Add aarch64 ASG

PRX · Jan 7, 2025 · 72dab80 · 72dab80
1 parent e3a25e8
commit 72dab80
Show file tree

Hide file tree

Showing 3 changed files with 499 additions and 6 deletions.
diff --git a/spire/templates/dashboards.yml b/spire/templates/dashboards.yml
@@ -19,7 +19,8 @@ Parameters:
   SharedVpcId: { Type: AWS::EC2::VPC::Id }
   SharedVpcCidrBlock: { Type: String }
 
-  SharedEcsAsgName: { Type: String }
+  SharedEcsAsgX86Name: { Type: String }
+  SharedEcsAsgAarch64Name: { Type: String }
 
   SharedAlbArn: { Type: String }
   SharedAlbName: { Type: String }
@@ -102,7 +103,7 @@ Resources:
                     "x": 0,
                     "type": "text",
                     "properties": {
-                        "markdown": "\n# AWS Console\n\n- [CloudFormation root stack](https://${AWS::Region}.console.aws.amazon.com/cloudformation/home?region=${AWS::Region}#/stacks/stackinfo?stackId=${RootStackId})\n- [Stack resource group](https://${AWS::Region}.console.aws.amazon.com/resource-groups/group/${StackResourceGroupName}?region=${AWS::Region}) | [Logs](https://${AWS::Region}.console.aws.amazon.com/resource-groups/group/${StackLogGroupsGroupName}?region=${AWS::Region})\n- [ECS Cluster](https://${AWS::Region}.console.aws.amazon.com/ecs/v2/clusters/${SharedEcsClusterName}/services?region=${AWS::Region})\n- [Shared VPC](https://${AWS::Region}.console.aws.amazon.com/vpcconsole/home?region=${AWS::Region}#VpcDetails:VpcId=${SharedVpcId}) | [Subnets](https://${AWS::Region}.console.aws.amazon.com/vpc/home?region=${AWS::Region}#subnets:vpcId=${SharedVpcId};sort=tag:Name) | [NACLs](https://${AWS::Region}.console.aws.amazon.com/vpc/home?region=${AWS::Region}#acls:vpcId=${SharedVpcId};sort=tag:Name) | [Peering](https://${AWS::Region}.console.aws.amazon.com/vpc/home?region=${AWS::Region}#PeeringConnections:search=${SharedVpcId})\n- [ENIs](https://${AWS::Region}.console.aws.amazon.com/ec2/v2/home?region=${AWS::Region}#NIC:vpcId=${SharedVpcId})\n- [Security groups](https://${AWS::Region}.console.aws.amazon.com/vpc/home?region=${AWS::Region}#securityGroups:search=${SharedVpcId})\n- [Shared VPC Flow Logs Insights](https://${AWS::Region}.cconsole.aws.amazon.com/cloudwatch/home?region=${AWS::Region}#logsV2:logs-insights$3FqueryDetail$3D$257E$2528end$257E0$257Estart$257E-1800$257EtimeType$257E$2527RELATIVE$257Eunit$257E$2527seconds$257EeditorString$257E$2527fields*20*40timestamp*2c*20action*2c*20interfaceId*2c*20srcAddr*2c*20srcPort*2c*20dstAddr*2c*20dstPort*0a*7c*20sort*20*40timestamp*20desc*0a*7c*20limit*20500$257EisLiveTail$257Efalse$257EqueryId$257E$252738782a19-012d-4a8b-bda2-202bec5ce7e1$257Esource$257E$2528$257E$2527${SharedVpcFlowLogsLogGroupName}$2529$2529)\n- [EC2 Instances](https:/${AWS::Region}.cconsole.aws.amazon.com/ec2/v2/home?region=${AWS::Region}#Instances:instanceState=running;search=${SharedVpcId};sort=launchTime) | [Shared ASG](https://${AWS::Region}.console.aws.amazon.com/ec2/home?region=${AWS::Region}#AutoScalingGroupDetails:id=${SharedEcsAsgName};view=details) | [Shared