Example CloudFormation template for Amazon VPC

The following CloudFormation template can be used to launch a highly available ArcGIS Server stack in Amazon Virtual Private Cloud (VPC). See AWS Cloud Formation and high availability with ArcGIS Server.

Copy this code, paste it into a text file, and adapt it to your needs. Then browse to the text file when you create your ArcGIS Server stack with CloudFormation.

In this topic:

Template code

{	"AWSTemplateFormatVersion": "2010-09-09",

	"Description": "CloudFormation template to launch a highly available ArcGIS Server stack in Amazon VPC",

	"Parameters" : {
		"AMI" : {
			"Description" : "Your ArcGIS Server AMI ID.",
			"Type" : "String"
		},
		"VpcId" : {
			"Type" : "String",
			"Description" : "VpcId of your existing Virtual Private Cloud (VPC).",
			"Default" : "vpc-4adfc123"
		},
		"Subnets" : {
			"Type" : "CommaDelimitedList",
			"Default" : "subnet-8ec5b8e6,subnet-1edcc277",
			"Description" : "The list of SubnetIds where the stack will be launched"
		},
	    "AZs" : {
		"Type" : "CommaDelimitedList",
		"Default" : "us-west-2b,us-west-2c",
		"Description" : "The list of AvailabilityZones for your Virtual Private Cloud (VPC). It needs to be consistent with the AZ of your subnets."
		},
		"InstanceType" : {
			"Description" : "Type of EC2 instance to launch.",
			"Type" : "String",
			"Default" : "m1.medium",
			"AllowedValues" : [ "m1.medium","m1.large","m1.xlarge","m2.xlarge","m2.2xlarge","m2.4xlarge","m3.xlarge","m3.2xlarge","c1.xlarge","cc2.8xlarge","cg1.4xlarge", "cr1.8xlarge","hi1.4xlarge","hs1.8xlarge"],
			"ConstraintDescription" : "must be a valid EC2 instance type."			
		},
		"KeyName" : {
			"Description" : "The EC2 Key Pair to allow Remote Desktop access or SSH to the instances.",
			"Type" : "String",
			"Default" : "Your_KeyPair_Name"
		},
		"MinSize" : {
			"Description" : "Minimum number of EC2 instances.",
			"Type" : "Number",
			"Default" : "2"
		},
		"MaxSize" : {
			"Description" : "Maximum number of EC2 instances.",
			"Type" : "Number",
			"Default" : "4"
		}
	},

	"Resources": {
		
		"LoadBalancerSecurityGroup": {
			"Type": "AWS::EC2::SecurityGroup",
			"Properties": {
				"GroupDescription": "Enable HTTP access on port 80 and 443.",
				"VpcId" : { "Ref" : "VpcId" },
				"SecurityGroupIngress": [{
				                        	 "IpProtocol": "tcp",
				                        	 "FromPort": "80" ,
				                        	 "ToPort": "80" ,
				                        	 "CidrIp" : "0.0.0.0/0"
											 },{
 				                        	 "IpProtocol": "tcp",
				                        	 "FromPort": "443" ,
				                        	 "ToPort": "443" ,
                                             "CidrIp" : "0.0.0.0/0"
				                         }],
		        "SecurityGroupEgress" : [{
											 "IpProtocol" : "tcp",
											 "FromPort" : "6080",
											 "ToPort" : "6080",
											 "CidrIp" : "0.0.0.0/0"
											 },{
				                        	 "IpProtocol": "tcp",
				                        	 "FromPort": "6443" ,
				                        	 "ToPort": "6443" ,
				                        	 "CidrIp" : "0.0.0.0/0"
				                         }]
						  }
			},
		"ELB" : {
			"Type" : "AWS::ElasticLoadBalancing::LoadBalancer",
			"Properties" : {
				"Subnets" : { "Ref" : "Subnets" },
				"SecurityGroups" : [ { "Ref" : "LoadBalancerSecurityGroup" } ],				
				"Listeners" : [ {
					"LoadBalancerPort" : "80",
					"InstancePort" : "6080" ,
					"Protocol" : "HTTP"
				}],
				"HealthCheck" : {
					"Target" : "HTTP:6080/arcgis/rest/info/healthcheck",
					"HealthyThreshold" : "3",
					"UnhealthyThreshold" : "5",
					"Interval" : "30",
					"Timeout" : "5"
				}
			}
		},
		
