AWS CFT for Hourly BIG-IP 11.6 in EC2
Problem this snippet solves:
2016-07-12 Update: Newer Cloud Formation templates can be found at: https://github.com/F5Networks/f5-aws-cloudformation
WARNING You will be billed for the AWS resources used if you create a stack from this template.
Provides a easy way to launch and test BIG-IP in AWS using Amazon CloudFormation Templates.
Code :
#
# **2016-07-12 Update:** Newer Cloud Formation templates can be found at: https://github.com/F5Networks/f5-aws-cloudformation
#
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "AWS CloudFormation Template for Hourly BIG-IP AMIs. This template launches BIG-IP as an Amazon EC2 instance. It also creates all networking resources necessary to support BIG-IP and an application server. No web-servers are launched as part of this CFT. **WARNING** You will be billed for the AWS resources used if you create a stack from this template.",
"Parameters": {
"BigIPInstanceType": {
"Description": "F5 BIG-IP Virtual Instance Type",
"Type": "String",
"Default": "m3.xlarge",
"AllowedValues": [
"m3.xlarge",
"m3.2xlarge",
"c1.medium",
"c1.xlarge",
"cc1.4xlarge",
"cc2.8xlarge",
"cg1.4xlarge"
],
"ConstraintDescription": "must be a valid Big-IP EC2 instance type."
},
"BigIpLicensePackage": {
"Description": "F5 BigIP Performance Type",
"Type": "String",
"Default": "Good",
"AllowedValues": [
"Good",
"Better",
"Best"
],
"ConstraintDescription": "Must be a valid F5 Big-IP performance type"
},
"BigIpThroughput": {
"Description": "F5 BigIP Throughput",
"Type": "String",
"Default": "25-Mbps",
"AllowedValues": [
"25-Mbps",
"200-Mbps",
"1000-Mbps"
],
"ConstraintDescription": "Please select your desired throughput"
},
"KeyName": {
"Description": "Name of an existing EC2 KeyPair to enable SSH access to the instance",
"Type": "AWS::EC2::KeyPair::KeyName"
},
"SSHLocation": {
"Description": " The IP address range that can be used to SSH to the EC2 instances",
"Type": "String",
"MinLength": "9",
"MaxLength": "18",
"Default": "0.0.0.0/0",
"AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})",
"ConstraintDescription": "must be a valid IP CIDR range of the form x.x.x.x/x."
}
},
"Mappings": {
"BigIPRegionMap": {
"ap-northeast-1": {
"Best1000": "ami-29e11229",
"Best200": "ami-edf300ed",
"Best25": "ami-4fe7144f",
"Better1000": "ami-c3f300c3",
"Better200": "ami-3fe7143f",
"Better25": "ami-89f20189",
"Good1000": "ami-5bc23f5b",
"Good200": "ami-71fc0171",
"Good25": "ami-6ffc016f"
},
"ap-southeast-1": {
"Best1000": "ami-dcebdb8e",
"Best200": "ami-86eadad4",
"Best25": "ami-b4eadae6",
"Better1000": "ami-92eadac0",
"Better200": "ami-cceada9e",
"Better25": "ami-e8eadaba",
"Good1000": "ami-fc5764ae",
"Good200": "ami-12665540",
"Good25": "ami-6c66553e"
},
"ap-southeast-2": {
"Best1000": "ami-eb5625d1",
"Best200": "ami-03562539",
"Best25": "ami-2556251f",
"Better1000": "ami-0b562531",
"Better200": "ami-09562533",
"Better25": "ami-1f562525",
"Good1000": "ami-e7e192dd",
"Good200": "ami-ddf380e7",
"Good25": "ami-855724bf"
},
"eu-central-1": {
"Best1000": "ami-9e93ae83",
"Best200": "ami-d898a5c5",
"Best25": "ami-de98a5c3",
"Better1000": "ami-9493ae89",
"Better200": "ami-9693ae8b",
"Better25": "ami-9093ae8d",
"Good1000": "ami-10c1fc0d",
"Good200": "ami-e6c6fbfb",
"Good25": "ami-f0c6fbed"
},
"eu-west-1": {
"Best1000": "ami-c7158db0",
"Best200": "ami-d3138ba4",
"Best25": "ami-85138bf2",
"Better1000": "ami-c9138bbe",
