AWS CFT for Hourly BIG-IP 11.6 in EC2
Problem this snippet solves:
2016-07-12 Update: Newer Cloud Formation templates can be found at: https://github.com/F5Networks/f5-aws-cloudformation
WARNING You will be billed for the AWS resources used if you create a stack from this template.
Provides a easy way to launch and test BIG-IP in AWS using Amazon CloudFormation Templates.
Code :
# # **2016-07-12 Update:** Newer Cloud Formation templates can be found at: https://github.com/F5Networks/f5-aws-cloudformation # { "AWSTemplateFormatVersion": "2010-09-09", "Description": "AWS CloudFormation Template for Hourly BIG-IP AMIs. This template launches BIG-IP as an Amazon EC2 instance. It also creates all networking resources necessary to support BIG-IP and an application server. No web-servers are launched as part of this CFT. **WARNING** You will be billed for the AWS resources used if you create a stack from this template.", "Parameters": { "BigIPInstanceType": { "Description": "F5 BIG-IP Virtual Instance Type", "Type": "String", "Default": "m3.xlarge", "AllowedValues": [ "m3.xlarge", "m3.2xlarge", "c1.medium", "c1.xlarge", "cc1.4xlarge", "cc2.8xlarge", "cg1.4xlarge" ], "ConstraintDescription": "must be a valid Big-IP EC2 instance type." }, "BigIpLicensePackage": { "Description": "F5 BigIP Performance Type", "Type": "String", "Default": "Good", "AllowedValues": [ "Good", "Better", "Best" ], "ConstraintDescription": "Must be a valid F5 Big-IP performance type" }, "BigIpThroughput": { "Description": "F5 BigIP Throughput", "Type": "String", "Default": "25-Mbps", "AllowedValues": [ "25-Mbps", "200-Mbps", "1000-Mbps" ], "ConstraintDescription": "Please select your desired throughput" }, "KeyName": { "Description": "Name of an existing EC2 KeyPair to enable SSH access to the instance", "Type": "AWS::EC2::KeyPair::KeyName" }, "SSHLocation": { "Description": " The IP address range that can be used to SSH to the EC2 instances", "Type": "String", "MinLength": "9", "MaxLength": "18", "Default": "0.0.0.0/0", "AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})", "ConstraintDescription": "must be a valid IP CIDR range of the form x.x.x.x/x." } }, "Mappings": { "BigIPRegionMap": { "ap-northeast-1": { "Best1000": "ami-29e11229", "Best200": "ami-edf300ed", "Best25": "ami-4fe7144f", "Better1000": "ami-c3f300c3", "Better200": "ami-3fe7143f", "Better25": "ami-89f20189", "Good1000": "ami-5bc23f5b", "Good200": "ami-71fc0171", "Good25": "ami-6ffc016f" }, "ap-southeast-1": { "Best1000": "ami-dcebdb8e", "Best200": "ami-86eadad4", "Best25": "ami-b4eadae6", "Better1000": "ami-92eadac0", "Better200": "ami-cceada9e", "Better25": "ami-e8eadaba", "Good1000": "ami-fc5764ae", "Good200": "ami-12665540", "Good25": "ami-6c66553e" }, "ap-southeast-2": { "Best1000": "ami-eb5625d1", "Best200": "ami-03562539", "Best25": "ami-2556251f", "Better1000": "ami-0b562531", "Better200": "ami-09562533", "Better25": "ami-1f562525", "Good1000": "ami-e7e192dd", "Good200": "ami-ddf380e7", "Good25": "ami-855724bf" }, "eu-central-1": { "Best1000": "ami-9e93ae83", "Best200": "ami-d898a5c5", "Best25": "ami-de98a5c3", "Better1000": "ami-9493ae89", "Better200": "ami-9693ae8b", "Better25": "ami-9093ae8d", "Good1000": "ami-10c1fc0d", "Good200": "ami-e6c6fbfb", "Good25": "ami-f0c6fbed" }, "eu-west-1": { "Best1000": "ami-c7158db0", "Best200": "ami-d3138ba4", "Best25": "ami-85138bf2", "Better1000": "ami-c9138bbe", "Better200": "ami-99