ALB](https://${AWS::Region}.console.aws.amazon.com/ec2/home?region=${AWS::Region}#LoadBalancer:loadBalancerArn=${SharedAlbArn};tab=listeners)\n- [Dovetail ALB](https://${AWS::Region}.console.aws.amazon.com/ec2/home?region=${AWS::Region}#LoadBalancer:loadBalancerArn=${DovetailAlbArn};tab=listeners) | [Exchange FTP NLB](https://${AWS::Region}.console.aws.amazon.com/ec2/home?region=${AWS::Region}#LoadBalancer:loadBalancerArn=${ExchangeFtpServerNlbArn};tab=listeners)\n- [Shared Memcached](https://${AWS::Region}.console.aws.amazon.com/elasticache/home?region=${AWS::Region}#/memcached/${SharedMemcachedCacheName}) | [App Cache Redis](https://${AWS::Region}.console.aws.amazon.com/elasticache/home?region=${AWS::Region}#/redis/${SharedAppRedisCacheName})\n- [Dovetail Redis](https://${AWS::Region}.console.aws.amazon.com/elasticache/home?region=${AWS::Region}#/redis/${DovetailRedisReplicationGroupName})\n- [CMS Elasticsearch Service](https://${AWS::Region}.console.aws.amazon.com/aos/home?region=${AWS::Region}#opensearch/domains/${CmsElasticsearchDomainName})\n- [Castle PostgreSQL](https://${AWS::Region}.console.aws.amazon.com/rds/home?region=${AWS::Region}#database:id=${CastlePostgresInstanceId};is-cluster=false)\n"
+                        "markdown": "\n# AWS Console\n\n- [CloudFormation root stack](https://${AWS::Region}.console.aws.amazon.com/cloudformation/home?region=${AWS::Region}#/stacks/stackinfo?stackId=${RootStackId})\n- [Stack resource group](https://${AWS::Region}.console.aws.amazon.com/resource-groups/group/${StackResourceGroupName}?region=${AWS::Region}) | [Logs](https://${AWS::Region}.console.aws.amazon.com/resource-groups/group/${StackLogGroupsGroupName}?region=${AWS::Region})\n- [ECS Cluster](https://${AWS::Region}.console.aws.amazon.com/ecs/v2/clusters/${SharedEcsClusterName}/services?region=${AWS::Region})\n- [Shared VPC](https://${AWS::Region}.console.aws.amazon.com/vpcconsole/home?region=${AWS::Region}#VpcDetails:VpcId=${SharedVpcId}) | [Subnets](https://${AWS::Region}.console.aws.amazon.com/vpc/home?region=${AWS::Region}#subnets:vpcId=${SharedVpcId};sort=tag:Name) | [NACLs](https://${AWS::Region}.console.aws.amazon.com/vpc/home?region=${AWS::Region}#acls:vpcId=${SharedVpcId};sort=tag:Name) | [Peering](https://${AWS::Region}.console.aws.amazon.com/vpc/home?region=${AWS::Region}#PeeringConnections:search=${SharedVpcId})\n- [ENIs](https://${AWS::Region}.console.aws.amazon.com/ec2/v2/home?region=${AWS::Region}#NIC:vpcId=${SharedVpcId})\n- [Security groups](https://${AWS::Region}.console.aws.amazon.com/vpc/home?region=${AWS::Region}#securityGroups:search=${SharedVpcId})\n- [Shared VPC Flow Logs Insights](https://${AWS::Region}.cconsole.aws.amazon.com/cloudwatch/home?region=${AWS::Region}#logsV2:logs-insights$3FqueryDetail$3D$257E$2528end$257E0$257Estart$257E-1800$257EtimeType$257E$2527RELATIVE$257Eunit$257E$2527seconds$257EeditorString$257E$2527fields*20*40timestamp*2c*20action*2c*20interfaceId*2c*20srcAddr*2c*20srcPort*2c*20dstAddr*2c*20dstPort*0a*7c*20sort*20*40timestamp*20desc*0a*7c*20limit*20500$257EisLiveTail$257Efalse$257EqueryId$257E$252738782a19-012d-4a8b-bda2-202bec5ce7e1$257Esource$257E$2528$257E$2527${SharedVpcFlowLogsLogGroupName}$2529$2529)\n- [EC2 