2025-01-17_Global Accelerator

seoul

Parameters:

KeyName:

Description: existing EC2 KeyPair, SSH access to the instances.

Type: AWS::EC2::KeyPair::KeyName

ConstraintDescription: name of an existing EC2 KeyPair.

Resources:

SeoulAWSVPC:

Type: AWS::EC2::VPC

Properties:

CidrBlock: 10.1.0.0/16

EnableDnsHostnames: true

EnableDnsSupport: true

# InstanceTenancy: "String"

# Ipv4IpamPoolId: "String"

# Ipv4NetmaskLength: "Number"

Tags:

- Key: Name

Value: Seoul-AWS-VPC

PublicSN1:

Type: AWS::EC2::Subnet

Properties:

AvailabilityZone: ap-northeast-2a

CidrBlock: 10.1.1.0/24

Tags:

- Key: Name

Value: Public-SN-1

VpcId: !Ref SeoulAWSVPC

PublicSN2:

Type: AWS::EC2::Subnet

Properties:

AvailabilityZone: ap-northeast-2c

CidrBlock: 10.1.2.0/24

Tags:

- Key: Name

Value: Public-SN-2

VpcId: !Ref SeoulAWSVPC

PrivateSN1:

Type: AWS::EC2::Subnet

Properties:

AvailabilityZone: ap-northeast-2a

CidrBlock: 10.1.3.0/24

Tags:

- Key: Name

Value: Private-SN-1

VpcId: !Ref SeoulAWSVPC

PrivateSN2:

Type: AWS::EC2::Subnet

Properties:

AvailabilityZone: ap-northeast-2c

CidrBlock: 10.1.4.0/24

Tags:

- Key: Name

Value: Private-SN-2

VpcId: !Ref SeoulAWSVPC

SeoulAWSIGW:

Type: AWS::EC2::InternetGateway

Properties:

Tags:

- Key: Name

Value: Seoul-AWS-IGW

SeoulIGWAttachment:

Type: AWS::EC2::VPCGatewayAttachment

Properties:

InternetGatewayId: !Ref SeoulAWSIGW

VpcId: !Ref SeoulAWSVPC

SeoulAWSRT:

Type: AWS::EC2::RouteTable

Properties:

VpcId: !Ref SeoulAWSVPC

Tags:

- Key: Name

Value: CloudNeta-Public-RT

SeoulDefaultRoute:

Type: AWS::EC2::Route

DependsOn: SeoulIGWAttachment

Properties:

RouteTableId: !Ref SeoulAWSRT

DestinationCidrBlock: 0.0.0.0/0

GatewayId: !Ref SeoulAWSIGW

SeoulPublicSNRouteTableAssociation1:

Type: AWS::EC2::SubnetRouteTableAssociation

Properties:

RouteTableId: !Ref SeoulAWSRT

SubnetId: !Ref PublicSN1

SeoulPublicSNRouteTableAssociation2:

Type: AWS::EC2::SubnetRouteTableAssociation

Properties:

RouteTableId: !Ref SeoulAWSRT

SubnetId: !Ref PublicSN2

SeoulPrivateSNRouteTableAssociation1:

Type: AWS::EC2::SubnetRouteTableAssociation

Properties:

RouteTableId: !Ref SeoulAWSRT

SubnetId: !Ref PrivateSN1

SeoulPrivateSNRouteTableAssociation2:

Type: AWS::EC2::SubnetRouteTableAssociation

Properties:

RouteTableId: !Ref SeoulAWSRT

SubnetId: !Ref PrivateSN2

SeoulSG:

Type: AWS::EC2::SecurityGroup

Properties:

GroupDescription: Enable HTTP access via port 80 and SSH access via port 22

VpcId: !Ref SeoulAWSVPC

SecurityGroupIngress:

- IpProtocol: tcp

FromPort: 80

ToPort: 80

CidrIp: 0.0.0.0/0

- IpProtocol: tcp

FromPort: 22

ToPort: 22

CidrIp: 0.0.0.0/0

- IpProtocol: icmp

FromPort: -1

ToPort: -1

CidrIp: 0.0.0.0/0

- IpProtocol: tcp

FromPort: 443

ToPort: 443

CidrIp: 0.0.0.0/0

NetPublicEC21:

Type: AWS::EC2::Instance

Properties:

InstanceType: t2.micro

ImageId: ami-048c8b90bfe9b49b8

KeyName: !Ref KeyName

Tags:

- Key: Name

Value: Net-Public-EC21

NetworkInterfaces:

- DeviceIndex: 0

SubnetId: !Ref PublicSN1

GroupSet:

- !Ref SeoulSG

AssociatePublicIpAddress: true

UserData:

Fn::Base64:

!Sub |

#! /bin/bash

amazon-linux-extras install epel -y

yum install httpd -y

systemctl enable --now httpd

echo "<h1> ho </h1>" > /var/www/html/

NetPublicEC22:

Type: AWS::EC2::Instance

Properties:

InstanceType: t2.micro

ImageId: ami-048c8b90bfe9b49b8

KeyName: !Ref KeyName

Tags:

- Key: Name

Value: Net-Public-EC22

NetworkInterfaces:

- DeviceIndex: 0

SubnetId: !Ref PublicSN1

GroupSet:

- !Ref SeoulSG

AssociatePublicIpAddress: true

UserData:

Fn::Base64:

!Sub |

#! /bin/bash

amazon-linux-extras install epel -y

yum install httpd -y

systemctl enable --now httpd

echo "<h1> ho </h1>" > /var/www/html/

NetPrivateEC21:

Type: AWS::EC2::Instance

Properties:

InstanceType: t2.micro

ImageId: ami-048c8b90bfe9b49b8

KeyName: !Ref KeyName

Tags:

- Key: Name

Value: Net-Private-EC21

NetworkInterfaces:

- DeviceIndex: 0

SubnetId: !Ref PrivateSN1

GroupSet:

- !Ref SeoulSG

UserData:

Fn::Base64:

!Sub |

#! /bin/bash

amazon-linux-extras install epel -y

yum install httpd -y

systemctl enable --now httpd

echo "<h1> ho </h1>" > /var/www/html/

NetPrivateEC22:

Type: AWS::EC2::Instance

Properties:

InstanceType: t2.micro

ImageId: ami-048c8b90bfe9b49b8

KeyName: !Ref KeyName

Tags:

- Key: Name

Value: Net-Private-EC22

NetworkInterfaces:

- DeviceIndex: 0

SubnetId: !Ref PrivateSN1

GroupSet:

- !Ref SeoulSG

UserData:

Fn::Base64:

!Sub |

#! /bin/bash

amazon-linux-extras install epel -y

yum install httpd -y

systemctl enable --now httpd

echo "<h1> ho </h1>" > /var/www/html/

ALBTG:

Type: AWS::ElasticLoadBalancingV2::TargetGroup

Properties:

Name: ALB-TG

Port: 80

Protocol: TCP

HealthCheckPort: 80

VpcId: !Ref SeoulAWSVPC

Targets:

- Id: !Ref NetPrivateEC21

Port: 80

- Id: !Ref NetPrivateEC22

Port: 80

ALB:

Type: AWS::ElasticLoadBalancingV2::LoadBalancer

DependsOn: SeoulIGWAttachment

Properties:

Type: network

Name: ALB

Scheme: internal

Subnets:

- !Ref PrivateSN1

- !Ref PrivateSN2

SecurityGroups:

- !Ref SeoulSG

Tags:

- Key: Name

Value: ALB

ALBListener:

Type: AWS::ElasticLoadBalancingV2::Listener

Properties:

DefaultActions:

- Type: forward

TargetGroupArn: !Ref ALBTG

LoadBalancerArn: !Ref ALB

Port: 80

Protocol: TCP

SeoulPrivateDNS:

Type: AWS::Route53::HostedZone

DependsOn: SeoulAWSVPC

Properties:

Name: seoul.internal

VPCs:

- VPCId: !Ref SeoulAWSVPC

VPCRegion: ap-northeast-2

HostedZoneTags:

- Key: Name

Value: SeoulDomain

DNSRecordinstance1:

Type: AWS::Route53::RecordSet

Properties:

HostedZoneId: !Ref SeoulPrivateDNS

Name: NetPublicEC21.seoul.internal

Type: A

TTL: 60

ResourceRecords:

- !GetAtt NetPublicEC21.PrivateIp

DNSRecordinstance2:

Type: AWS::Route53::RecordSet

Properties:

HostedZoneId: !Ref SeoulPrivateDNS

Name: NetPublicEC22.seoul.internal

Type: A

TTL: 60

ResourceRecords:

- !GetAtt NetPublicEC22.PrivateIp

sydney

Parameters:

KeyName:

Description: Name of an existing EC2 KeyPair to enable SSH access to the instances. Linked to AWS Parameter

Type: AWS::EC2::KeyPair::KeyName

ConstraintDescription: must be the name of an existing EC2 KeyPair.