		"InstanceSecurityGroup": {
			"Type": "AWS::EC2::SecurityGroup",
			"Properties": {
				"GroupDescription": "Enable HTTP access on 6080 and 6443 from ELB.",
				"VpcId" : { "Ref" : "VpcId" },
				"SecurityGroupIngress": [{
				                        	 "IpProtocol": "tcp",
				                        	 "FromPort": "6080" ,
				                        	 "ToPort": "6080" ,
											 "SourceSecurityGroupId": { "Ref" : "LoadBalancerSecurityGroup" }
				                         },{
				                        	 "IpProtocol": "tcp",
				                        	 "FromPort": "6443" ,
				                        	 "ToPort": "6443" ,
				                        	 "SourceSecurityGroupId": { "Ref" : "LoadBalancerSecurityGroup" }
				                         }]
			}
		},
		
		"LaunchConfig": {
			"Type": "AWS::AutoScaling::LaunchConfiguration",
			"Properties": {
				"ImageId": {"Ref" : "AMI"},
				"InstanceType": {"Ref": "InstanceType"},
				"KeyName": {"Ref": "KeyName"},
				"SecurityGroups": [{"Ref": "InstanceSecurityGroup"}],
				"InstanceMonitoring": true
			}
		},
		
		"AutoScalingGroup": {
			"UpdatePolicy" : {
				"AutoScalingRollingUpdate" : {
					"MinInstancesInService" : {"Ref" : "MinSize"},
					"MaxBatchSize" : "3",
					"PauseTime" : "PT15M"
				}
			},
			"Type": "AWS::AutoScaling::AutoScalingGroup",
			"Properties": {
				"AvailabilityZones" : { "Ref" : "AZs" },
				"VPCZoneIdentifier" : { "Ref" : "Subnets" },				
				"Cooldown": "300",
				"MaxSize": {"Ref" : "MaxSize"},
				"MinSize": {"Ref" : "MinSize"},
				"LaunchConfigurationName": {"Ref": "LaunchConfig"},
                "HealthCheckType" : "EC2",
                "HealthCheckGracePeriod" : "3600",
				"LoadBalancerNames": [{"Ref": "ELB"}],
				"Tags": [{"Key": "Name", "Value": {"Ref": "AWS::StackName"}, "PropagateAtLaunch" : true}]
			}
		},

		"ScaleUpPolicy" : {
			"Type" : "AWS::AutoScaling::ScalingPolicy",
			"Properties" : {
				"AdjustmentType" : "ChangeInCapacity",
				"AutoScalingGroupName" : { "Ref" : "AutoScalingGroup" },
				"Cooldown" : "60",
				"ScalingAdjustment" : "1"
			}
		},

		"ScaleDownPolicy" : {
			"Type" : "AWS::AutoScaling::ScalingPolicy",
			"Properties" : {
				"AdjustmentType" : "ChangeInCapacity",
				"AutoScalingGroupName" : { "Ref" : "AutoScalingGroup" },
				"Cooldown" : "60",
				"ScalingAdjustment" : "-1"
			}
		},

		"CPUAlarmHigh": {
			"Type": "AWS::CloudWatch::Alarm",
			"Properties": {
				"AlarmDescription": "Scale-up if CPU > 80% for 10 minutes",
				"MetricName": "CPUUtilization",
				"Namespace": "AWS/EC2",
				"Statistic": "Average",
				"Period": "300",
				"EvaluationPeriods": "2",
				"Threshold": "80",
				"AlarmActions": [ { "Ref": "ScaleUpPolicy" } ],
				"Dimensions": [
				               {
				            	   "Name": "AutoScalingGroupName",
				            	   "Value": { "Ref": "AutoScalingGroup" }
				               }
				               ],
				               "ComparisonOperator": "GreaterThanThreshold"
			}
		},