Instances](https:/${AWS::Region}.cconsole.aws.amazon.com/ec2/v2/home?region=${AWS::Region}#Instances:instanceState=running;search=${SharedVpcId};sort=launchTime) | Shared ASG [X86](https://${AWS::Region}.console.aws.amazon.com/ec2/home?region=${AWS::Region}#AutoScalingGroupDetails:id=${SharedEcsAsgX86Name};view=details) [ARM](https://${AWS::Region}.console.aws.amazon.com/ec2/home?region=${AWS::Region}#AutoScalingGroupDetails:id=${SharedEcsAsgAarch64Name};view=details) | [Shared ALB](https://${AWS::Region}.console.aws.amazon.com/ec2/home?region=${AWS::Region}#LoadBalancer:loadBalancerArn=${SharedAlbArn};tab=listeners)\n- [Dovetail ALB](https://${AWS::Region}.console.aws.amazon.com/ec2/home?region=${AWS::Region}#LoadBalancer:loadBalancerArn=${DovetailAlbArn};tab=listeners) | [Exchange FTP NLB](https://${AWS::Region}.console.aws.amazon.com/ec2/home?region=${AWS::Region}#LoadBalancer:loadBalancerArn=${ExchangeFtpServerNlbArn};tab=listeners)\n- [Shared Memcached](https://${AWS::Region}.console.aws.amazon.com/elasticache/home?region=${AWS::Region}#/memcached/${SharedMemcachedCacheName}) | [App Cache Redis](https://${AWS::Region}.console.aws.amazon.com/elasticache/home?region=${AWS::Region}#/redis/${SharedAppRedisCacheName})\n- [Dovetail Redis](https://${AWS::Region}.console.aws.amazon.com/elasticache/home?region=${AWS::Region}#/redis/${DovetailRedisReplicationGroupName})\n- [CMS Elasticsearch Service](https://${AWS::Region}.console.aws.amazon.com/aos/home?region=${AWS::Region}#opensearch/domains/${CmsElasticsearchDomainName})\n- [Castle PostgreSQL](https://${AWS::Region}.console.aws.amazon.com/rds/home?region=${AWS::Region}#database:id=${CastlePostgresInstanceId};is-cluster=false)\n"
                     }
                 },
                 {
@@ -123,8 +124,10 @@ Resources:
                     "height": 3,
                     "properties": {
                         "metrics": [
-                            [ "AWS/AutoScaling", "GroupDesiredCapacity", "AutoScalingGroupName", "${SharedEcsAsgName}", { "label": "Desired Capacity" } ],
-                            [ "AWS/AutoScaling", "GroupInServiceInstances", "AutoScalingGroupName", "${SharedEcsAsgName}", { "label": "In Service Instances" } ]
+                            [ "AWS/AutoScaling", "GroupDesiredCapacity", "AutoScalingGroupName", "${SharedEcsAsgX86Name}", { "label": "x86-64 Desired Capacity" } ],
+                            [ "AWS/AutoScaling", "GroupInServiceInstances", "AutoScalingGroupName", "${SharedEcsAsgX86Name}", { "label": "x86-64 In Service Instances" } ],
+                            [ "AWS/AutoScaling", "GroupDesiredCapacity", "AutoScalingGroupName", "${SharedEcsAsgAarch64Name}", { "label": "aarch64 Desired Capacity" } ],
+                            [ "AWS/AutoScaling", "GroupInServiceInstances", "AutoScalingGroupName", "${SharedEcsAsgAarch64Name}", { "label": "aarch64 In Service Instances" } ]
                         ],
                         "view": "timeSeries",
                         "stacked": false,