"Better200": "ami-99138bee",
"Better25": "ami-df138ba8",
"Good1000": "ami-695fc51e",
"Good200": "ami-af9802d8",
"Good25": "ami-2f128a58"
},
"sa-east-1": {
"Best1000": "ami-0d7cc710",
"Best200": "ami-cf7dc6d2",
"Best25": "ami-997dc684",
"Better1000": "ami-4d73c850",
"Better200": "ami-dd7dc6c0",
"Better25": "ami-cd7dc6d0",
"Good1000": "ami-4b09b256",
"Good200": "ami-d91aa1c4",
"Good25": "ami-297dc634"
},
"us-east-1": {
"Best1000": "ami-7c9ab114",
"Best200": "ami-fe81aa96",
"Best25": "ami-cc81aaa4",
"Better1000": "ami-c281aaaa",
"Better200": "ami-ce81aaa6",
"Better25": "ami-f281aa9a",
"Good1000": "ami-488ca720",
"Good200": "ami-588da630",
"Good25": "ami-e08ea588"
},
"us-west-1": {
"Best1000": "ami-614cad25",
"Best200": "ami-674dac23",
"Best25": "ami-734dac37",
"Better1000": "ami-254dac61",
"Better200": "ami-474dac03",
"Better25": "ami-0f4dac4b",
"Good1000": "ami-f737d7b3",
"Good200": "ami-014aab45",
"Good25": "ami-674aab23"
},
"us-west-2": {
"Best1000": "ami-d1735de1",
"Best200": "ami-7b755b4b",
"Best25": "ami-1d755b2d",
"Better1000": "ami-2f755b1f",
"Better200": "ami-75755b45",
"Better25": "ami-0f755b3f",
"Good1000": "ami-a1775991",
"Good200": "ami-17775927",
"Good25": "ami-e57658d5"
}
},
"AWSBigIPThrougput": {
"25-Mbps": {
"Good": "Good25",
"Better": "Better25",
"Best": "Best25"
},
"200-Mbps": {
"Good": "Good200",
"Better": "Better200",
"Best": "Best200"
},
"1000-Mbps": {
"Good": "Good1000",
"Better": "Better1000",
"Best": "Best1000"
}
}
},
"Resources": {
"VPC": {
"Type": "AWS::EC2::VPC",
"Properties": {
"EnableDnsSupport": "true",
"EnableDnsHostnames": "true",
"CidrBlock": "10.0.0.0/16",
"Tags": [
{
"Key": "Application",
"Value": {
"Ref": "AWS::StackName"
}
}
]
}
},
"ManagementSubnet": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"VpcId": {
"Ref": "VPC"
},
"CidrBlock": "10.0.0.0/24",
"Tags": [
{
"Key": "Application",
"Value": {
"Ref": "AWS::StackName"
}
}
]
}
},
"ExternalSubnet": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"VpcId": {
"Ref": "VPC"
},
"CidrBlock": "10.0.1.0/24",
"AvailabilityZone": {
"Fn::GetAtt": [
"ManagementSubnet",
"AvailabilityZone"
]
},
"Tags": [
{
"Key": "Application",
"Value": {
"Ref": "AWS::StackName"
}
}
]
}
},
"InternalSubnet": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"VpcId": {
"Ref": "VPC"
},
"CidrBlock": "10.0.2.0/24",
"AvailabilityZone": {
"Fn::GetAtt": [
"ManagementSubnet",
"AvailabilityZone"
]
},
"Tags": [
{
"Key": "Application",
"Value": {
"Ref": "AWS::StackName"
}
}
]
}
},
"InternetGateway": {
"Type": "AWS::EC2::InternetGateway",
"Properties": {
"Tags": [
{
"Key": "Application",
"Value": {
"Ref": "AWS::StackName"
}
}
]
}
},
"AttachGateway": {
"Type": "AWS::EC2::VPCGatewayAttachment",
"Properties": {
"VpcId": {
"Ref": "VPC"
},
"InternetGatewayId": {
"Ref": "InternetGateway"
}
}
},
"ExternalRouteTable": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
"VpcId": {
"Ref": "VPC"
},
"Tags": [
{
"Key": "Application",
"Value": {
"Ref": "AWS::StackName"
}
},
{
"Key": "Network",
"Value": "External"
}
]
}
},
"ExternalRoute": {
"Type": "AWS::EC2::Route",
"Properties": {
"RouteTableId": {
"Ref": "ExternalRouteTable"
},
"DestinationCidrBlock": "0.0.0.0/0",
"GatewayId": {
"Ref": "InternetGateway"
}
}
},
"ExternalSubnetRouteTableAssociation": {
"Type": "AWS::EC2::SubnetRouteTableAssociation",
"Properties": {
"SubnetId": {
"Ref": "ExternalSubnet"
},
"RouteTableId": {
"Ref": "ExternalRouteTable"
}
}
},
