Displaying present location in the site.
June 23rd, 2021
AWS CloudFormation (hereinafter called CloudFormation) is a service for automating the configuration of AWS resources.
Using CloudFormation allows you to collectively create, update, and delete various types of AWS resources such as VPC or EC2.
This time, we tried HA cluster configuration in AWS partially automated with CloudFormation.
And besides, cooperating with Ainsible enables the automation of the installation of EXPRESSCLUSTER and the setting of HA clusters.
For more information, refer to the previously introduced Article.
- * EXPRESSCLUSTER is a brand name for overseas sales while CLUSTERPRO is that for the sales in Japan.
1. What is CloudFormation?
CloudFormation is the service for automating the configuration of AWS resources (e.g. VPC, EC2).
AWS resources can be created by manipulating a lot of screens and input forms in the management console. However, this requires manual operation each time, causing increased work time and misconfiguration.
With CloudFormation, simply uploading blueprints called templates allows you to configure AWS resources.
CloudFormation, while it requires the creation of templates and its maintenance, enables different environments to be configured in a programmable manner, more speedily and accurately than manual operation, thus minimizing work costs and mistakes.
Such a programmable approach, called IaC (Infrastructure as Code), has recently been emerging in the infrastructure field.
In this section, the terms used for CloudFormation are briefly explained.
A CloudFormation template is a JSON or YAML formatted text file.
CloudFormation uses these templates as blueprints for creating your AWS resources.
In a template, you can describe AWS resource information, such as the instance type and the AMI ID, which CloudFormation uses to create AWS resources.
AWS resources created with CloudFormation are managed as a single unit called a stack.
Creating, updating, and deleting stacks enables a collection of resources to be created, updated, and deleted.
You can work with stacks by using the management console or AWS CLI.
Using parameters enable you to input any values in your template each time you create or update a stack.
You can specify Type(DataType), Default, MaxValue, MinValue, or other data in your template as properties for advanced settings.
2. HA Cluster Configureation
In this article, we configure an HA Cluster based on VIP control in the AWS environment in the N. Virginia region.
The following diagram shows the HA cluster configuration:
Of the resources shown in the diagram above, only those automatically configured by using CloudFormation is shown as below:
The following, which are not indicated in the figures above, are also automatically configured in this article:
- Routes for each type of instances (client for operation, active server, and standby server) to communicate with each other.
- Routes to a NAT instance necessary for the active server and the standby server to access the Internet.
- Routes to a virtual IP address to be set for AWS virtual IP resources.
- Client for operation
- －Setting for permitting a remote desktop access via the Internet
- Active server and standby server
- －Setting for permitting an access from a client for operation
- －Setting for permitting EXPRESSCLUSTER to communicate between the active server and the standby server
The settings above correspond to "HA Cluster Configuration Guide for Amazon Web Services" -> "Constructing an HA cluster based on VIP control" -> "Configuring the VPC Environment".
For security groups, those given above are examples. Set security groups according to your company's policies or others as appropriate.
3. HA Cluster Configureation Procedure
With CloudFormation templates, the procedure of configuring HA cluster based on VIP control, as explained above, is described.
3.1 Obtaining a Template
Download the template file (expresscluster_2node_vip.yaml) from the link below:
- * As this template file is assumed to be used in the N. Virginia region, it is recommended that the following procedures be performed in the N. Virginia region.
- * This template file is for use with Windows and Linux. If another OS is intended, specify the corresponding parameters in the AMI when creating a stack.
3.2 Creating a Stack
Create a stack with the downloaded template file.
- * The screens below are as of the date when this article was written and may be different from those as of now.
1. Display CloudFormation in the management console.
2. Select With new resources (standard) from the Create stack button.
3. The Step 1 Specify template screen appears.
After uploading, click the Next button to continue.
4. The Step 2 Specify stack details screen appears.
|An AMI ID for an instance which activates on EC2 as the active server.
* Select the AMI which can be used with your OS.
|An AMI ID for an instance which activates on EC2 as the standby server.
* Select the AMI which can be used with your OS.
* Normally, the same AMI ID as that for the active server is set.
|An AMI ID for an instance which activates on EC2 as a client for operation.
* Specify the AMI for Windows.
(This template file is assumed for use with Windows.)
|An IP address of a machine connected to a client for operation via RDP, in CIDR notation.
E.g., 10.0.0.10/32, 10.0.0.0/24.
|An instance type for the active server.
|An instance type for the standby server.
|An instance type for a client for operation.
|A name for a key pair used for logging in to each EC2 instance.
|A suffix included in a name tag (i.e., a retrieval tag) given to each AWS resource.
|An OS (Windows or Linux) used for the active server and the standby server.
5. The Step 3 Configure stack options screen appears.
6. The last step, the Step 4 Review screen is displayed.
7. Now the stack starts to be created.
You may come across an error showing Not authorized for images: [ami-XXXXXXXXXXXXXXXXX] as below:
This may be due to no AMI ID. Search for an existing AMI ID and specify it.
You can search your AMI in the EC2 instance creation screen as below:
3.4 Server Configuration and HA Cluster Configuration
After the creation of the stack is completed, log in to the client for operation to configure an HA cluster and check its operation.
For information on the subsequent procedures, see the following guide:
Some of the data such as an IP address, VIP address, VPC ID, and ENI ID, to be used for configuring an HA cluster, can be confirmed from the Outputs tab in the management screen.
4. After Creating Stacks
The following are some considerations after creating a stack.
Updating resources after creating stacks
When you need to make changes (e.g. addition, updates, and deletion) to AWS resources created using a stack, Modify the template file and Re-upload are recommended instead of making direct operation on the management console.
This is because, CloudFormation controls AWS resources, which was created by using stacks, only by manipulating those stacks. Making any changes on the management console produces inconsistencies between the current status and its updates, which can cause an error.
For example, after creating a stack, Stack-A, if a new resource, Resource-A associated with the Stack-A is added on the management console, the deletion of the Stack-A may fail, showing DELETE_FAILED.
You can delete a stack in the CloudFormation management screen:
The DELETE_COMPLETE status indicates that the deletion of the stack is completed.
If the status shows DELETE_FAILED, check more details in the management screen to take a necessary action.
We have partially automated the configuration of an HA cluster with CloudFormation.
This time, only the creation of AWS resources has been automated, which could be completed in a shorter time than that with conventional manual operation.
Automatic configuration with CloudFormation can save time and effort, and reduce mistakes, caused by manual operation, even if its template needs to be created and maintained.
If you consider introducing the configuration described in this article, you can perform a validation with the trial module of EXPRESSCLUSTER. Please do not hesitate to contact us if you have any questions.