138bee", "Better25": "ami-df138ba8", "Good1000": "ami-695fc51e", "Good200": "ami-af9802d8", "Good25": "ami-2f128a58" }, "sa-east-1": { "Best1000": "ami-0d7cc710", "Best200": "ami-cf7dc6d2", "Best25": "ami-997dc684", "Better1000": "ami-4d73c850", "Better200": "ami-dd7dc6c0", "Better25": "ami-cd7dc6d0", "Good1000": "ami-4b09b256", "Good200": "ami-d91aa1c4", "Good25": "ami-297dc634" }, "us-east-1": { "Best1000": "ami-7c9ab114", "Best200": "ami-fe81aa96", "Best25": "ami-cc81aaa4", "Better1000": "ami-c281aaaa", "Better200": "ami-ce81aaa6", "Better25": "ami-f281aa9a", "Good1000": "ami-488ca720", "Good200": "ami-588da630", "Good25": "ami-e08ea588" }, "us-west-1": { "Best1000": "ami-614cad25", "Best200": "ami-674dac23", "Best25": "ami-734dac37", "Better1000": "ami-254dac61", "Better200": "ami-474dac03", "Better25": "ami-0f4dac4b", "Good1000": "ami-f737d7b3", "Good200": "ami-014aab45", "Good25": "ami-674aab23" }, "us-west-2": { "Best1000": "ami-d1735de1", "Best200": "ami-7b755b4b", "Best25": "ami-1d755b2d", "Better1000": "ami-2f755b1f", "Better200": "ami-75755b45", "Better25": "ami-0f755b3f", "Good1000": "ami-a1775991", "Good200": "ami-17775927", "Good25": "ami-e57658d5" } }, "AWSBigIPThrougput": { "25-Mbps": { "Good": "Good25", "Better": "Better25", "Best": "Best25" }, "200-Mbps": { "Good": "Good200", "Better": "Better200", "Best": "Best200" }, "1000-Mbps": { "Good": "Good1000", "Better": "Better1000", "Best": "Best1000" } } }, "Resources": { "VPC": { "Type": "AWS::EC2::VPC", "Properties": { "EnableDnsSupport": "true", "EnableDnsHostnames": "true", "CidrBlock": "10.0.0.0/16", "Tags": [ { "Key": "Application", "Value": { "Ref": "AWS::StackName" } } ] } }, "ManagementSubnet": { "Type": "AWS::EC2::Subnet", "Properties": { "VpcId": { "Ref": "VPC" }, "CidrBlock": "10.0.0.0/24", "Tags": [ { "Key": "Application", "Value": { "Ref": "AWS::StackName" } } ] } }, "ExternalSubnet": { "Type": "AWS::EC2::Subnet", "Properties": { "VpcId": { "Ref": "VPC" }, "CidrBlock": "10.0.1.0/24", "AvailabilityZone": { "Fn::GetAtt": [ "ManagementSubnet", "AvailabilityZone" ] }, "Tags": [ { "Key": "Application", "Value": { "Ref": "AWS::StackName" } } ] } }, "InternalSubnet": { "Type": "AWS::EC2::Subnet", "Properties": { "VpcId": { "Ref": "VPC" }, "CidrBlock": "10.0.2.0/24", "AvailabilityZone": { "Fn::GetAtt": [ "ManagementSubnet", "AvailabilityZone" ] }, "Tags": [ { "Key": "Application", "Value": { "Ref": "AWS::StackName" } } ] } }, "InternetGateway": { "Type": "AWS::EC2::InternetGateway", "Properties": { "Tags": [ { "Key": "Application", "Value": { "Ref": "AWS::StackName" } } ] } }, "AttachGateway": { "Type": "AWS::EC2::VPCGatewayAttachment", "Properties": { "VpcId": { "Ref": "VPC" }, "InternetGatewayId": { "Ref": "InternetGateway" } } }, "ExternalRouteTable": { "Type": "AWS::EC2::RouteTable", "Properties": { "VpcId": { "Ref": "VPC" }, "Tags": [ { "Key": "Application", "Value": { "Ref": "AWS::StackName" } }, { "Key": "Network", "Value": "External" } ] } }, "ExternalRoute": { "Type": "AWS::EC2::Route", "Properties": { "RouteTableId": { "Ref": "ExternalRouteTable" }, "DestinationCidrBlock": "0.0.0.0/0", "GatewayId": { "Ref": "InternetGateway" } } }, "ExternalSubnetRouteTableAssociation": { "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "SubnetId": { "Ref": "ExternalSubnet" }, "RouteTableId": { "Ref": "ExternalRouteTable" } } }, "InternalRouteTable": { "Type": "AWS::EC2::RouteTable", "Properties": { "VpcId": { "Ref": "VPC" }, "Tags": [ { "Key": "Application", "Value": { "Ref": "AWS::StackName" } }, { "Key": "Network", "Value": "Internal" } ] } }, "InternalRoute": { "Type": "AWS::EC2::Route", "Properties": { "RouteTableId": { "Ref": "InternalRouteTable" }, "DestinationCidrBlock": "0.0.0.0/0", "GatewayId": { "Ref": "InternetGateway" } } }, "InternalSubnetRouteTableAssociation": { "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "SubnetId": { "Ref": "InternalSubnet" }, "RouteTableId": { "Ref": "InternalRouteTable" } } }, "ManagementRouteTable": { "Type": "AWS::EC2::RouteTable", "Properties": { "VpcId": { "Ref": "VPC" }, "Tags": [ { "Key": "Application", "Value": { "Ref": "AWS::StackName" } }, { "Key": "Network", "Value": "Mgmt" } ] } }, "ManagementRoute": { "Type": "AWS::EC2::Route", "Properties": { "RouteTableId": { "Ref": "ManagementRouteTable" }, "DestinationCidrBlock": "0.0.0.0/0", "GatewayId": { "Ref": "InternetGateway" } } }, "ManagementSubnetRouteTableAssociation": { "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "SubnetId": { "Ref": "ManagementSubnet" }, "RouteTableId": { "Ref": "ManagementRouteTable" } } }, "SubnetRouteTableAssociationManagement": { "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "SubnetId": { "Ref": "ManagementSubnet" }, "RouteTableId": { "Ref": "ManagementRouteTable" } } }, "SubnetRouteTableAssociationInternal": { "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "SubnetId": { "Ref": "InternalSubnet" }, "RouteTableId": { "Ref": "InternalRouteTable" } } }, "SubnetRouteTableAssociationExternal": { "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "SubnetId": { "Ref": "ExternalSubnet" }, "RouteTableId": { "Ref": "ExternalRouteTable" } } }, "BigIPManagementSecurityGroup": { "Type": "AWS::EC2::SecurityGroup", "Properties": { "VpcId": { "Ref": "VPC" }, "GroupDescription": "Enable SSH access via port 22", "SecurityGroupIngress": [ { "IpProtocol": "tcp", "FromPort": "22", "ToPort": "22", "CidrIp": { "Ref": "SSHLocation" } }, { "IpProtocol": "tcp", "FromPort": "443", "ToPort": "443", "CidrIp": { "Ref": "SSHLocation" } } ] } }, "BigIPExternalSecurityGroup": { "Type": "AWS::EC2::SecurityGroup", "Properties": { "VpcId": { "Ref": "VPC" }, "GroupDescription": "Enable SSH access via port 22", "SecurityGroupIngress": [ { "IpProtocol": "tcp", "FromPort": "80", "ToPort": "80", "CidrIp": "0.0.0.0/0" }, { "IpProtocol": "tcp", "FromPort": "443", "ToPort": "443", "CidrIp": "0.0.0.0/0" } ] } }, "BigIPInternalSecurityGroup": { "Type": "AWS::EC2::SecurityGroup", "Properties": { "VpcId": { "Ref": "VPC" }, "GroupDescription": "Enable SSH access via port 22", "SecurityGroupIngress": [ { "IpProtocol": "tcp", "FromPort": "8080", "ToPort": "8080", "CidrIp": "10.0.2.0/24" }, { "IpProtocol": "tcp", "FromPort": "22", "ToPort": "22", "CidrIp": "10.0.2.0/24" }, { "IpProtocol": "icmp", "FromPort": "-1", "ToPort": "-1", "CidrIp": "10.0.2.0/24" } ] } }, "ManagementInterface": { "Type": "AWS::EC2::NetworkInterface", "Properties": { "Description": "Management Interface for the BigIP", "GroupSet": [ { "Ref": "BigIPManagementSecurityGroup" } ], "SubnetId": { "Ref": "ManagementSubnet" } } }, "InternalInterface": { "Type": "AWS::EC2::NetworkInterface", "Properties": { "Description": "Internal Interface for the BigIP", "GroupSet": [ { "Ref": "BigIPInternalSecurityGroup" } ], "SubnetId": { "Ref": "InternalSubnet" } } }, "ExternalInterface": { "Type": "AWS::EC2::NetworkInterface", "Properties": { "Description": "External