"InternalRouteTable": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
"VpcId": {
"Ref": "VPC"
},
"Tags": [
{
"Key": "Application",
"Value": {
"Ref": "AWS::StackName"
}
},
{
"Key": "Network",
"Value": "Internal"
}
]
}
},
"InternalRoute": {
"Type": "AWS::EC2::Route",
"Properties": {
"RouteTableId": {
"Ref": "InternalRouteTable"
},
"DestinationCidrBlock": "0.0.0.0/0",
"GatewayId": {
"Ref": "InternetGateway"
}
}
},
"InternalSubnetRouteTableAssociation": {
"Type": "AWS::EC2::SubnetRouteTableAssociation",
"Properties": {
"SubnetId": {
"Ref": "InternalSubnet"
},
"RouteTableId": {
"Ref": "InternalRouteTable"
}
}
},
"ManagementRouteTable": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
"VpcId": {
"Ref": "VPC"
},
"Tags": [
{
"Key": "Application",
"Value": {
"Ref": "AWS::StackName"
}
},
{
"Key": "Network",
"Value": "Mgmt"
}
]
}
},
"ManagementRoute": {
"Type": "AWS::EC2::Route",
"Properties": {
"RouteTableId": {
"Ref": "ManagementRouteTable"
},
"DestinationCidrBlock": "0.0.0.0/0",
"GatewayId": {
"Ref": "InternetGateway"
}
}
},
"ManagementSubnetRouteTableAssociation": {
"Type": "AWS::EC2::SubnetRouteTableAssociation",
"Properties": {
"SubnetId": {
"Ref": "ManagementSubnet"
},
"RouteTableId": {
"Ref": "ManagementRouteTable"
}
}
},
"SubnetRouteTableAssociationManagement": {
"Type": "AWS::EC2::SubnetRouteTableAssociation",
"Properties": {
"SubnetId": {
"Ref": "ManagementSubnet"
},
"RouteTableId": {
"Ref": "ManagementRouteTable"
}
}
},
"SubnetRouteTableAssociationInternal": {
"Type": "AWS::EC2::SubnetRouteTableAssociation",
"Properties": {
"SubnetId": {
"Ref": "InternalSubnet"
},
"RouteTableId": {
"Ref": "InternalRouteTable"
}
}
},
"SubnetRouteTableAssociationExternal": {
"Type": "AWS::EC2::SubnetRouteTableAssociation",
"Properties": {
"SubnetId": {
"Ref": "ExternalSubnet"
},
"RouteTableId": {
"Ref": "ExternalRouteTable"
}
}
},
"BigIPManagementSecurityGroup": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"VpcId": {
"Ref": "VPC"
},
"GroupDescription": "Enable SSH access via port 22",
"SecurityGroupIngress": [
{
"IpProtocol": "tcp",
"FromPort": "22",
"ToPort": "22",
"CidrIp": {
"Ref": "SSHLocation"
}
},
{
"IpProtocol": "tcp",
"FromPort": "443",
"ToPort": "443",
"CidrIp": {
"Ref": "SSHLocation"
}
}
]
}
},
"BigIPExternalSecurityGroup": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"VpcId": {
"Ref": "VPC"
},
"GroupDescription": "Enable SSH access via port 22",
"SecurityGroupIngress": [
{
"IpProtocol": "tcp",
"FromPort": "80",
"ToPort": "80",
"CidrIp": "0.0.0.0/0"
},
{
"IpProtocol": "tcp",
"FromPort": "443",
"ToPort": "443",
"CidrIp": "0.0.0.0/0"
}
]
}
},
"BigIPInternalSecurityGroup": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"VpcId": {
"Ref": "VPC"
},
"GroupDescription": "Enable SSH access via port 22",
"SecurityGroupIngress": [
{
"IpProtocol": "tcp",
"FromPort": "8080",
"ToPort": "8080",
"CidrIp": "10.0.2.0/24"
},
{
"IpProtocol": "tcp",
"FromPort": "22",
"ToPort": "22",
"CidrIp": "10.0.2.0/24"
},
{
"IpProtocol": "icmp",
"FromPort": "-1",
"ToPort": "-1",
"CidrIp": "10.0.2.0/24"
}
]
}
},
"ManagementInterface": {
"Type": "AWS::EC2::NetworkInterface",
"Properties": {
"Description": "Management Interface for the BigIP",
"GroupSet": [
{
"Ref": "BigIPManagementSecurityGroup"
}
],
"SubnetId": {
"Ref": "ManagementSubnet"
}
}
},
"InternalInterface": {
"Type": "AWS::EC2::NetworkInterface",
"Properties": {
"Description": "Internal Interface for the BigIP",
"GroupSet": [
