Join Brian Eiler for an in-depth discussion in this video Explore CloudFormation, part of Amazon Web Services: Implementing and Troubleshooting PaaS Products.
- [Instructor] In this demonstration, we're going to explore CloudFormation and see just how it could be used to deploy different types of configurations within AWS. To start, we've logged into the AWS console. Now, we need to go to CloudFormation. We can see it underneath the Management Tools. CloudFormation gives us the ability to deploy different templates of configurations that then result in something we call a stack. These different stacks can then be updated or even grouped together into things like StackSets to allow us to quickly provision different environments or perhaps different application configurations.
In this case, we haven't created any sort of stacks. We have nothing listed here. And we also have not yet deployed any templates. So to show you a little bit about how this works, the first thing I'm going to do is actually click on the Create New Stack interface so that you can see where these templates appear. So let's go to Create New Stack. And now, what it's asking us to do is deploy a group of resources. This would be perhaps compute resources, databases, S3 buckets, a whole variety of things.
But we have the choice, at this point, to either use the design template viewer, where we can actually customize a layout ourselves, or we can base our design on a sample template or even use a template that we've already created. So for instance, I could say, use a sample template. And in here, we have a number of different samples, which we're going to explore in more detail in a moment. But notice that we have things that include single instances, meaning it's one EC2 instance, maybe a database, sometimes locally, sometimes it's a connection to an RDS system.
Other times, we have these multi-availability zone configurations and we're going to look to see what those mean. Now that we've seen where the templates are used, let's go to the Design Template view in order to create a new one. This is the designer and you can think of this as sort of a blueprint of sorts. It gives us the ability to drag resources into this grid view and then set different parameters about them. So for example, I could go in and underneath of the Resource Types on the left, I could select something like an EC2 instance and from here, I can see different components.
So we have instance and I could drag this out. Now, notice that there are all sorts of colorful dots that surround this instance and each one of these, as I move my mouse over it, changes. So we have different properties. Some of these are dependencies, some of them are properties that will relate to, in this case, a security group id. And then there's also the ability to change the name of the instance itself. Now, this is a nice interface that it helps me figure out that there are certain properties, but what is it actually doing? Let's take a look at the bottom part.
As soon as I started dropping things into this, so if I were to go in and drop, say, an Elastic IP as well, so now, here's my EIP, notice it doesn't have quite as many little colorful dots around it. There is one that still says, DependsOn and then there are two properties, the instance id, as well as the EIPAssociation. Now, looking at some of these others, you can see some commonality here. We still have the DependsOn over on the instance. And every time I add something to this particular template, we're going to see behavior like this.
So I could drop in a NatGateway and once again, similar behavior. Properties show up as little colorful dots and we have a little pink or purplish colored DependsOn icon as well. So for example, if I knew for a fact that the NatGateway had to be created before the instance was created, I could drag the DependsOn functionality from our EC2 instance and I could attach it to the NatGateway. And it essentially now says that I have to create the NatGateway before I can create the EC2 instance.
The rationale is that there may be things like database servers or other application servers that do need to be completely deployed and ready to go before you can deploy a different system. Maybe there's even, well, dependencies on the networking side, not just within your application. Now, let's take a look at some of the components that have just occurred within this template. If you notice the lower half of the screen, it's broken into things like parameters, mappings, conditions, metadata, and output.
These are the different sections that appear within the templates that are created by CloudFormation. To get a better view of this, if we look down at the lower left, we'll see where it says Components. Let's click on Template. Once I do this, it's going to show me what the name of my template is. In this case, it's still listed as new.template, so I'd need to give it a new name. So let's just call this one Brian-test-1.
Now, this makes the screen a little bit more readable from a human's perspective. But it all depends on your background. Some people can really parse JSON files very quickly in their head. Whatever's most convenient. It does not impact the functionality of the template. So now, if we look at this template, I can start collapsing the different sections over on the left. And we can see we have a metadata section and a resources section. Now, I also have a Components tab still. And if we follow this, that means that if we look back at what we were working with, I had that metadata and a resources section and that kind of corresponds to what we see over here.
I've got metadata, I've got different components. And if I were to click on these objects, I'll be able to get deeper information into those resources. Now, we don't see a resources tab and that's because resources are the things that I've dropped on the map out here and will be listed under an entire section called Resources. So if I open this up and then expand out what this does, as I scroll back up and collapse these, all we're really doing is just moving to different locations within the same template.
Right now, it's about 51 lines. So this is just a direct correlation. If I change anything in either of these tabs, they're all affecting the same thing. It's all one big template file. This whole view is really just designed to make things a little easier to find different sections. So what is it that we're looking for? We need to make changes to things like what's the name going to be, what are some of the different connections that these guys might have? But what I've just put up on the screen may not seem all that intuitive, because it's, really, was just a sample.
Let's go look at a better sample. If we go up into the top, we have the ability to make a new template. But let's just take a look at the samples. I'm going to pick on, say, a LAMP Single Instance. So we'll tell it I want to look to see what this appears to be. It wipes out my previous one, so be careful about that. Anything that we didn't save, you know, this is now a new configuration. It's not adding these web servers to my previous template. It also automatically switched back to JSON format. If I want to read this better, I can click on the YAML format.
And now, inside of this template, there's a whole lot more information, because somebody has typed this in. They've completed a section on the description. They've also entered in information on parameters, mappings, resources, and we can see that whole section here, followed by the outputs that will come up on the screen. And it's about 710 lines. If I want to break this down further, open up Components and I can now start piecing together what was going on inside of this template, including the outputs.
One important component about the templates is that I can prompt the user for different pieces of information when the template is being kicked off. Like, for example, I don't know what the name of the server's going to be. I don't know what the password's going to be for the database or its name. But I can prompt the user, whosever going to be deploying from this template, to key in this information at the time that the template is run. And for this, these are all of the little parameters that pop up once I kick off a create, which we'll show in another demo.
- Creating an IAM user, group, and role
- Using the IAM policy simulator
- IAM best practices
- Components of CloudFormation
- Benefits of Elastic Beanstalk
- Working with OpsWorks
- OpsWorks for Chef Automate and Puppet Enterprise