nSights Talks

AWS CloudFormation Nested Stacks

Tutorial Highlights & Transcript

00:00 - nSights AWS CloudFormation Nested Stacks ( introduction )
So today I’m going to give a demo on CloudFormation Nested Stack. And in the nested stack, basically, I’m going to perform and create two instances in VPC. The VPC stack I’m going to create and one instance that will be for a database and the other instance that will be for WordPress. And the WordPress node will launch through Auto Scaling group. And it should be behind ALB. And noted, all the nodes will be in private subnets and I’m not going to give any public subnets to these nodes. So what we’re going to access the WordPress is through ALB, their DNS and they are going to add the auto scaling policies on ASG group and it is going to scale through CPU usage and it will scale up and down according to the CPU usage.
01:14 - Contents of the root stack
So in the Root Stack, there is a main root stack. And then I have a stack for VPC and security groups, EC2, ALB, and auto scaling. I have five of these templates which are in Root Stack.
01:32 - Contents of Amazon VPC stack
So in VPC, I’m going to create my own VPC with the name SaifPrivateVPC then there are two Public Subnets, one Private Subnet, Internet Gateway, Gateway to Internet, Public Route Table and then Route Table then Public Subnet that will associate the Route Table. And that gateway for the Private Subnets, then Net Public IP and Private Route Table. And that goes on.
02:03 - Contents of Amazon VPC security group stack
And then in the security group, I’m going to create two security groups – one for web services and another for DB. And for DB, the security group is in private, it will be private, and for web, basically, for web, it will go into the ALB. And both instances basically the private subnets will attach to both the instances not to the ALB.
02:32 - Contents of Amazon EC2 stack
Then I’m going to have a separate EC2 Stack. And that EC2 Stack will have only one instance that is for database and I’m going to install MySQL in a private subnet on that instance, then I’ll have an ALB stack.
02:52 - Contents of AWS ALB stack
And in the ALB stack, I’m going to create Application Load Balancer with the ALB Listener and one target group in which we are going to have that WordPress instance launched.
03:05 - Contents of AWS Auto Scaling group stack
And then in the ASG Auto Scaling group, we are going to create the launch template for the WordPress instance. And then we’re going to create an Auto Scaling Group and scale up policy and scale down policy with the scale up alarms and scale down alarms.
03:29 - Demo
So let me share my screen. We’re here and I’m going to show you the templates I have already in the Route Stack. Here is my Route Stack route template in which I have created and in which we have parameters that will define what is the VPC block and what are the subnet blocks and private subnets and public subnet blocks. Then here is the template for VPC spec which we are going to bind with the VPC stack. Here is my VPC spec. In VPC spec, I have all the VPC’s. For example, here I am creating a VPC then I’m creating a subnet private one subnets and the other public subnets and then the private subnet and similarly goes on to the Internet Gateway, net gateway to Internet, Gateway to internet, and public route tables, public routes, and then associations net gateway, and similarly goes on. And then I have another stack which is a security group. In a security group, I am going to show I have to basically subnet one for the public. So basically, this is the public subnet and in which, sorry, this is the private security group. This is the security group. And this is the security group for the database, and this is the security group for WordPress. And then we have the EC2 instance Hill stack for EC2 instance, which is the EC2 instance, resources, I am getting the image ID and what type of instance and keys and what are the security groups attached to it. This is the security group basically attaching to it and the subnet ID and the user data I’m going to install. First of all, I am going to update the instance. And then update, upgrade, and install MySQL and then create the tables and everything and then configuring mysql.com and then restarting the servers. And these are the tags that basically I’m using. And then goes on the application load balancer, and here’s the application load balancer sources which we are going to create. I’ll refer it to a public subnet for public subnet one and public subnet two is the security group attached to it. So here are the auto scaling groups. For Auto Scaling Group, here is the stack for Auto Scaling Group and an Auto Scaling Group. I am creating the launch template for WordPress File WordPress instance. And here is the metadata for user data for WordPress. Basically, I’m going to update the node and I’m going to install the Apache and start the bust here and then install the WordPress and we’re going to get the permissions to the files required. Actually, the HTML files, and here is the Auto Scaling Group. And an Auto Scaling Group, I’ll go into the minimum size of Auto Scaling Group will be one and the maximum will be three and here are the health checks for the Auto Scaling Group. Then we have an upscaling scaling policy, it will scale up. And this is this is the alarm which is going to sync with this auto scaling policy up auto scaling policy. Similarly, I have a down auto scaling policy and an alarm for download or scaling policy. So this is basically these are the configurations. I have already uploaded the configurations. Basically, I have already launched the stack because it is going to take around 20 to 25 minutes. So I have already created the stacks, I’ve uploaded these templates in S3 and I’m going to pull these images from there. Let me show you the S3 I have in which we have the images. So these are all the images I have in S3. So from there, I have loaded the CloudFormation. And these are basically the nested stacks. These are the stacks which are created for these stacks. Basically VPC, EC2, ASG and ALB and other ones. So as soon as I have launched this cloud mission already, what we’re going to see is that I have an ALB stack. And I’m going to see if my ALB DNS is working properly or not. And whether I can see if Apache is working on it or not. So what I see is that Apache is already working on it. Now let me see if WordPress is enabled. So here’s the WordPress site, which basically is coming from ALB through ALB on the instance. So I think my compile is about complete. I’m going to look into it. So basically what was the purpose of this demo that I’m going to show how the nested stack basically works.
Jasmeet Singh

Saif Ur Rahman

DevOps Support Engineer


Saif is a DevOps Support Engineer at nClouds. He has a long list of technical certifications, including AWS Certified SysOps Administrator - Associate, AWS Certified Solutions Architect - Associate, and AWS Certified Cloud Practitioner.