{
"Ref": "BigIPInternalSecurityGroup"
}
],
"SubnetId": {
"Ref": "InternalSubnet"
}
}
},
"ExternalInterface": {
"Type": "AWS::EC2::NetworkInterface",
"Properties": {
"Description": "External Interface for the BigIP",
"GroupSet": [
{
"Ref": "BigIPExternalSecurityGroup"
}
],
"SubnetId": {
"Ref": "ExternalSubnet"
},
"SecondaryPrivateIpAddressCount": "1"
}
},
"ManagementIPAddress": {
"Type": "AWS::EC2::EIP",
"DependsOn": "AttachGateway",
"Properties": {
"Domain": "vpc"
}
},
"InternalWebserverIPAddress": {
"Type": "AWS::EC2::EIP",
"DependsOn": "AttachGateway",
"Properties": {
"Domain": "vpc"
}
},
"ManagementIPAssociation": {
"Type": "AWS::EC2::EIPAssociation",
"Properties": {
"AllocationId": {
"Fn::GetAtt": [
"ManagementIPAddress",
"AllocationId"
]
},
"NetworkInterfaceId": {
"Ref": "ManagementInterface"
}
}
},
"VIPIPAddress": {
"Type": "AWS::EC2::EIP",
"DependsOn": "AttachGateway",
"Properties": {
"Domain": "vpc"
}
},
"VIPIPAssociation": {
"Type": "AWS::EC2::EIPAssociation",
"Properties": {
"AllocationId": {
"Fn::GetAtt": [
"VIPIPAddress",
"AllocationId"
]
},
"NetworkInterfaceId": {
"Ref": "ExternalInterface"
},
"PrivateIpAddress": {
"Fn::Select": [
"0",
{
"Fn::GetAtt": [
"ExternalInterface",
"SecondaryPrivateIpAddresses"
]
}
]
}
}
},
"BigIpInstance": {
"Type": "AWS::EC2::Instance",
"Properties": {
"ImageId": {
"Fn::FindInMap": [
"BigIPRegionMap",
{
"Ref": "AWS::Region"
},
{
"Fn::FindInMap": [
"AWSBigIPThrougput",
{
"Ref": "BigIpThroughput"
},
{
"Ref": "BigIpLicensePackage"
}
]
}
]
},
"InstanceType": {
"Ref": "BigIPInstanceType"
},
"KeyName": {
"Ref": "KeyName"
},
"Tags": [
{
"Key": "Application",
"Value": {
"Ref": "AWS::StackName"
}
}
],
"AvailabilityZone": {
"Fn::GetAtt": [
"ManagementSubnet",
"AvailabilityZone"
]
},
"NetworkInterfaces": [
{
"Description": "Management Interface",
"DeviceIndex": "0",
"NetworkInterfaceId": {
"Ref": "ManagementInterface"
}
},
{
"Description": "External Interface",
"DeviceIndex": "1",
"NetworkInterfaceId": {
"Ref": "ExternalInterface"
}
},
{
"Description": "Internal Interface",
"DeviceIndex": "2",
"NetworkInterfaceId": {
"Ref": "InternalInterface"
}
}
]
}
},
"WebServerSecurityGroup": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"VpcId": {
"Ref": "VPC"
},
"GroupDescription": "Enable HTTP access via port 80",
"SecurityGroupIngress": [
{
"IpProtocol": "tcp",
"FromPort": "80",
"ToPort": "80",
"CidrIp": "0.0.0.0/0"
},
{
"IpProtocol": "tcp",
"FromPort": "80",
"ToPort": "80",
"CidrIp": "0.0.0.0/0"
},
{
"IpProtocol": "tcp",
"FromPort": "22",
"ToPort": "22",
"CidrIp": "0.0.0.0/0"
},
{
"IpProtocol": "icmp",
"FromPort": "-1",
"ToPort": "-1",
"CidrIp": "0.0.0.0/0"
}
]
}
}
},
"Outputs": {
"BigIpManagementIp": {
"Value": {
"Fn::Join": [
"",
[
"https://",
{
"Fn::GetAtt": [
"BigIpInstance",
"PublicIp"
]
}
]
]
},
"Description": "BigIP Management GUI"
},
"PublicVIP": {
"Value": {
"Fn::Join": [
"",
[
"http://",
{
"Ref": "VIPIPAddress"
},
":80"
]
]
}
},
"InternalInterfacePrivateIp": {
"Description": "Internally routable IP of internal interface on BIG-IP",
"Value": {
"Fn::Join": [
"", ["",
{
"Fn::GetAtt": [
"InternalInterface",
"PrimaryPrivateIpAddress"
]
}
]]
}
},
"ExternalInterfacePrivateIp": {
"Description": "Internally routable IP of external interface on BIG-IP",
"Value": {
"Fn::Join": [
"", ["",
{
"Fn::GetAtt": [
"ExternalInterface",
"PrimaryPrivateIpAddress"
]
}
]]
}
}
}
}Tested this on version:
11.6Published Jun 18, 2015
Version 1.0