Interface for the BigIP", "GroupSet": [ { "Ref": "BigIPExternalSecurityGroup" } ], "SubnetId": { "Ref": "ExternalSubnet" }, "SecondaryPrivateIpAddressCount": "1" } }, "ManagementIPAddress": { "Type": "AWS::EC2::EIP", "DependsOn": "AttachGateway", "Properties": { "Domain": "vpc" } }, "InternalWebserverIPAddress": { "Type": "AWS::EC2::EIP", "DependsOn": "AttachGateway", "Properties": { "Domain": "vpc" } }, "ManagementIPAssociation": { "Type": "AWS::EC2::EIPAssociation", "Properties": { "AllocationId": { "Fn::GetAtt": [ "ManagementIPAddress", "AllocationId" ] }, "NetworkInterfaceId": { "Ref": "ManagementInterface" } } }, "VIPIPAddress": { "Type": "AWS::EC2::EIP", "DependsOn": "AttachGateway", "Properties": { "Domain": "vpc" } }, "VIPIPAssociation": { "Type": "AWS::EC2::EIPAssociation", "Properties": { "AllocationId": { "Fn::GetAtt": [ "VIPIPAddress", "AllocationId" ] }, "NetworkInterfaceId": { "Ref": "ExternalInterface" }, "PrivateIpAddress": { "Fn::Select": [ "0", { "Fn::GetAtt": [ "ExternalInterface", "SecondaryPrivateIpAddresses" ] } ] } } }, "BigIpInstance": { "Type": "AWS::EC2::Instance", "Properties": { "ImageId": { "Fn::FindInMap": [ "BigIPRegionMap", { "Ref": "AWS::Region" }, { "Fn::FindInMap": [ "AWSBigIPThrougput", { "Ref": "BigIpThroughput" }, { "Ref": "BigIpLicensePackage" } ] } ] }, "InstanceType": { "Ref": "BigIPInstanceType" }, "KeyName": { "Ref": "KeyName" }, "Tags": [ { "Key": "Application", "Value": { "Ref": "AWS::StackName" } } ], "AvailabilityZone": { "Fn::GetAtt": [ "ManagementSubnet", "AvailabilityZone" ] }, "NetworkInterfaces": [ { "Description": "Management Interface", "DeviceIndex": "0", "NetworkInterfaceId": { "Ref": "ManagementInterface" } }, { "Description": "External Interface", "DeviceIndex": "1", "NetworkInterfaceId": { "Ref": "ExternalInterface" } }, { "Description": "Internal Interface", "DeviceIndex": "2", "NetworkInterfaceId": { "Ref": "InternalInterface" } } ] } }, "WebServerSecurityGroup": { "Type": "AWS::EC2::SecurityGroup", "Properties": { "VpcId": { "Ref": "VPC" }, "GroupDescription": "Enable HTTP access via port 80", "SecurityGroupIngress": [ { "IpProtocol": "tcp", "FromPort": "80", "ToPort": "80", "CidrIp": "0.0.0.0/0" }, { "IpProtocol": "tcp", "FromPort": "80", "ToPort": "80", "CidrIp": "0.0.0.0/0" }, { "IpProtocol": "tcp", "FromPort": "22", "ToPort": "22", "CidrIp": "0.0.0.0/0" }, { "IpProtocol": "icmp", "FromPort": "-1", "ToPort": "-1", "CidrIp": "0.0.0.0/0" } ] } } }, "Outputs": { "BigIpManagementIp": { "Value": { "Fn::Join": [ "", [ "https://", { "Fn::GetAtt": [ "BigIpInstance", "PublicIp" ] } ] ] }, "Description": "BigIP Management GUI" }, "PublicVIP": { "Value": { "Fn::Join": [ "", [ "http://", { "Ref": "VIPIPAddress" }, ":80" ] ] } }, "InternalInterfacePrivateIp": { "Description": "Internally routable IP of internal interface on BIG-IP", "Value": { "Fn::Join": [ "", ["", { "Fn::GetAtt": [ "InternalInterface", "PrimaryPrivateIpAddress" ] } ]] } }, "ExternalInterfacePrivateIp": { "Description": "Internally routable IP of external interface on BIG-IP", "Value": { "Fn::Join": [ "", ["", { "Fn::GetAtt": [ "ExternalInterface", "PrimaryPrivateIpAddress" ] } ]] } } } }
Tested this on version:
11.6Published Jun 18, 2015
Version 1.0ChrisMutzel_151
Altocumulus
Joined May 04, 2019
ChrisMutzel_151
Altocumulus
Joined May 04, 2019
No CommentsBe the first to comment