Resources:

SYDNEYVPC:

Type: AWS::EC2::VPC

Properties:

CidrBlock: 10.0.0.0/16

Tags:

- Key: Name

Value: SYDNEY-VPC

SYDNEYPublicSN1:

Type: AWS::EC2::Subnet

Properties:

VpcId: !Ref SYDNEYVPC

AvailabilityZone: ap-southeast-2a

CidrBlock: 10.0.0.0/24

Tags:

- Key: Name

Value: SYDNEY-Public-SN-1

SYDNEYPublicSN2:

Type: AWS::EC2::Subnet

Properties:

VpcId: !Ref SYDNEYVPC

AvailabilityZone: ap-southeast-2c

CidrBlock: 10.0.1.0/24

Tags:

- Key: Name

Value: SYDNEY-Public-SN-2

SYDNEYPublicRT:

Type: AWS::EC2::RouteTable

Properties:

VpcId: !Ref SYDNEYVPC

Tags:

- Key: Name

Value: SYDNEY-Public-RT

SYDNEYPublicSNRouteTableAssociation1:

Type: AWS::EC2::SubnetRouteTableAssociation

Properties:

RouteTableId: !Ref SYDNEYPublicRT

SubnetId: !Ref SYDNEYPublicSN1

SYDNEYPublicSNRouteTableAssociation2:

Type: AWS::EC2::SubnetRouteTableAssociation

Properties:

RouteTableId: !Ref SYDNEYPublicRT

SubnetId: !Ref SYDNEYPublicSN2

SYDNEY1GW:

Type: AWS::EC2::InternetGateway

Properties:

Tags:

- Key: Name

Value: SYDNEY-1GW

SYDNEYGWAttachment:

Type: AWS::EC2::VPCGatewayAttachment

Properties:

InternetGatewayId: !Ref SYDNEY1GW

VpcId: !Ref SYDNEYVPC

MyRoute:

Type: AWS::EC2::Route

Properties:

RouteTableId: !Ref SYDNEYPublicRT

DestinationCidrBlock: 0.0.0.0/0

GatewayId: !Ref SYDNEY1GW

SYDNEYSG:

Type: AWS::EC2::SecurityGroup

Properties:

GroupDescription: Enable HTTP 80 and SSH 22

VpcId: !Ref SYDNEYVPC

SecurityGroupIngress:

- IpProtocol: tcp

FromPort: 80

ToPort: 80

CidrIp: 0.0.0.0/0

- IpProtocol: tcp

FromPort: 22

ToPort: 22

CidrIp: 0.0.0.0/0

- IpProtocol: icmp

FromPort: -1

ToPort: -1

CidrIp: 0.0.0.0/0

SYDNEYEC21:

Type: AWS::EC2::Instance

Properties:

ImageId: ami-0ae2704094d17d4ec

InstanceType: t2.micro

KeyName: !Ref KeyName

Tags:

- Key: Name

Value: SYDNEY-EC21

NetworkInterfaces:

- DeviceIndex: 0

SubnetId: !Ref SYDNEYPublicSN1

GroupSet:

- !Ref SYDNEYSG

AssociatePublicIpAddress: true

UserData:

Fn::Base64:

!Sub |

#! /bin/bash

wget https://cloudneta.github.io/test.jpg

wget -P /usr/share/nginx/html/ https://cloudneta.github.io/test.jpg

amazon-linux-extras install -y nginx1.12

echo "<head><link rel='icon' href='data:;base64,iVBORw0KGgo='></head><h1>SYDNEYEC21ont Test!!</h1><img src='test.jpg'>" > /usr/share/nginx/html/index.html

systemctl start nginx

systemctl enable nginx

SYDNEYEC22:

Type: AWS::EC2::Instance

Properties:

ImageId: ami-0ae2704094d17d4ec

InstanceType: t2.micro

KeyName: !Ref KeyName

Tags:

- Key: Name

Value: SYDNEY-EC22

NetworkInterfaces:

- DeviceIndex: 0

SubnetId: !Ref SYDNEYPublicSN2

GroupSet:

- !Ref SYDNEYSG

AssociatePublicIpAddress: true

UserData:

Fn::Base64:

!Sub |

#! /bin/bash

wget https://cloudneta.github.io/test.jpg

wget -P /usr/share/nginx/html/ https://cloudneta.github.io/test.jpg

amazon-linux-extras install -y nginx1.12

echo "<head><link rel='icon' href='data:;base64,iVBORw0KGgo='></head><h1>SYDNEYEC22@ CloudFront Test!!</h1><img src='test.jpg'>" > /usr/share/nginx/html/index.html

systemctl start nginx

systemctl enable nginx

SYDNEY:

Type: AWS::EC2::Instance

Properties:

ImageId: ami-0ae2704094d17d4ec

InstanceType: t2.micro

KeyName: !Ref KeyName

Tags:

- Key: Name

Value: SYDNEY-EC21

NetworkInterfaces:

- DeviceIndex: 0

SubnetId: !Ref SYDNEYPublicSN1

GroupSet:

- !Ref SYDNEYSG

AssociatePublicIpAddress: true

UserData:

Fn::Base64:

!Sub |

#! /bin/bash

wget https://cloudneta.github.io/test.jpg

wget -P /usr/share/nginx/html/ https://cloudneta.github.io/test.jpg

amazon-linux-extras install -y nginx1.12

echo "<head><link rel='icon' href='data:;base64,iVBORw0KGgo='></head><h1>SYDNEYEC21ont Test!!</h1><img src='test.jpg'>" > /usr/share/nginx/html/index.html

systemctl start nginx

systemctl enable nginx

ALBTargetGroup:

Type: AWS::ElasticLoadBalancingV2::TargetGroup

Properties:

Name: SYD-ALB-TG

Port: 80

Protocol: HTTP

VpcId: !Ref SYDNEYVPC

Targets:

- Id: !Ref SYDNEYEC21

Port: 80

- Id: !Ref SYDNEYEC22

Port: 80

ApplicationLoadBalancer:

Type: AWS::ElasticLoadBalancingV2::LoadBalancer

Properties:

Name: SYDNEY-ALB

Scheme: internet-facing

SecurityGroups:

- !Ref SYDNEYSG

Subnets:

- !Ref SYDNEYPublicSN1

- !Ref SYDNEYPublicSN2

ALBListener:

Type: AWS::ElasticLoadBalancingV2::Listener

Properties:

DefaultActions:

- Type: forward

TargetGroupArn: !Ref ALBTargetGroup

LoadBalancerArn: !Ref ApplicationLoadBalancer

Port: 80

Protocol: HTTP

saopaulo

Parameters:

KeyName:

Description: Name of an existing EC2 KeyPair to enable SSH access to the instances. Linked to AWS Parameter

Type: AWS::EC2::KeyPair::KeyName

ConstraintDescription: must be the name of an existing EC2 KeyPair.

Resources:

SAOPAULOVPC:

Type: AWS::EC2::VPC

Properties:

CidrBlock: 10.0.0.0/16

Tags:

- Key: Name

Value: SAOPAULO-VPC

SAOPAULOPublicSN1:

Type: AWS::EC2::Subnet

Properties:

VpcId: !Ref SAOPAULOVPC

AvailabilityZone: sa-east-1a

CidrBlock: 10.0.0.0/24

Tags:

- Key: Name

Value: SAOPAULO-Public-SN-1

SAOPAULOPublicSN2:

Type: AWS::EC2::Subnet

Properties:

VpcId: !Ref SAOPAULOVPC

AvailabilityZone: sa-east-1c

CidrBlock: 10.0.1.0/24

Tags:

- Key: Name

Value: SAOPAULO-Public-SN-2

SAOPAULOPublicRT:

Type: AWS::EC2::RouteTable

Properties:

VpcId: !Ref SAOPAULOVPC

Tags:

- Key: Name

Value: SYDNEY-Public-RT

SAOPAULOPublicSNRouteTableAssociation1:

Type: AWS::EC2::SubnetRouteTableAssociation

Properties:

RouteTableId: !Ref SAOPAULOPublicRT

SubnetId: !Ref SAOPAULOPublicSN1

SAOPAULOPublicSNRouteTableAssociation2:

Type: AWS::EC2::SubnetRouteTableAssociation

Properties:

RouteTableId: !Ref SAOPAULOPublicRT

SubnetId: !Ref SAOPAULOPublicSN2

SAOPAULO1GW:

Type: AWS::EC2::InternetGateway

Properties:

Tags:

- Key: Name

Value: SAOPAULO-1GW

SAOPAULOGWAttachment:

Type: AWS::EC2::VPCGatewayAttachment

Properties:

InternetGatewayId: !Ref SAOPAULO1GW

VpcId: !Ref SAOPAULOVPC

MyRoute:

Type: AWS::EC2::Route

DependsOn: SAOPAULOGWAttachment

Properties:

RouteTableId: !Ref SAOPAULOPublicRT

DestinationCidrBlock: 0.0.0.0/0

GatewayId: !Ref SAOPAULO1GW

SAOPAULOSG:

Type: AWS::EC2::SecurityGroup

Properties:

GroupDescription: Enable HTTP 80 and SSH 22

VpcId: !Ref SAOPAULOVPC

SecurityGroupIngress:

