          ToPort: 443

          IpProtocol: TCP

          Description: Inbound rule for IPv4 traffic

  SpiceQLProdContainerSGSlot1:

    Type: 'AWS::EC2::SecurityGroup'

    Properties:

      GroupName: spiceql_prod_slot1_sg

      GroupDescription: Security group for NGINX container

      VpcId: vpc-004f1e36134bcaa04

      SecurityGroupIngress:

        - IpProtocol: -1

          SourceSecurityGroupId: !GetAtt SpiceQLProdLBSGSlot1.GroupId

          Description: Inbound rule for all traffic

  SpiceQLProdDNSSlot1:

    Type: 'AWS::Route53::RecordSet'

    Properties:

      HostedZoneName: prod-asc.chs.usgs.gov.

      Name: spiceql-slot1.prod-asc.chs.usgs.gov

      Type: A

      AliasTarget:

        HostedZoneId: !GetAtt SpiceQLProdLBSlot1.CanonicalHostedZoneID

        DNSName: !GetAtt SpiceQLProdLBSlot1.DNSName

  SpiceQLProdECSServiceSlot1:

    Type: 'AWS::ECS::Service'

    DependsOn:

      - SpiceQLProdListenerSlot1

    Properties:

      LaunchType: FARGATE

      Cluster:

        Ref: SpiceQLProdECSClusterSlot1

      DesiredCount: 1

      TaskDefinition:

        Ref: SpiceQLProdTaskDefSlot1

      DeploymentConfiguration:

        MaximumPercent: 100

        MinimumHealthyPercent: 0

      NetworkConfiguration:

        AwsvpcConfiguration:

          AssignPublicIp: DISABLED

          SecurityGroups:

            - !GetAtt SpiceQLProdContainerSGSlot1.GroupId

          Subnets:

            - subnet-0326c18b7c38caa73

      LoadBalancers:

        - TargetGroupArn:

            Ref: SpiceQLProdTGSlot1

          ContainerPort: 80 

          ContainerName: spiceql_prod_slot1_container