diff --git a/spire/templates/root.yml b/spire/templates/root.yml
@@ -390,7 +390,7 @@ Resources:
       TemplateURL: !Sub ${TemplateUrlBase}/spire/templates/shared-ecs/asg-sg.yml
       TimeoutInMinutes: 20
   # Requires VPC, ALB, and more
-  SharedEcsAsgStack:
+  SharedEcsAsgStack: # This is the x86-64 ASG
     Type: AWS::CloudFormation::Stack
     DeletionPolicy: Delete
     UpdateReplacePolicy: Delete
@@ -427,6 +427,43 @@ Resources:
         - { Key: prx:dev:application, Value: Common }
       TemplateURL: !Sub ${TemplateUrlBase}/spire/templates/shared-ecs/asg-x86-64.yml
       TimeoutInMinutes: 1440
+  SharedEcsAsgAarch64Stack:
+    Type: AWS::CloudFormation::Stack
+    DeletionPolicy: Delete
+    UpdateReplacePolicy: Delete
+    Properties:
+      Parameters:
+        EnvironmentType: !Ref EnvironmentType
+        RegionMode: !FindInMap [RegionModeMap, !Ref "AWS::Region", !Ref EnvironmentType]
+        RootStackName: !Ref AWS::StackName
+        RootStackId: !Ref AWS::StackName
+        NestedChangeSetScrubbingResourcesState: !Ref NestedChangeSetScrubbingResourcesState
+        AuthorizedKeys: !Join [",", !Ref AuthorizedKeys]
+        VpcPublicSubnet1Id: !GetAtt SharedVpcStack.Outputs.PublicSubnet1Id
+        VpcPublicSubnet2Id: !GetAtt SharedVpcStack.Outputs.PublicSubnet2Id
+        VpcPublicSubnet3Id: !GetAtt SharedVpcStack.Outputs.PublicSubnet3Id
+        EcsClusterName: !GetAtt SharedEcsClusterStack.Outputs.EcsClusterName
+        SharedEcsAsgInstanceSecurityGroupId: !GetAtt SharedEcsAsgSecurityGroupStack.Outputs.InstanceSecurityGroupId
+        LoadBalancerSecurityGroupId: !GetAtt SharedAlbStack.Outputs.LoadBalancerSecurityGroupId
+        SharedMysqlClientSecurityGroupId: !GetAtt SharedDatabaseSecurityGroupsStack.Outputs.SharedMysqlClientSecurityGroupId
+        SharedPostgresqlClientSecurityGroupId: !GetAtt SharedDatabaseSecurityGroupsStack.Outputs.SharedPostgresqlClientSecurityGroupId
+        SharedRedisClientSecurityGroupId: !GetAtt SharedRedisSecurityGroupStack.Outputs.ClientSecurityGroupId
+        SharedClickhouseClientSecurityGroupId: !GetAtt SharedClickhouseSecurityGroupStack.Outputs.ClientSecurityGroupId
+        EcsLaunchEndpointsAccessSecurityGroupId: !GetAtt SharedVpcStack.Outputs.EcsLaunchEndpointsAccessSecurityGroupId
+        KmsEndpointAccessSecurityGroupId: !GetAtt SharedVpcStack.Outputs.KmsEndpointAccessSecurityGroupId
+        StsEndpointAccessSecurityGroupId: !GetAtt SharedVpcStack.Outputs.StsEndpointAccessSecurityGroupId
+        SharedRedisReplicationGroupEndpointAddress: !GetAtt SharedRedisStack.Outputs.ReplicationGroupEndpointAddress
+        SharedRedisReplicationGroupEndpointPort: !GetAtt SharedRedisStack.Outputs.ReplicationGroupEndpointPort
+      Tags:
+        - { Key: prx:meta:tagging-version, Value: "2021-04-07" }
+        - { Key: prx:cloudformation:stack-name, Value: !Ref AWS::StackName }
+        - { Key: prx:cloudformation:stack-id, Value: !Ref AWS::StackId }
+        - { Key: prx:cloudformation:root-stack-name, Value: !Ref AWS::StackName }
+        - { Key: prx:cloudformation:root-stack-id, Value: !Ref AWS::StackId }
+        - { Key: prx:ops:environment, Value: !Ref EnvironmentType }
+        - { Key: prx:dev:application, Value: Common }
+      TemplateURL: !Sub ${TemplateUrlBase}/spire/templates/shared-ecs/asg-aarch64.yml
+      TimeoutInMinutes: 1440
 
   # # Requires database and ECS/ASG security groups
   # EicEndpoints:
@@ -990,7 +1027,8 @@ Resources:
         SharedVpcId: !GetAtt SharedVpcStack.Outputs.VpcId
         SharedVpcCidrBlock: !GetAtt SharedVpcStack.Outputs.VpcCidrBlock
 
-        SharedEcsAsgName: !GetAtt SharedEcsAsgStack.Outputs.AsgName
+        SharedEcsAsgX86Name: !GetAtt SharedEcsAsgStack.Outputs.AsgName
+        SharedEcsAsgAarch64Name: !GetAtt SharedEcsAsgAarch64Stack.Outputs.AsgName
 
         SharedAlbArn: !GetAtt SharedAlbStack.Outputs.AlbArn
         SharedAlbName: !GetAtt SharedAlbStack.Outputs.AlbName