- IpProtocol: tcp

FromPort: 80

ToPort: 80

CidrIp: 0.0.0.0/0

- IpProtocol: tcp

FromPort: 22

ToPort: 22

CidrIp: 0.0.0.0/0

- IpProtocol: icmp

FromPort: -1

ToPort: -1

CidrIp: 0.0.0.0/0

SAOPAULOEC21:

Type: AWS::EC2::Instance

Properties:

ImageId: ami-0b949884b7ebca5ff

InstanceType: t2.micro

KeyName: !Ref KeyName

Tags:

- Key: Name

Value: SAOPAULO-EC21

NetworkInterfaces:

- DeviceIndex: 0

SubnetId: !Ref SAOPAULOPublicSN1

GroupSet:

- !Ref SAOPAULOSG

AssociatePublicIpAddress: true

UserData:

Fn::Base64:

!Sub |

#! /bin/bash

wget https://cloudneta.github.io/test.jpg

wget -P /usr/share/nginx/html/ https://cloudneta.github.io/test.jpg

amazon-linux-extras install -y nginx1.12

echo "<head><link rel='icon' href='data:;base64,iVBORw0KGgo='></head><h1>CloudNet@ CloudFront Test!!</h1><img src='test.jpg'>" > /usr/share/nginx/html/index.html

systemctl start nginx

systemctl enable nginx

SAOPAULOEC22:

Type: AWS::EC2::Instance

Properties:

ImageId: ami-0b949884b7ebca5ff

InstanceType: t2.micro

KeyName: !Ref KeyName

Tags:

- Key: Name

Value: SAOPAULO-EC22

NetworkInterfaces:

- DeviceIndex: 0

SubnetId: !Ref SAOPAULOPublicSN2

GroupSet:

- !Ref SAOPAULOSG

AssociatePublicIpAddress: true

UserData:

Fn::Base64:

!Sub |

#! /bin/bash

wget https://cloudneta.github.io/test.jpg

wget -P /usr/share/nginx/html/ https://cloudneta.github.io/test.jpg

amazon-linux-extras install -y nginx1.12

echo "<head><link rel='icon' href='data:;base64,iVBORw0KGgo='></head><h1>SAOPAULOEC22@ CloudFront Test!!</h1><img src='test.jpg'>" > /usr/share/nginx/html/index.html

systemctl start nginx

systemctl enable nginx

[ec2-user@ip-172-31-31-56 ~]$ for i in {1..20}; do curl -s -q 15.197.93.132 ; done | sort | uniq -c | sort -nr
     13 <head><link rel='icon' href='data:;base64,iVBORw0KGgo='></head><h1>CloudNet@ CloudFront Test!!</h1><img src='test.jpg'>
      7 <head><link rel='icon' href='data:;base64,iVBORw0KGgo='></head><h1>SAOPAULOEC22@ CloudFront Test!!</h1><img src='test.jpg'>
[ec2-user@ip-172-31-31-56 ~]$ for i in {1..20}; do curl -s -q 75.2.10.103 ; done | sort | uniq -c | sort -nr
     11 <head><link rel='icon' href='data:;base64,iVBORw0KGgo='></head><h1>SAOPAULOEC22@ CloudFront Test!!</h1><img src='test.jpg'>
      9 <head><link rel='icon' href='data:;base64,iVBORw0KGgo='></head><h1>CloudNet@ CloudFront Test!!</h1><img src='test.jpg'>

'AWS와 Azure 기반 하이브리드 멀티클라우드 DevOps > AWS' 카테고리의 다른 글

2025-01-14_도메인 (0)	2025.01.14
2025-01-06_CloudFormation에서 보안그룹과 네트워크 ACL 실습3 (0)	2025.01.06
2025-01-06_CloudFormation에서 보안그룹과 네트워크 ACL 실습2 (0)	2025.01.06
2025-01-06_CloudFormation에서 보안그룹과 네트워크 ACL 실습 (0)	2025.01.06
2025-01-06_콘솔에서 본안그룹과 네트워크 ACL 실습 (0)	2025.01.06

dltjgus

2025-01-17_Global Accelerator

'AWS와 Azure 기반 하이브리드 멀티클라우드 DevOps > AWS' 카테고리의 다른 글

티스토리툴바

2025-01-17_Global Accelerator

'AWS와 Azure 기반 하이브리드 멀티클라우드 DevOps > AWS' 카테고리의 다른 글

'AWS와 Azure 기반 하이브리드 멀티클라우드 DevOps/AWS' Related Articles

티스토리툴바