refined-engine-12125
10/11/2022, 4:15 PMbillowy-army-68599
10/11/2022, 4:19 PMrefined-engine-12125
10/11/2022, 4:22 PMbillowy-army-68599
10/11/2022, 4:23 PMpolite-ocean-13631
10/11/2022, 4:54 PMawsx
to create the Fargate service, and it fails when there is no default VPC even if the default VPC would not be used.refined-engine-12125
10/12/2022, 7:38 PMrefined-engine-12125
10/12/2022, 7:58 PMts
and I'm using python
... the pulumi API seems to be subtly different. Is there a full stack example in python out there?billowy-army-68599
10/12/2022, 8:24 PMrefined-engine-12125
10/12/2022, 8:26 PMbillowy-army-68599
10/12/2022, 8:28 PMrefined-engine-12125
10/12/2022, 8:29 PM___main___.py
: https://gist.github.com/ToddG/0672cacf90a98e8dd9aa8a6a12ee0e67
`Pulumi.dev.yaml`: https://gist.github.com/ToddG/de004c56b1bc1e5c52c0a7b308083ae1billowy-army-68599
10/12/2022, 8:34 PMrefined-engine-12125
10/12/2022, 8:35 PM503 Service Temporarily Unavailable
watch curl <http://dev-v4-dashboard-alb-1f52b4a-628890030.us-east-1.elb.amazonaws.com|dev-v4-dashboard-alb-1f52b4a-628890030.us-east-1.elb.amazonaws.com>
billowy-army-68599
10/12/2022, 8:36 PMrefined-engine-12125
10/12/2022, 8:36 PMbillowy-army-68599
10/12/2022, 8:42 PMrefined-engine-12125
10/12/2022, 8:42 PMbillowy-army-68599
10/12/2022, 8:42 PMrefined-engine-12125
10/12/2022, 8:45 PMbillowy-army-68599
10/12/2022, 8:54 PMrefined-engine-12125
10/13/2022, 3:03 PM"""JAXXStorm's Python Pulumi example program."""
from pulumi import export, ResourceOptions
import pulumi
import pulumi_awsx as awsx
import pulumi_aws as aws
import json
# Create an ECS cluster to run a container-based service.
cluster = aws.ecs.Cluster("cluster")
# Read back the **custom** VPC and public subnets, which we will use.
custom_vpc = awsx.ec2.Vpc("custom-vpc", number_of_availability_zones=1, )
# Create a SecurityGroup that permits HTTP ingress and unrestricted egress.
group = aws.ec2.SecurityGroup(
"web-secgrp",
vpc_id=custom_vpc.vpc.id,
description="Enable HTTP access",
ingress=[
aws.ec2.SecurityGroupIngressArgs(
protocol="tcp",
from_port=80,
to_port=80,
cidr_blocks=["0.0.0.0/0"],
)
],
egress=[
aws.ec2.SecurityGroupEgressArgs(
protocol="-1",
from_port=0,
to_port=0,
cidr_blocks=["0.0.0.0/0"],
)
],
)
# Create a load balancer to listen for HTTP traffic on port 80.
alb = aws.lb.LoadBalancer(
"app-lb",
security_groups=[group.id],
subnets=custom_vpc.public_subnet_ids,
)
atg = aws.lb.TargetGroup(
"app-tg",
port=80,
protocol="HTTP",
target_type="ip",
vpc_id=custom_vpc.vpc.id,
opts=pulumi.ResourceOptions(parent=alb),
)
wl = aws.lb.Listener(
"web",
load_balancer_arn=alb.arn,
port=80,
default_actions=[
aws.lb.ListenerDefaultActionArgs(
type="forward",
target_group_arn=atg.arn,
)
],
opts=pulumi.ResourceOptions(parent=alb)
)
# Create an IAM role that can be used by our service's task.
role = aws.iam.Role(
"task-exec-role",
assume_role_policy=json.dumps(
{
"Version": "2008-10-17",
"Statement": [
{
"Sid": "",
"Effect": "Allow",
"Principal": {"Service": "<http://ecs-tasks.amazonaws.com|ecs-tasks.amazonaws.com>"},
"Action": "sts:AssumeRole",
}
],
}
),
)
rpa = aws.iam.RolePolicyAttachment(
"task-exec-policy",
role=role.name,
policy_arn="arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy",
opts=pulumi.ResourceOptions(parent=role)
)
# Spin up a load balanced service running our container image.
task_definition = aws.ecs.TaskDefinition(
"app-task",
family="app-task",
cpu="256",
memory="512",
network_mode="awsvpc",
requires_compatibilities=["FARGATE"],
execution_role_arn=role.arn,
container_definitions=pulumi.Output.all(lb_one=alb.dns_name).apply(
lambda args: json.dumps(
[
{
"name": "my-app",
"image": "nginx",
"portMappings": [
{"containerPort": 80, "hostPort": 80, "protocol": "tcp"}
],
"environment": [
{"name": "LOADBALANCER", "value": args["lb_one"]},
],
}
]
),
),
opts=pulumi.ResourceOptions(parent=cluster)
)
service = aws.ecs.Service(
"app-svc",
cluster=cluster.arn,
desired_count=3,
launch_type="FARGATE",
task_definition=task_definition.arn,
network_configuration=aws.ecs.ServiceNetworkConfigurationArgs(
assign_public_ip=True,
subnets=custom_vpc.private_subnet_ids,
security_groups=[group.id],
),
load_balancers=[
aws.ecs.ServiceLoadBalancerArgs(
target_group_arn=atg.arn,
container_name="my-app",
container_port=80,
)
],
opts=ResourceOptions(depends_on=[wl], parent=cluster),
)
export("cluster", cluster.name)
export("url", alb.dns_name)