		"CPUAlarmLow": {
			"Type": "AWS::CloudWatch::Alarm",
			"Properties": {
				"AlarmDescription": "Scale-down if CPU < 20% for 10 minutes",
				"MetricName": "CPUUtilization",
				"Namespace": "AWS/EC2",
				"Statistic": "Average",
				"Period": "300",
				"EvaluationPeriods": "2",
				"Threshold": "20",
				"AlarmActions": [ { "Ref": "ScaleDownPolicy" } ],
				"Dimensions": [
				               {
				            	   "Name": "AutoScalingGroupName",
				            	   "Value": { "Ref": "AutoScalingGroup" }
				               }
				               ],
				               "ComparisonOperator": "LessThanThreshold"
			}
		}
	},

	"Outputs": {
		"RestURL": {
			"Value": {
				"Fn::Join": ["", ["http://", {"Fn::GetAtt": ["ELB", "DNSName" ]}, "/arcgis/rest"]]
			},
			"Description" : "ArcGIS Server REST Services Directory URL"
		}
	}   

}

Parameters in this template

The AMI parameter sets the AMI ID that will be used when launching instances in this stack. You point this at your own customized AMI running ArcGIS Server.

The VPCId parameter is the physical ID of the virtual private cloud that will be used to launch the stack.

The Subnets parameter specifies a comma-delimited list of your VPC subnets where you want to launch the stack. For high availability purposes, you can specify subnets in more than one zone. The instances in your stack will be spread among the zones.

The AZs parameter is a comma-delimited list of the names of the availability zones housing the subnets that you listed.

The InstanceType parameter sets the EC2 instance type that will be used when launching instances in the stack. Set this with caution because it could affect both AWS costs and Esri licensing costs. The costs will be multiplied by the number of instances you launch using your auto scaling groups.

The KeyName is the name of a key pair that will allow you to retrieve the administrator password for your instances. You’ll need to create the key pair file prior to using the template. This option is necessary if you will be connecting to your instances via Remote Desktop or SSH.

The MinSize is the minimum number of instances participating in your stack at any time. This number of instances will immediately be launched when you create your stack. If you keep this value at 2 or more, you protect yourself against ArcGIS Server being unavailable if an instance goes down. CloudFormation will immediately create a second instance if only one is found.

The MaxSize is the maximum number of instances that are allowed to participate in your stack at any time, no matter your auto scaling triggers or instance CPU usage.

Resources in this template

The LoadBalancerSecurityGroup resource determines the access rules for the Elastic Load Balancer, including the ports through which traffic can be received and forwarded.

The ELB resource describes the Elastic Load Balancer (ELB) placed in the stack. The ELB is the point of entry for all web requests to ArcGIS Server. It distributes requests to the available ArcGIS Server instances. You can use properties on the ELB to adjust the load balancer port, the instance port (which could deviate from the default 6080 to be 6443 in the case of an SSL-secured site), and the health check settings.

The InstanceSecurityGroup resource determines the access rules that will be applied to any instances launched into this stack. Notice that you can set ingress rules determining which ports are open to the instances. In this template, the Elastic Load Balancer group is allowed to access the instances on port 6080.

The LaunchConfig resource brings in some of the parameters set by the template user to determine the type of instance to be launched and the AMI to be applied.

The AutoScalingGroup resource sets up rules about when instances will be added and removed from the stack in response to triggers such as CPU usage. This resource also contains an update policy that determines how many instances will be updated at once when you make an update to the AMI. The updates are applied on a rolling basis so that your entire stack is not taken offline by the update. Your MaxBatchSize represents the number of instances updated at once, and should ideally be set lower than your MinSize property for your stack, thereby ensuring that an instance always remains available during an update.

The ScaleUpPolicy resource defines how an instance will be added to the stack in case of heavy load. This is referenced later in the template by the CPUAlarmHigh resource.

The ScaleDownPolicy resource defines how an instance will be removed from the stack in case of a light load. This is referenced later in the template by the CPUAlarmLow resource.

The CPUAlarmHigh resource sets specific parameters for an alarm that will cause an instance to be added to the stack. In this template, an instance is added when CPU usage exceeds 80 percent for 10 minutes.

The CPUAlarmLow resource sets specific parameters for an alarm that will cause an instance to be removed from the stack. In this template, an instance is removed when CPU usage goes below 20 percent for 10 minutes.

Detailed examples of all the JSON properties you can put in a CloudFormation template are available in the section Working With Templates in the AWS documentation.

12/29/2014